win32-file-security 1.0.6 → 1.0.7

data/lib/win32/file/security/constants.rb

@@ -1,149 +1,149 @@
-module Windows
-  module File
-    module Constants
-      SE_DACL_PRESENT            = 4
-      OWNER_SECURITY_INFORMATION = 1
-      GROUP_SECURITY_INFORMATION = 2
-      DACL_SECURITY_INFORMATION  = 4
-      ACCESS_ALLOWED_ACE_TYPE    = 0
-      ERROR_INSUFFICIENT_BUFFER  = 122
-      ACL_REVISION2              = 2
-      ALLOW_ACE_LENGTH           = 62
-      OBJECT_INHERIT_ACE         = 0x1
-      CONTAINER_INHERIT_ACE      = 0x2
-      INHERIT_ONLY_ACE           = 0x8
-      MAXDWORD                   = 0xFFFFFFFF
-      TOKEN_QUERY                = 0x00000008
-      TOKEN_ADJUST_PRIVILEGES    = 0x0020
-
-      ERROR_NOT_SUPPORTED = 50
-      ERROR_NO_SECURITY_ON_OBJECT = 1350
-
-      TokenUser                  = 1
-      TokenGroups                = 2
-
-      SECURITY_DESCRIPTOR_REVISION   = 1
-      SECURITY_DESCRIPTOR_MIN_LENGTH = 20
-
-      SE_KERNEL_OBJECT       = 6
-      SE_FILE_OBJECT         = 1
-      SE_PRIVILEGE_ENABLED   = 0x00000002
-      SE_SECURITY_NAME       = "SeSecurityPrivilege"
-      SE_TAKE_OWNERSHIP_NAME = "SeTakeOwnershipPrivilege"
-      SE_BACKUP_NAME         = "SeBackupPrivilege"
-      SE_RESTORE_NAME        = "SeRestorePrivilege"
-      SE_CHANGE_NOTIFY_NAME  = "SeChangeNotifyPrivilege"
-
-      ## Security Rights
-
-      SYNCHRONIZE                  = 0x100000
-      STANDARD_RIGHTS_REQUIRED     = 0xf0000
-      STANDARD_RIGHTS_READ         = 0x20000
-      STANDARD_RIGHTS_WRITE        = 0x20000
-      STANDARD_RIGHTS_EXECUTE      = 0x20000
-      STANDARD_RIGHTS_ALL          = 0x1F0000
-      SPECIFIC_RIGHTS_ALL          = 0xFFFF
-      ACCESS_SYSTEM_SECURITY       = 0x1000000
-      MAXIMUM_ALLOWED              = 0x2000000
-      GENERIC_READ                 = 0x80000000
-      GENERIC_WRITE                = 0x40000000
-      GENERIC_EXECUTE              = 0x20000000
-      GENERIC_ALL                  = 0x10000000
-      GENERIC_RIGHTS_CHK           = 0xF0000000
-      REST_RIGHTS_MASK             = 0x001FFFFF
-      READ_CONTROL                 = 0x20000
-      WRITE_DAC                    = 0x40000
-      WRITE_OWNER                  = 0x80000
-
-      FILE_READ_DATA               = 1
-      FILE_LIST_DIRECTORY          = 1
-      FILE_WRITE_DATA              = 2
-      FILE_ADD_FILE                = 2
-      FILE_APPEND_DATA             = 4
-      FILE_ADD_SUBDIRECTORY        = 4
-      FILE_CREATE_PIPE_INSTANCE    = 4
-      FILE_READ_EA                 = 8
-      FILE_READ_PROPERTIES         = 8
-      FILE_WRITE_EA                = 16
-      FILE_WRITE_PROPERTIES        = 16
-      FILE_EXECUTE                 = 32
-      FILE_TRAVERSE                = 32
-      FILE_DELETE_CHILD            = 64
-      FILE_READ_ATTRIBUTES         = 128
-      FILE_WRITE_ATTRIBUTES        = 256
-
-      FILE_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x1FF
-
-      FILE_GENERIC_READ =
-         STANDARD_RIGHTS_READ |
-         FILE_READ_DATA |
-         FILE_READ_ATTRIBUTES |
-         FILE_READ_EA |
-         SYNCHRONIZE
-
-      FILE_GENERIC_WRITE =
-         STANDARD_RIGHTS_WRITE |
-         FILE_WRITE_DATA |
-         FILE_WRITE_ATTRIBUTES |
-         FILE_WRITE_EA |
-         FILE_APPEND_DATA |
-         SYNCHRONIZE
-
-      FILE_GENERIC_EXECUTE =
-         STANDARD_RIGHTS_EXECUTE |
-         FILE_READ_ATTRIBUTES |
-         FILE_EXECUTE |
-         SYNCHRONIZE
-
-      FILE_SHARE_READ                = 1
-      FILE_SHARE_WRITE               = 2
-      FILE_SHARE_DELETE              = 4
-      FILE_NOTIFY_CHANGE_FILE_NAME   = 1
-      FILE_NOTIFY_CHANGE_DIR_NAME    = 2
-      FILE_NOTIFY_CHANGE_ATTRIBUTES  = 4
-      FILE_NOTIFY_CHANGE_SIZE        = 8
-      FILE_NOTIFY_CHANGE_LAST_WRITE  = 16
-      FILE_NOTIFY_CHANGE_LAST_ACCESS = 32
-      FILE_NOTIFY_CHANGE_CREATION    = 64
-      FILE_NOTIFY_CHANGE_SECURITY    = 256
-      FILE_CASE_SENSITIVE_SEARCH     = 1
-      FILE_CASE_PRESERVED_NAMES      = 2
-      FILE_UNICODE_ON_DISK           = 4
-      FILE_PERSISTENT_ACLS           = 8
-      FILE_FILE_COMPRESSION          = 16
-      FILE_VOLUME_QUOTAS             = 32
-      FILE_SUPPORTS_SPARSE_FILES     = 64
-      FILE_SUPPORTS_REPARSE_POINTS   = 128
-      FILE_SUPPORTS_REMOTE_STORAGE   = 256
-      FILE_VOLUME_IS_COMPRESSED      = 0x8000
-      FILE_SUPPORTS_OBJECT_IDS       = 0x10000
-      FILE_SUPPORTS_ENCRYPTION       = 0x20000
-
-      FILE_ENCRYPTABLE  = 0
-      FILE_IS_ENCRYPTED = 1
-      FILE_ROOT_DIR     = 3
-      FILE_SYSTEM_ATTR  = 2
-      FILE_SYSTEM_DIR   = 4
-      FILE_UNKNOWN      = 5
-      FILE_SYSTEM_NOT_SUPPORT = 6
-      FILE_READ_ONLY    = 8
-
-      # Read and execute privileges
-      READ = FILE_GENERIC_READ | FILE_EXECUTE
-
-      # Add privileges
-      ADD = 0x001201bf
-
-      # Delete privileges
-      DELETE = 0x00010000
-
-      # Generic write, generic read, execute and delete privileges
-      CHANGE = FILE_GENERIC_WRITE | FILE_GENERIC_READ | FILE_EXECUTE | DELETE
-
-      # Full security rights - read, write, append, execute, and delete.
-      FULL = STANDARD_RIGHTS_ALL | FILE_READ_DATA | FILE_WRITE_DATA |
-        FILE_APPEND_DATA | FILE_READ_EA | FILE_WRITE_EA | FILE_EXECUTE |
-        FILE_DELETE_CHILD | FILE_READ_ATTRIBUTES | FILE_WRITE_ATTRIBUTES
-    end
-  end
-end
+module Windows
+  module File
+    module Constants
+      SE_DACL_PRESENT            = 4
+      OWNER_SECURITY_INFORMATION = 1
+      GROUP_SECURITY_INFORMATION = 2
+      DACL_SECURITY_INFORMATION  = 4
+      ACCESS_ALLOWED_ACE_TYPE    = 0
+      ERROR_INSUFFICIENT_BUFFER  = 122
+      ACL_REVISION2              = 2
+      ALLOW_ACE_LENGTH           = 62
+      OBJECT_INHERIT_ACE         = 0x1
+      CONTAINER_INHERIT_ACE      = 0x2
+      INHERIT_ONLY_ACE           = 0x8
+      MAXDWORD                   = 0xFFFFFFFF
+      TOKEN_QUERY                = 0x00000008
+      TOKEN_ADJUST_PRIVILEGES    = 0x0020
+
+      ERROR_NOT_SUPPORTED = 50
+      ERROR_NO_SECURITY_ON_OBJECT = 1350
+
+      TokenUser                  = 1
+      TokenGroups                = 2
+
+      SECURITY_DESCRIPTOR_REVISION   = 1
+      SECURITY_DESCRIPTOR_MIN_LENGTH = 20
+
+      SE_KERNEL_OBJECT       = 6
+      SE_FILE_OBJECT         = 1
+      SE_PRIVILEGE_ENABLED   = 0x00000002
+      SE_SECURITY_NAME       = "SeSecurityPrivilege"
+      SE_TAKE_OWNERSHIP_NAME = "SeTakeOwnershipPrivilege"
+      SE_BACKUP_NAME         = "SeBackupPrivilege"
+      SE_RESTORE_NAME        = "SeRestorePrivilege"
+      SE_CHANGE_NOTIFY_NAME  = "SeChangeNotifyPrivilege"
+
+      ## Security Rights
+
+      SYNCHRONIZE                  = 0x100000
+      STANDARD_RIGHTS_REQUIRED     = 0xf0000
+      STANDARD_RIGHTS_READ         = 0x20000
+      STANDARD_RIGHTS_WRITE        = 0x20000
+      STANDARD_RIGHTS_EXECUTE      = 0x20000
+      STANDARD_RIGHTS_ALL          = 0x1F0000
+      SPECIFIC_RIGHTS_ALL          = 0xFFFF
+      ACCESS_SYSTEM_SECURITY       = 0x1000000
+      MAXIMUM_ALLOWED              = 0x2000000
+      GENERIC_READ                 = 0x80000000
+      GENERIC_WRITE                = 0x40000000
+      GENERIC_EXECUTE              = 0x20000000
+      GENERIC_ALL                  = 0x10000000
+      GENERIC_RIGHTS_CHK           = 0xF0000000
+      REST_RIGHTS_MASK             = 0x001FFFFF
+      READ_CONTROL                 = 0x20000
+      WRITE_DAC                    = 0x40000
+      WRITE_OWNER                  = 0x80000
+
+      FILE_READ_DATA               = 1
+      FILE_LIST_DIRECTORY          = 1
+      FILE_WRITE_DATA              = 2
+      FILE_ADD_FILE                = 2
+      FILE_APPEND_DATA             = 4
+      FILE_ADD_SUBDIRECTORY        = 4
+      FILE_CREATE_PIPE_INSTANCE    = 4
+      FILE_READ_EA                 = 8
+      FILE_READ_PROPERTIES         = 8
+      FILE_WRITE_EA                = 16
+      FILE_WRITE_PROPERTIES        = 16
+      FILE_EXECUTE                 = 32
+      FILE_TRAVERSE                = 32
+      FILE_DELETE_CHILD            = 64
+      FILE_READ_ATTRIBUTES         = 128
+      FILE_WRITE_ATTRIBUTES        = 256
+
+      FILE_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x1FF
+
+      FILE_GENERIC_READ =
+         STANDARD_RIGHTS_READ |
+         FILE_READ_DATA |
+         FILE_READ_ATTRIBUTES |
+         FILE_READ_EA |
+         SYNCHRONIZE
+
+      FILE_GENERIC_WRITE =
+         STANDARD_RIGHTS_WRITE |
+         FILE_WRITE_DATA |
+         FILE_WRITE_ATTRIBUTES |
+         FILE_WRITE_EA |
+         FILE_APPEND_DATA |
+         SYNCHRONIZE
+
+      FILE_GENERIC_EXECUTE =
+         STANDARD_RIGHTS_EXECUTE |
+         FILE_READ_ATTRIBUTES |
+         FILE_EXECUTE |
+         SYNCHRONIZE
+
+      FILE_SHARE_READ                = 1
+      FILE_SHARE_WRITE               = 2
+      FILE_SHARE_DELETE              = 4
+      FILE_NOTIFY_CHANGE_FILE_NAME   = 1
+      FILE_NOTIFY_CHANGE_DIR_NAME    = 2
+      FILE_NOTIFY_CHANGE_ATTRIBUTES  = 4
+      FILE_NOTIFY_CHANGE_SIZE        = 8
+      FILE_NOTIFY_CHANGE_LAST_WRITE  = 16
+      FILE_NOTIFY_CHANGE_LAST_ACCESS = 32
+      FILE_NOTIFY_CHANGE_CREATION    = 64
+      FILE_NOTIFY_CHANGE_SECURITY    = 256
+      FILE_CASE_SENSITIVE_SEARCH     = 1
+      FILE_CASE_PRESERVED_NAMES      = 2
+      FILE_UNICODE_ON_DISK           = 4
+      FILE_PERSISTENT_ACLS           = 8
+      FILE_FILE_COMPRESSION          = 16
+      FILE_VOLUME_QUOTAS             = 32
+      FILE_SUPPORTS_SPARSE_FILES     = 64
+      FILE_SUPPORTS_REPARSE_POINTS   = 128
+      FILE_SUPPORTS_REMOTE_STORAGE   = 256
+      FILE_VOLUME_IS_COMPRESSED      = 0x8000
+      FILE_SUPPORTS_OBJECT_IDS       = 0x10000
+      FILE_SUPPORTS_ENCRYPTION       = 0x20000
+
+      FILE_ENCRYPTABLE  = 0
+      FILE_IS_ENCRYPTED = 1
+      FILE_ROOT_DIR     = 3
+      FILE_SYSTEM_ATTR  = 2
+      FILE_SYSTEM_DIR   = 4
+      FILE_UNKNOWN      = 5
+      FILE_SYSTEM_NOT_SUPPORT = 6
+      FILE_READ_ONLY    = 8
+
+      # Read and execute privileges
+      READ = FILE_GENERIC_READ | FILE_EXECUTE
+
+      # Add privileges
+      ADD = 0x001201bf
+
+      # Delete privileges
+      DELETE = 0x00010000
+
+      # Generic write, generic read, execute and delete privileges
+      CHANGE = FILE_GENERIC_WRITE | FILE_GENERIC_READ | FILE_EXECUTE | DELETE
+
+      # Full security rights - read, write, append, execute, and delete.
+      FULL = STANDARD_RIGHTS_ALL | FILE_READ_DATA | FILE_WRITE_DATA |
+        FILE_APPEND_DATA | FILE_READ_EA | FILE_WRITE_EA | FILE_EXECUTE |
+        FILE_DELETE_CHILD | FILE_READ_ATTRIBUTES | FILE_WRITE_ATTRIBUTES
+    end
+  end
+end

data/lib/win32/file/security/functions.rb

@@ -1,63 +1,63 @@
-require 'ffi'
-
-module Windows
-  module File
-    module Functions
-      extend FFI::Library
-
-      private
-
-      def self.attach_pfunc(*args)
-        attach_function(*args)
-        private args[0]
-      end
-
-      # For convenience
-      typedef :pointer, :ptr
-      typedef :buffer_in, :buf_in
-      typedef :buffer_out, :buf_out
-      typedef :string, :str
-      typedef :ulong, :dword
-      typedef :uintptr_t, :handle
-
-      ffi_lib :advapi32
-
-      attach_pfunc :AddAce, [:ptr, :dword, :dword, :ptr, :dword], :bool
-      attach_pfunc :AdjustTokenPrivileges, [:handle, :bool, :ptr, :dword, :ptr, :ptr], :bool
-      attach_pfunc :CopySid, [:dword, :ptr, :ptr], :bool
-      attach_pfunc :EncryptFileW, [:buf_in], :bool
-      attach_pfunc :DecryptFileW, [:buf_in, :dword], :bool
-      attach_pfunc :FileEncryptionStatusW, [:buf_in, :ptr], :bool
-      attach_pfunc :GetAce, [:ptr, :dword, :ptr], :bool
-      attach_pfunc :GetFileSecurityW, [:buf_in, :dword, :ptr, :dword, :ptr], :bool
-      attach_pfunc :GetLengthSid, [:ptr], :dword
-      attach_pfunc :GetSecurityDescriptorControl, [:ptr, :ptr, :ptr], :bool
-      attach_pfunc :GetSecurityDescriptorOwner, [:ptr, :ptr, :ptr], :bool
-      attach_pfunc :GetSecurityDescriptorGroup, [:ptr, :ptr, :ptr], :bool
-      attach_pfunc :GetSecurityDescriptorDacl, [:ptr, :ptr, :ptr, :ptr], :bool
-      attach_pfunc :GetSecurityInfo, [:handle, :dword, :dword, :ptr, :ptr, :ptr, :ptr, :ptr], :dword
-      attach_pfunc :GetTokenInformation, [:handle, :int, :ptr, :dword, :ptr], :bool
-      attach_pfunc :InitializeAcl, [:ptr, :dword, :dword], :bool
-      attach_pfunc :InitializeSecurityDescriptor, [:ptr, :dword], :bool
-      attach_pfunc :LookupAccountNameW, [:buf_in, :buf_in, :ptr, :ptr, :ptr, :ptr, :ptr], :bool
-      attach_pfunc :LookupAccountSidW, [:buf_in, :ptr, :ptr, :ptr, :ptr, :ptr, :ptr], :bool
-      attach_pfunc :LookupPrivilegeValueA, [:str, :str, :ptr], :bool
-      attach_pfunc :OpenProcessToken, [:handle, :dword, :ptr], :bool
-      attach_pfunc :SetFileSecurityW, [:buf_in, :dword, :ptr], :bool
-      attach_pfunc :SetSecurityDescriptorDacl, [:ptr, :bool, :ptr, :bool], :bool
-      attach_pfunc :SetSecurityDescriptorOwner, [:ptr, :ptr, :bool], :bool
-      attach_pfunc :ConvertSidToStringSidA, [:ptr,:ptr] ,:bool
-
-      ffi_lib :kernel32
-
-      attach_pfunc :CloseHandle, [:handle], :bool
-      attach_pfunc :GetCurrentProcess, [], :handle
-      attach_pfunc :GetVolumeInformationW, [:buf_in, :buf_out, :dword, :ptr, :ptr, :ptr, :buf_out, :dword], :bool
-
-      ffi_lib :shlwapi
-
-      attach_pfunc :PathStripToRootW, [:buf_in], :bool
-      attach_pfunc :PathIsRootW, [:buf_in], :bool
-    end
-  end
-end
+require 'ffi'
+
+module Windows
+  module File
+    module Functions
+      extend FFI::Library
+
+      private
+
+      def self.attach_pfunc(*args)
+        attach_function(*args)
+        private args[0]
+      end
+
+      # For convenience
+      typedef :pointer, :ptr
+      typedef :buffer_in, :buf_in
+      typedef :buffer_out, :buf_out
+      typedef :string, :str
+      typedef :ulong, :dword
+      typedef :uintptr_t, :handle
+
+      ffi_lib :advapi32
+
+      attach_pfunc :AddAce, [:ptr, :dword, :dword, :ptr, :dword], :bool
+      attach_pfunc :AdjustTokenPrivileges, [:handle, :int, :ptr, :dword, :ptr, :ptr], :bool
+      attach_pfunc :CopySid, [:dword, :ptr, :ptr], :bool
+      attach_pfunc :EncryptFileW, [:buf_in], :bool
+      attach_pfunc :DecryptFileW, [:buf_in, :dword], :bool
+      attach_pfunc :FileEncryptionStatusW, [:buf_in, :ptr], :bool
+      attach_pfunc :GetAce, [:ptr, :dword, :ptr], :bool
+      attach_pfunc :GetFileSecurityW, [:buf_in, :dword, :ptr, :dword, :ptr], :bool
+      attach_pfunc :GetLengthSid, [:ptr], :dword
+      attach_pfunc :GetSecurityDescriptorControl, [:ptr, :ptr, :ptr], :bool
+      attach_pfunc :GetSecurityDescriptorOwner, [:ptr, :ptr, :ptr], :bool
+      attach_pfunc :GetSecurityDescriptorGroup, [:ptr, :ptr, :ptr], :bool
+      attach_pfunc :GetSecurityDescriptorDacl, [:ptr, :ptr, :ptr, :ptr], :bool
+      attach_pfunc :GetSecurityInfo, [:handle, :dword, :dword, :ptr, :ptr, :ptr, :ptr, :ptr], :dword
+      attach_pfunc :GetTokenInformation, [:handle, :int, :ptr, :dword, :ptr], :bool
+      attach_pfunc :InitializeAcl, [:ptr, :dword, :dword], :bool
+      attach_pfunc :InitializeSecurityDescriptor, [:ptr, :dword], :bool
+      attach_pfunc :LookupAccountNameW, [:buf_in, :buf_in, :ptr, :ptr, :ptr, :ptr, :ptr], :bool
+      attach_pfunc :LookupAccountSidW, [:buf_in, :ptr, :ptr, :ptr, :ptr, :ptr, :ptr], :bool
+      attach_pfunc :LookupPrivilegeValueA, [:str, :str, :ptr], :bool
+      attach_pfunc :OpenProcessToken, [:handle, :dword, :ptr], :bool
+      attach_pfunc :SetFileSecurityW, [:buf_in, :dword, :ptr], :bool
+      attach_pfunc :SetSecurityDescriptorDacl, [:ptr, :int, :ptr, :int], :bool
+      attach_pfunc :SetSecurityDescriptorOwner, [:ptr, :ptr, :int], :bool
+      attach_pfunc :ConvertSidToStringSidA, [:ptr,:ptr] ,:bool
+
+      ffi_lib :kernel32
+
+      attach_pfunc :CloseHandle, [:handle], :bool
+      attach_pfunc :GetCurrentProcess, [], :handle
+      attach_pfunc :GetVolumeInformationW, [:buf_in, :buf_out, :dword, :ptr, :ptr, :ptr, :buf_out, :dword], :bool
+
+      ffi_lib :shlwapi
+
+      attach_pfunc :PathStripToRootW, [:buf_in], :bool
+      attach_pfunc :PathIsRootW, [:buf_in], :bool
+    end
+  end
+end

data/lib/win32/file/security/helper.rb

@@ -1,23 +1,23 @@
-class String
-  unless instance_methods.include?(:wincode)
-    # Convenience method for converting strings to UTF-16LE for wide character
-    # functions that require it.
-    def wincode
-      unless encoding == Encoding::UTF_16LE
-        (self.tr(File::SEPARATOR, File::ALT_SEPARATOR) + 0.chr).encode('UTF-16LE')
-      end
-    end
-  end
-
-  unless instance_methods.include?(:wstrip)
-    # Read a wide character string up until the first double null, and delete
-    # any remaining null characters.
-    def wstrip
-      unless encoding == Encoding::UTF_16LE
-        self.force_encoding('UTF-16LE')
-      end
-
-      self.encode('UTF-8',:invalid=>:replace,:undef=>:replace).split("\x00")[0].encode(Encoding.default_external)
-    end
-  end
-end
+class String
+  unless instance_methods.include?(:wincode)
+    # Convenience method for converting strings to UTF-16LE for wide character
+    # functions that require it.
+    def wincode
+      unless encoding == Encoding::UTF_16LE
+        (self.tr(File::SEPARATOR, File::ALT_SEPARATOR) + 0.chr).encode('UTF-16LE')
+      end
+    end
+  end
+
+  unless instance_methods.include?(:wstrip)
+    # Read a wide character string up until the first double null, and delete
+    # any remaining null characters.
+    def wstrip
+      unless encoding == Encoding::UTF_16LE
+        self.force_encoding('UTF-16LE')
+      end
+
+      self.encode('UTF-8',:invalid=>:replace,:undef=>:replace).split("\x00")[0].encode(Encoding.default_external)
+    end
+  end
+end