void HandleAAOption ( int argc, TCHAR **argv ) { DWORD returnValue; HKEY registryKey; TCHAR appid [256]; TCHAR keyName [256]; if (argc < 4) ShowUsage (TEXT("Invalid number of arguments.")); if (_tcscmp (_tcsupr (argv[3]), TEXT("LIST")) == 0) { if (argc < 4) ShowUsage (TEXT("Invalid number of arguments.")); _tprintf (TEXT("Access permission list for AppID %s:\n\n"), argv[2]); ListAppIDAccessACL (argv[2]); return; } if (_tcscmp (_tcsupr (argv[3]), TEXT("DEFAULT")) == 0) { if (argv [2][0] == '{') wsprintf (appid, TEXT("%s"), argv [2]); else wsprintf (appid, TEXT("{%s}"), argv [2]); wsprintf (keyName, TEXT("APPID\\%s"), appid); returnValue = RegOpenKeyEx (HKEY_CLASSES_ROOT, keyName, 0, KEY_ALL_ACCESS, ®istryKey); if (returnValue != ERROR_SUCCESS && returnValue != ERROR_FILE_NOT_FOUND) Error (TEXT("ERROR: Cannot open AppID registry key."), returnValue); returnValue = RegDeleteValue (registryKey, TEXT("AccessPermission")); if (returnValue != ERROR_SUCCESS && returnValue != ERROR_FILE_NOT_FOUND) Error (TEXT("ERROR: Cannot delete AccessPermission value."), returnValue); RegCloseKey (registryKey); return; } if (argc < 5) ShowUsage (TEXT("Invalid number of arguments.")); if (_tcscmp (_tcsupr (argv [3]), TEXT("SET")) == 0) { if (argc < 6) ShowUsage (TEXT("Invalid number of arguments.")); if (_tcscmp (_tcsupr (argv [5]), TEXT("PERMIT")) == 0) returnValue = ChangeAppIDAccessACL (argv[2], argv [4], TRUE, TRUE); else if (_tcscmp (_tcsupr (argv [5]), TEXT("DENY")) == 0) returnValue = ChangeAppIDAccessACL (argv[2], argv [4], TRUE, FALSE); else { ShowUsage (TEXT("You can only set a user's permissions to \"permit\" or \"deny\".\n\n")); } if (returnValue != ERROR_SUCCESS) Error (TEXT("ERROR: Cannot add user to application access ACL."), returnValue); } else if (_tcscmp (_tcsupr (argv [3]), TEXT("REMOVE")) == 0) { returnValue = ChangeAppIDAccessACL (argv[2], argv[4], FALSE, FALSE); if (returnValue != ERROR_SUCCESS) Error (TEXT("ERROR: Cannot remove user from application access ACL."), returnValue); } else ShowUsage (TEXT("You can only \"set\" or \"remove\" a user.")); }
void HandleApplicationAccessOption ( int cArgs, TCHAR **pptszArgv ) { DWORD dwReturnValue = ERROR_SUCCESS; HKEY hkeyRegistry = NULL; TCHAR tszAppID [SIZE_NAME_BUFFER] = {0}; TCHAR tszKeyName [SIZE_NAME_BUFFER] = {0}; DWORD dwAccessMask = COM_RIGHTS_EXECUTE; if (cArgs < 4) ShowUsage (_T("Invalid number of arguments.")); if (_tcsicmp (pptszArgv[3], _T("LIST")) == 0) { if (cArgs < 4) ShowUsage (_T("Invalid number of arguments.")); _tprintf (_T("Access permission list for AppID %s:\n\n"), pptszArgv[2]); ListAppIDAccessACL (pptszArgv[2]); return; } if (_tcsicmp (pptszArgv[3], _T("DEFAULT")) == 0) { _stprintf_s (tszAppID, RTL_NUMBER_OF(tszAppID), pptszArgv [2][0] == '{' ? _T("%s") : _T("{%s}"), pptszArgv [2]); _stprintf_s (tszKeyName, RTL_NUMBER_OF(tszKeyName), _T("APPID\\%s"), tszAppID); dwReturnValue = RegOpenKeyEx (HKEY_CLASSES_ROOT, tszKeyName, 0, KEY_ALL_ACCESS, &hkeyRegistry); if (dwReturnValue != ERROR_SUCCESS && dwReturnValue != ERROR_FILE_NOT_FOUND) { Error (_T("ERROR: Cannot open AppID registry key."), dwReturnValue); } dwReturnValue = RegDeleteValue (hkeyRegistry, _T("AccessPermission")); if (dwReturnValue != ERROR_SUCCESS && dwReturnValue != ERROR_FILE_NOT_FOUND) { Error (_T("ERROR: Cannot delete AccessPermission value."), dwReturnValue); } if(hkeyRegistry) RegCloseKey (hkeyRegistry); _tprintf (_T("Successfully set the Application Access to the machine default.\n")); return; } if (cArgs < 5) ShowUsage (_T("Invalid number of arguments.")); if (_tcsicmp (pptszArgv [3], _T("SET")) == 0) { if (cArgs < 6) ShowUsage (_T("Invalid number of arguments.")); if(cArgs == 7) { SetAccessMaskFromCommandLine(pptszArgv[6], &dwAccessMask, SDTYPE_APPLICATION_ACCESS); } else if(!IsLegacySecurityModel()) { _tprintf (_T("WARNING: Default access flags designated on a system with an enhanced security model.\n")); } if (_tcsicmp (pptszArgv [5], _T("PERMIT")) == 0) { dwReturnValue = ChangeAppIDAccessACL (pptszArgv[2], pptszArgv [4], TRUE, TRUE, dwAccessMask); } else if (_tcsicmp (pptszArgv [5], _T("DENY")) == 0) { dwReturnValue = ChangeAppIDAccessACL (pptszArgv[2], pptszArgv [4], TRUE, FALSE, dwAccessMask); } else { ShowUsage (_T("You can only set a user's permissions to \"permit\" or \"deny\".\n\n")); } if (dwReturnValue != ERROR_SUCCESS) { Error (_T("ERROR: Cannot add user to application access ACL."), dwReturnValue); } } else if (_tcsicmp (pptszArgv [3], _T("REMOVE")) == 0) { dwReturnValue = ChangeAppIDAccessACL (pptszArgv[2], pptszArgv[4], FALSE, FALSE, dwAccessMask); if (dwReturnValue != ERROR_SUCCESS) { Error (_T("ERROR: Cannot remove user from application access ACL."), dwReturnValue); } } else { ShowUsage (_T("You can only \"set\" or \"remove\" a user.")); } _tprintf (_T("Successfully set the Application Access ACL.\n")); ListAppIDAccessACL(pptszArgv[2]); }