win32-security 0.1.1 → 0.1.2

data/CHANGES

@@ -1,3 +1,8 @@
+= 0.1.2 - 2-Aug-2009
+* Now compatible with Ruby 1.9.x.
+* Switched test-unit and sys-admin from standard dependencies to development
+  dependencies.
+
 = 0.1.1 - 14-Jul-2009
 * Added some well known SID's as constants to the Win32::Security::SID class
   for convenience, e.g. SID::World, SID::Everyone.

data/README

@@ -27,7 +27,7 @@
    Ruby's
     
 == Copyright
-   (C) 2003-2008 Daniel J. Berger
+   (C) 2003-2009 Daniel J. Berger
    All Rights Reserved
     
 == Authors

data/lib/win32/security.rb

@@ -25,7 +25,7 @@ module Win32
       extend Windows::Error
       
       # The version of the win32-security library
-      VERSION = '0.1.1'
+      VERSION = '0.1.2'
       
       # Returns whether or not the owner of the current process is running
       # with elevated security privileges.

data/lib/win32/security/ace.rb

@@ -0,0 +1,39 @@
+# The Win32 module serves as a namespace only.
+module Win32
+   
+   # The Security class serves as a toplevel class namespace.
+   class Security
+      
+      # The ACE class encapsulates an Access Control Entry, an element within
+      # an Access Control List.
+      class ACE
+         # The version of the Win32::Security::ACE class.
+         VERSION = '0.1.0'
+
+         # The ACE type, e.g. ACCESS_ALLOWED, ACCESS_DENIED, etc.
+         attr_accessor :ace_type
+
+         # The ACE mask, e.g. INHERITED_ACE
+         attr_accessor :ace_mask
+
+         # Standard access rights, e.g. GENERIC_READ, GENERIC_WRITE, etc 
+         attr_accessor :access_mask
+
+         # Bit flags that indicate whether the ObjectType and
+         # InheritedObjectType members are present. This value is set
+         # internally based on the values passed to the ACE#object_type or
+         # ACE#inherited_object_type methods, if any.
+         attr_reader :flags
+
+         # A Win32::Security::GUID object that identifies the type of child
+         # object that can inherit the ACE. 
+         attr_accessor :object_type
+
+         attr_accessor :inherited_object_type
+
+         def initialize
+            yield self if block_given?
+         end
+      end
+   end
+end

data/lib/win32/security/acl.rb

@@ -0,0 +1,148 @@
+require 'windows/security'
+require 'windows/error'
+require 'windows/limits'
+require 'windows/msvcrt/buffer'
+
+# The Win32 module serves as a namespace only.
+module Win32
+   
+   # The Security class serves as a toplevel class namespace.
+   class Security
+      
+      # The ACL class encapsulates an Access Control List.
+      class ACL
+         include Windows::Error
+         include Windows::Security
+         include Windows::Limits
+         include Windows::MSVCRT::Buffer
+         
+         # The version of the Win32::Security::ACL class.
+         VERSION = '0.1.0'
+
+         # The binary representation of the ACL structure
+         attr_reader :acl
+
+         # The revision level.
+         attr_reader :revision
+
+         # Creates and returns a new Win32::Security::ACL object. This object
+         # encapsulates an ACL structure, including a binary representation of
+         # the ACL itself, and the revision information.
+         #
+         def initialize(revision = ACL_REVISION)
+            acl = 0.chr * 8 # This can be increased later as needed
+
+            unless InitializeAcl(acl, acl.size, revision)
+               raise Error, get_last_error
+            end
+
+            @acl = acl
+            @revision = revision
+         end
+
+         # Returns the number of ACE's in the ACL object.
+         #
+         def ace_count
+            buf = 0.chr * 12 # sizeof(ACL_SIZE_INFORMATION)
+
+            unless GetAclInformation(@acl, buf, buf.size, AclSizeInformation)
+               raise Error, get_last_error
+            end
+
+            buf[0, 4].unpack('L')[0]
+         end
+
+         # Adds an access allowed ACE to the given +sid+. The +mask+ is a
+         # bitwise OR'd value of access rights.
+         #
+         def add_access_allowed_ace(sid, mask=0)
+            unless AddAccessAllowedAce(@acl, @revision, mask, sid)
+               raise Error, get_last_error
+            end
+         end
+
+         # Adds an access denied ACE to the given +sid+.
+         #
+         def add_access_denied_ace(sid, mask=0)
+            unless AddAccessDeniedAce(@acl, @revision, mask, sid)
+               raise Error, get_last_error
+            end
+         end
+
+         # Adds an ACE to the ACL object with the given +revision+ at +index+
+         # or the end of the chain if no index is specified.
+         #
+         # Returns the index if successful.
+         #--
+         # This is untested and will require an actual implementation of
+         # Win32::Security::Ace before it can work properly.
+         #
+         def add_ace(ace, index=MAXDWORD)
+            unless AddAce(@acl, @revision, index, ace, ace.length)
+               raise Error, get_last_error
+            end
+
+            index
+         end
+
+         # Deletes an ACE from the ACL object at +index+, or from the end of
+         # the chain if no index is specified.
+         #
+         # Returns the index if successful.
+         #--
+         # This is untested and will require an actual implementation of
+         # Win32::Security::Ace before it can work properly.
+         #
+         def delete_ace(index=MAXDWORD)
+            unless DeleteAce(@ace, index)
+               raise Error, get_last_error
+            end
+
+            index
+         end
+
+         # Finds and returns a pointer (address) to an ACE in the ACL at the
+         # given +index+. If no index is provided, then an address to the
+         # first free byte of the ACL is returned.
+         #
+         def find_ace(index = nil)
+            ptr = [0].pack('L')
+
+            if index.nil?
+               unless FindFirstFreeAce(@acl, ptr)
+                  raise Error, get_last_error
+               end
+            else
+               unless GetAce(@acl, index, ptr)
+                  raise Error, get_last_error
+               end
+            end
+
+            [ptr].pack('p*').unpack('L')[0]
+         end
+
+         # Sets the revision information level, where the +revision_level+
+         # can be ACL_REVISION1, ACL_REVISION2, ACL_REVISION3 or ACL_REVISION4.
+         #
+         # Returns the revision level if successful.
+         #
+         def revision=(revision_level)
+            buf = [revision_level].pack('L')
+
+            unless SetAclInformation(@acl, buf, buf.size, AclRevisionInformation)
+               raise Error, get_last_error
+            end
+
+            @revision = revision_level
+
+            revision_level
+         end
+
+         # Returns whether or not the ACL is a valid ACL.
+         #
+         def valid?
+            IsValidAcl(@acl)
+         end
+      end
+   end
+end

data/lib/win32/security/sid.rb

@@ -25,7 +25,7 @@ module Win32
          class Error < StandardError; end
          
          # The version of the Win32::Security::SID class.
-         VERSION = '0.1.1'
+         VERSION = '0.1.2'
 
          # Some constant SID's for your convenience, in string format.
          # See http://support.microsoft.com/kb/243330 for details.
@@ -108,7 +108,11 @@ module Win32
                raise Error, get_last_error
             end
 
-            sid_buf.strip
+            if RUBY_VERSION.to_f < 1.9
+               sid_buf.strip
+            else
+               sid_buf.force_encoding('ASCII-8BIT').strip
+            end
          end
          
          # Creates a new SID with +authority+ and up to 8 +subauthorities+,
@@ -182,9 +186,11 @@ module Win32
             domain_cch = [domain_buf.size].pack('L')
 
             sid_name_use = 0.chr * 4
+            ordinal_val  = account[0]
+            ordinal_val  = ordinal_val.ord if RUBY_VERSION.to_f >= 1.9
             
             # If characters in the 0-10 range, assume it's a binary SID.
-            if account[0] < 10
+            if ordinal_val < 10
                bool = LookupAccountSid(
                   host,
                   [account].pack('p*').unpack('L')[0],
@@ -211,7 +217,7 @@ module Win32
             end
 
             # The arguments are flipped if the account argument is binary
-            if account[0] < 10
+            if ordinal_val < 10
                @sid     = account
                @account = sid.strip
             else

data/test/test_security.rb

@@ -12,7 +12,7 @@ require 'win32/security'
 
 class TC_Win32_Security < Test::Unit::TestCase
    def test_version
-      assert_equal('0.1.1', Win32::Security::VERSION)
+      assert_equal('0.1.2', Win32::Security::VERSION)
    end
 
    def test_elevated_security

data/test/test_sid.rb

@@ -23,7 +23,7 @@ class TC_Win32_Security_Sid < Test::Unit::TestCase
    end
 
    def test_version
-      assert_equal('0.1.1', Security::SID::VERSION)
+      assert_equal('0.1.2', Security::SID::VERSION)
    end
 
    def test_sid

data/win32-security.gemspec

@@ -2,7 +2,7 @@ require 'rubygems'
 
 spec = Gem::Specification.new do |gem|
    gem.name       = 'win32-security'
-   gem.version    = '0.1.1'
+   gem.version    = '0.1.2'
    gem.authors    = ['Daniel J. Berger', 'Park Heesob']
    gem.email      = 'djberg96@gmail.com'
    gem.homepage   = 'http://www.rubyforge.org/projects/win32utils'
@@ -17,8 +17,9 @@ spec = Gem::Specification.new do |gem|
    gem.rubyforge_project = 'win32utils'
    
    gem.add_dependency('windows-pr', '>= 0.9.8')
-   gem.add_dependency('test-unit', '>= 2.0.1')
-   gem.add_dependency('sys-admin', '>= 1.4.4')
+
+   gem.add_development_dependency('test-unit', '>= 2.0.1')
+   gem.add_development_dependency('sys-admin', '>= 1.4.4')
    
    gem.description = <<-EOF
       The win32-security library provides an interface for dealing with
@@ -27,5 +28,4 @@ spec = Gem::Specification.new do |gem|
    EOF
 end
 
-Gem.manage_gems if Gem::RubyGemsVersion.to_f < 1.0
 Gem::Builder.new(spec).build

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: win32-security
 version: !ruby/object:Gem::Version 
-  version: 0.1.1
+  version: 0.1.2
 platform: ruby
 authors: 
 - Daniel J. Berger
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-07-14 00:00:00 -06:00
+date: 2009-08-02 00:00:00 -06:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -25,7 +25,7 @@ dependencies:
     version: 
 - !ruby/object:Gem::Dependency 
   name: test-unit
-  type: :runtime
+  type: :development
   version_requirement: 
   version_requirements: !ruby/object:Gem::Requirement 
     requirements: 
@@ -35,7 +35,7 @@ dependencies:
     version: 
 - !ruby/object:Gem::Dependency 
   name: sys-admin
-  type: :runtime
+  type: :development
   version_requirement: 
   version_requirements: !ruby/object:Gem::Requirement 
     requirements: 
@@ -55,6 +55,8 @@ extra_rdoc_files:
 - MANIFEST
 files: 
 - CHANGES
+- lib/win32/security/ace.rb
+- lib/win32/security/acl.rb
 - lib/win32/security/sid.rb
 - lib/win32/security.rb
 - MANIFEST
@@ -88,7 +90,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: win32utils
-rubygems_version: 1.3.4
+rubygems_version: 1.3.5
 signing_key: 
 specification_version: 3
 summary: A library for dealing with aspects of Windows security.