BOOL AfsAppLib_CrackCredentials (UINT_PTR hCreds, LPTSTR pszCell, LPTSTR pszUser, LPSYSTEMTIME pst, ULONG *pStatus)
{
BOOL rc = FALSE;
ULONG status = 0;
UINT_PTR idClient;
if ((idClient = AfsAppLib_GetAdminServerClientID()) != 0)
{
rc = asc_CredentialsCrack (idClient, (PVOID) hCreds, pszCell, pszUser, pst, &status);
}
else
if (OpenClientLibrary())
{
char szUserA[ cchRESOURCE ], szUser2A[ cchRESOURCE ];
char szCellA[ cchRESOURCE ];
unsigned long dateExpire;
int fHasKasToken;
if (afsclient_TokenQuery ((PVOID)hCreds, &dateExpire, szUserA, szUser2A, szCellA, &fHasKasToken, (afs_status_p)&status))
{
rc = TRUE;
CopyAnsiToString (pszUser, szUserA);
CopyAnsiToString (pszCell, szCellA);
AfsAppLib_UnixTimeToSystemTime (pst, dateExpire);
}
CloseClientLibrary();
}
if (!hCreds && pStatus)
*pStatus = status;
return rc;
}
// AfsAdmSvr_CrackCredentials
// ...queries the specified AFS credentials token for its cell, user
// and expiration date.
//
extern "C" int AfsAdmSvr_CrackCredentials (UINT_PTR idClient, UINT_PTR hCreds, STRING pszCell, STRING pszUser, SYSTEMTIME *pstExpiration, ULONG *pStatus)
{
ULONG status;
size_t iOp = AfsAdmSvr_BeginOperation (idClient);
if (!AfsAdmSvr_fIsValidClient (idClient))
return FALSE_(ERROR_INVALID_PARAMETER,pStatus,iOp);
Print (dlDETAIL, TEXT("Client 0x%08lX: CrackCredentials (0x%08lX)"), idClient, hCreds);
unsigned long dateExpirationQuery;
int fHasKasTokenQuery;
char szUser[ cchSTRING ];
char szUser2[ cchSTRING ];
char szCell[ cchSTRING ];
char *pszCellQuery = (pszCell) ? (char *)pszCell : szCell;
char *pszUserQuery = (pszUser) ? (char *)pszUser : szUser;
if (!afsclient_TokenQuery ((PVOID)hCreds, &dateExpirationQuery, pszUserQuery, szUser2, pszCellQuery, &fHasKasTokenQuery, (afs_status_p)&status))
return FALSE_(status, pStatus, iOp);
if (pstExpiration)
AfsAppLib_UnixTimeToSystemTime (pstExpiration, dateExpirationQuery);
AfsAdmSvr_EndOperation (iOp);
return TRUE;
}
BOOL AfsAppLib_IsUserAdmin (UINT_PTR hCreds, LPTSTR pszUser)
{
#ifndef USE_KASERVER
return TRUE;
#else
BOOL rc = FALSE;
afs_status_t status;
UINT_PTR idClient;
if ((idClient = AfsAppLib_GetAdminServerClientID()) != 0)
{
TCHAR szCell[ cchRESOURCE ];
TCHAR szUser[ cchRESOURCE ];
SYSTEMTIME stExpire;
if (asc_CredentialsCrack (idClient, hCreds, szCell, szUser, &stExpire, (ULONG*)&status))
{
ASID idCell;
if (asc_CellOpen (idClient, hCreds, szCell, AFSADMSVR_SCOPE_USERS, &idCell, (ULONG*)&status))
{
ASID idUser;
if (asc_ObjectFind (idClient, idCell, TYPE_USER, pszUser, &idUser, (ULONG*)&status))
{
ASOBJPROP Info;
if (asc_ObjectPropertiesGet (idClient, GET_ALL_DATA, idCell, idUser, &Info, (ULONG*)&status))
{
if (Info.u.UserProperties.fHaveKasInfo)
{
rc = Info.u.UserProperties.KASINFO.fIsAdmin;
}
}
}
asc_CellClose (idClient, idCell, (ULONG*)&status);
}
}
}
else if (OpenClientLibrary())
{
if (OpenKasLibrary())
{
char szUserA[ cchRESOURCE ], szUser2A[ cchRESOURCE ];
char szCellA[ cchRESOURCE ];
unsigned long dateExpire;
int fHasKasToken;
if (afsclient_TokenQuery (hCreds, &dateExpire, szUserA, szUser2A, szCellA, &fHasKasToken, (afs_status_p)&status))
{
PVOID hCell;
if (afsclient_CellOpen (szCellA, hCreds, &hCell, &status))
{
kas_identity_t Identity;
memset (&Identity, 0x00, sizeof(Identity));
CopyStringToAnsi (Identity.principal, pszUser);
kas_principalEntry_t Entry;
if (kas_PrincipalGet (hCell, NULL, &Identity, &Entry, &status))
{
if (Entry.adminSetting == KAS_ADMIN)
rc = TRUE;
}
afsclient_CellClose (hCell, (afs_status_p)&status);
}
}
CloseKasLibrary();
}
CloseClientLibrary();
}
return rc;
#endif /* USE_KASERVER */
}
