win32-security 0.1.3 → 0.1.4

data/CHANGES

@@ -1,19 +1,23 @@
-= 0.1.3 - 12-Jul-2012
-* The SID.new method now defaults to the owner of the current thread if
-  no account name is provided.
-* Updates to the gemspec, Rakefile, and SID tests, including updates to
-  some of the gemspec dependencies.
-
-= 0.1.2 - 2-Aug-2009
-* Now compatible with Ruby 1.9.x.
-* Switched test-unit and sys-admin from standard dependencies to development
-  dependencies.
-
-= 0.1.1 - 14-Jul-2009
-* Added some well known SID's as constants to the Win32::Security::SID class
-  for convenience, e.g. SID::World, SID::Everyone.
-* Fixes for the gemspec.
-* Changed license to Artistic 2.0.
-
-= 0.1.0 - 17-Dec-2008
-* Initial release
+= 0.1.4 - 4-Oct-2012
+* Updated the SID.string_to_sid method so that it completes a string/sid
+  round trip successfully now. Thanks go to Josh Cooper for the patch.
+
+= 0.1.3 - 12-Jul-2012
+* The SID.new method now defaults to the owner of the current thread if
+  no account name is provided.
+* Updates to the gemspec, Rakefile, and SID tests, including updates to
+  some of the gemspec dependencies.
+
+= 0.1.2 - 2-Aug-2009
+* Now compatible with Ruby 1.9.x.
+* Switched test-unit and sys-admin from standard dependencies to development
+  dependencies.
+
+= 0.1.1 - 14-Jul-2009
+* Added some well known SID's as constants to the Win32::Security::SID class
+  for convenience, e.g. SID::World, SID::Everyone.
+* Fixes for the gemspec.
+* Changed license to Artistic 2.0.
+
+= 0.1.0 - 17-Dec-2008
+* Initial release

data/MANIFEST

@@ -1,9 +1,9 @@
-* CHANGES
-* MANIFEST
-* README
-* Rakefile
-* win32-security.gemspec
-* lib/win32/security.rb
-* lib/win32/security/sid.rb
-* test/test_security.rb
+* CHANGES
+* MANIFEST
+* README
+* Rakefile
+* win32-security.gemspec
+* lib/win32/security.rb
+* lib/win32/security/sid.rb
+* test/test_security.rb
 * test/test_sid.rb

data/README

@@ -1,35 +1,35 @@
-= Description
-  A security library for MS Windows that allows you to open existing or
-  create new security identifiers (SID's).
-
-= Synopsis
-  require 'win32/security'
-  include Win32
-   
-  sid = Security::SID.open('some_user')
-   
-  sid.valid? # => true
-  sid.to_s   # => "S-1-5-21-3733855671-1102023144-2002619019-1000"
-  sid.length # => 28
-  sid.sid    # => "\001\005\000\000\000\000\000\005\025\000\000\000..."
-   
-== Future Plans
-  Create classes that encapsulate ACL's, ACE's, Token's, etc.
-   
-  There are some unfinished versions of the ACL and ACE classes in the
-  repo if you're interested in taking a look.
-   
-== Known Issues
-  None that I'm aware of. Please file any bug reports on the project page
-  at http://www.rubyforge.org/projects/win32utils.
-    
-== License
-  Artistic 2.0
-    
-== Copyright
-  (C) 2003-2012 Daniel J. Berger
-  All Rights Reserved
-    
-== Authors
-  Daniel J. Berger
-  Park Heesob
+= Description
+  A security library for MS Windows that allows you to open existing or
+  create new security identifiers (SID's).
+
+= Synopsis
+  require 'win32/security'
+  include Win32
+   
+  sid = Security::SID.open('some_user')
+   
+  sid.valid? # => true
+  sid.to_s   # => "S-1-5-21-3733855671-1102023144-2002619019-1000"
+  sid.length # => 28
+  sid.sid    # => "\001\005\000\000\000\000\000\005\025\000\000\000..."
+   
+== Future Plans
+  Create classes that encapsulate ACL's, ACE's, Token's, etc.
+   
+  There are some unfinished versions of the ACL and ACE classes in the
+  repo if you're interested in taking a look.
+   
+== Known Issues
+  None that I'm aware of. Please file any bug reports on the project page
+  at http://www.rubyforge.org/projects/win32utils.
+    
+== License
+  Artistic 2.0
+    
+== Copyright
+  (C) 2003-2012 Daniel J. Berger
+  All Rights Reserved
+    
+== Authors
+  Daniel J. Berger
+  Park Heesob

data/Rakefile

@@ -1,46 +1,46 @@
-require 'rake'
-require 'rake/testtask'
-require 'rbconfig'
-
-namespace :gem do
-  desc "Remove any .gem files in the project"
-  task :clean do
-    Dir['*.gem'].each{ |f| File.delete(f) }
-  end
-
-  desc "Create the win32-security gem"
-  task :create => [:clean] do
-    spec = eval(IO.read('win32-security.gemspec'))
-    Gem::Builder.new(spec).build
-  end
-
-  desc "Install the win32-security gem"
-  task :install => [:create] do
-    ruby 'win32-security.gemspec'
-    file = Dir["*.gem"].first
-    sh "gem install #{file}"
-  end
-end
-
-namespace :test do
-  Rake::TestTask.new(:security) do |t|
-    t.verbose = true
-    t.warning = true
-    t.test_files = Dir['test/test_security.rb']
-  end
-
-  Rake::TestTask.new(:sid) do |t|
-    t.verbose = true
-    t.warning = true
-    t.test_files = Dir['test/test_sid.rb']
-  end
-
-  # ACL class isn't ready yet
-  Rake::TestTask.new(:all) do |t|
-    t.verbose = true
-    t.warning = true
-    t.test_files = Dir['test/test_sid.rb', 'test/test_security.rb']
-  end
-end
-
-task :default => 'test:all'
+require 'rake'
+require 'rake/testtask'
+require 'rbconfig'
+
+namespace :gem do
+  desc "Remove any .gem files in the project"
+  task :clean do
+    Dir['*.gem'].each{ |f| File.delete(f) }
+  end
+
+  desc "Create the win32-security gem"
+  task :create => [:clean] do
+    spec = eval(IO.read('win32-security.gemspec'))
+    Gem::Builder.new(spec).build
+  end
+
+  desc "Install the win32-security gem"
+  task :install => [:create] do
+    ruby 'win32-security.gemspec'
+    file = Dir["*.gem"].first
+    sh "gem install #{file}"
+  end
+end
+
+namespace :test do
+  Rake::TestTask.new(:security) do |t|
+    t.verbose = true
+    t.warning = true
+    t.test_files = Dir['test/test_security.rb']
+  end
+
+  Rake::TestTask.new(:sid) do |t|
+    t.verbose = true
+    t.warning = true
+    t.test_files = Dir['test/test_sid.rb']
+  end
+
+  # ACL class isn't ready yet
+  Rake::TestTask.new(:all) do |t|
+    t.verbose = true
+    t.warning = true
+    t.test_files = Dir['test/test_sid.rb', 'test/test_security.rb']
+  end
+end
+
+task :default => 'test:all'

data/lib/win32/security.rb

@@ -1,67 +1,67 @@
-# This file allows users to require all security related classes from
-# a single file, instead of having to require individual files.
-
-require 'windows/process'
-require 'windows/security'
-require 'windows/handle'
-require 'windows/error'
-
-# The Win32 module serves as a namespace only.
-module Win32
-
-  # The Security class encapsulates security aspects of MS Windows.
-  class Security
-
-    # Base error class for all Win32::Security errors.
-    class Error < StandardError; end
-
-    include Windows::Security
-      
-    extend Windows::Process
-    extend Windows::Security
-    extend Windows::Handle
-    extend Windows::Error
-      
-    # The version of the win32-security library
-    VERSION = '0.1.3'
-      
-    # Returns whether or not the owner of the current process is running
-    # with elevated security privileges.
-    #
-    # Only supported on Windows Vista or later.
-    #
-    def self.elevated_security?
-      token = 0.chr * 4
-              
-      unless OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, token)
-        raise Error, get_last_error
-      end
-         
-      begin    
-        token = token.unpack('V')[0]
-            
-        te = 0.chr * 4 # TOKEN_ELEVATION
-        rl = 0.chr * 4 # Return length
-            
-        bool = GetTokenInformation(
-          token,
-          TokenElevation,
-          te,
-          te.size,
-          rl
-        )
-            
-        raise Error, get_last_error unless bool
-      ensure
-        CloseHandle(token)
-      end
-         
-      # TokenIsElevated member of the TOKEN_ELEVATION struct
-      te.unpack('L')[0] != 0
-    end
-  end
-end
-
-require 'win32/security/sid'
-#require 'win32/security/acl'
-#require 'win32/security/ace'
+# This file allows users to require all security related classes from
+# a single file, instead of having to require individual files.
+
+require 'windows/process'
+require 'windows/security'
+require 'windows/handle'
+require 'windows/error'
+
+# The Win32 module serves as a namespace only.
+module Win32
+
+  # The Security class encapsulates security aspects of MS Windows.
+  class Security
+
+    # Base error class for all Win32::Security errors.
+    class Error < StandardError; end
+
+    include Windows::Security
+
+    extend Windows::Process
+    extend Windows::Security
+    extend Windows::Handle
+    extend Windows::Error
+
+    # The version of the win32-security library
+    VERSION = '0.1.4'
+
+    # Returns whether or not the owner of the current process is running
+    # with elevated security privileges.
+    #
+    # Only supported on Windows Vista or later.
+    #
+    def self.elevated_security?
+      token = 0.chr * 4
+
+      unless OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, token)
+        raise Error, get_last_error
+      end
+
+      begin
+        token = token.unpack('V')[0]
+
+        te = 0.chr * 4 # TOKEN_ELEVATION
+        rl = 0.chr * 4 # Return length
+
+        bool = GetTokenInformation(
+          token,
+          TokenElevation,
+          te,
+          te.size,
+          rl
+        )
+
+        raise Error, get_last_error unless bool
+      ensure
+        CloseHandle(token)
+      end
+
+      # TokenIsElevated member of the TOKEN_ELEVATION struct
+      te.unpack('L')[0] != 0
+    end
+  end
+end
+
+require 'win32/security/sid'
+#require 'win32/security/acl'
+#require 'win32/security/ace'

data/lib/win32/security/ace.rb

@@ -1,39 +1,39 @@
-# The Win32 module serves as a namespace only.
-module Win32
-   
-  # The Security class serves as a toplevel class namespace.
-  class Security
-      
-    # The ACE class encapsulates an Access Control Entry, an element within
-    # an Access Control List.
-    class ACE
-      # The version of the Win32::Security::ACE class.
-      VERSION = '0.1.0'
-
-      # The ACE type, e.g. ACCESS_ALLOWED, ACCESS_DENIED, etc.
-      attr_accessor :ace_type
-
-      # The ACE mask, e.g. INHERITED_ACE
-      attr_accessor :ace_mask
-
-      # Standard access rights, e.g. GENERIC_READ, GENERIC_WRITE, etc 
-      attr_accessor :access_mask
-
-      # Bit flags that indicate whether the ObjectType and
-      # InheritedObjectType members are present. This value is set
-      # internally based on the values passed to the ACE#object_type or
-      # ACE#inherited_object_type methods, if any.
-      attr_reader :flags
-
-      # A Win32::Security::GUID object that identifies the type of child
-      # object that can inherit the ACE. 
-      attr_accessor :object_type
-
-      attr_accessor :inherited_object_type
-
-      def initialize
-        yield self if block_given?
-      end
-    end
-  end
-end
+# The Win32 module serves as a namespace only.
+module Win32
+   
+  # The Security class serves as a toplevel class namespace.
+  class Security
+      
+    # The ACE class encapsulates an Access Control Entry, an element within
+    # an Access Control List.
+    class ACE
+      # The version of the Win32::Security::ACE class.
+      VERSION = '0.1.0'
+
+      # The ACE type, e.g. ACCESS_ALLOWED, ACCESS_DENIED, etc.
+      attr_accessor :ace_type
+
+      # The ACE mask, e.g. INHERITED_ACE
+      attr_accessor :ace_mask
+
+      # Standard access rights, e.g. GENERIC_READ, GENERIC_WRITE, etc 
+      attr_accessor :access_mask
+
+      # Bit flags that indicate whether the ObjectType and
+      # InheritedObjectType members are present. This value is set
+      # internally based on the values passed to the ACE#object_type or
+      # ACE#inherited_object_type methods, if any.
+      attr_reader :flags
+
+      # A Win32::Security::GUID object that identifies the type of child
+      # object that can inherit the ACE. 
+      attr_accessor :object_type
+
+      attr_accessor :inherited_object_type
+
+      def initialize
+        yield self if block_given?
+      end
+    end
+  end
+end

data/lib/win32/security/acl.rb

@@ -1,148 +1,148 @@
-require 'windows/security'
-require 'windows/error'
-require 'windows/limits'
-require 'windows/msvcrt/buffer'
-
-# The Win32 module serves as a namespace only.
-module Win32
-   
-  # The Security class serves as a toplevel class namespace.
-  class Security
-      
-    # The ACL class encapsulates an Access Control List.
-    class ACL
-      include Windows::Error
-      include Windows::Security
-      include Windows::Limits
-      include Windows::MSVCRT::Buffer
-         
-      # The version of the Win32::Security::ACL class.
-      VERSION = '0.1.0'
-
-      # The binary representation of the ACL structure
-      attr_reader :acl
-
-      # The revision level.
-      attr_reader :revision
-
-      # Creates and returns a new Win32::Security::ACL object. This object
-      # encapsulates an ACL structure, including a binary representation of
-      # the ACL itself, and the revision information.
-      #
-      def initialize(revision = ACL_REVISION)
-        acl = 0.chr * 8 # This can be increased later as needed
-
-        unless InitializeAcl(acl, acl.size, revision)
-          raise Error, get_last_error
-        end
-
-        @acl = acl
-        @revision = revision
-      end
-
-      # Returns the number of ACE's in the ACL object.
-      #
-      def ace_count
-        buf = 0.chr * 12 # sizeof(ACL_SIZE_INFORMATION)
-
-        unless GetAclInformation(@acl, buf, buf.size, AclSizeInformation)
-          raise Error, get_last_error
-        end
-
-        buf[0, 4].unpack('L')[0]
-      end
-
-      # Adds an access allowed ACE to the given +sid+. The +mask+ is a
-      # bitwise OR'd value of access rights.
-      #
-      def add_access_allowed_ace(sid, mask=0)
-        unless AddAccessAllowedAce(@acl, @revision, mask, sid)
-          raise Error, get_last_error
-        end
-      end
-
-      # Adds an access denied ACE to the given +sid+.
-      #
-      def add_access_denied_ace(sid, mask=0)
-        unless AddAccessDeniedAce(@acl, @revision, mask, sid)
-          raise Error, get_last_error
-        end
-      end
-
-      # Adds an ACE to the ACL object with the given +revision+ at +index+
-      # or the end of the chain if no index is specified.
-      #
-      # Returns the index if successful.
-      #--
-      # This is untested and will require an actual implementation of
-      # Win32::Security::Ace before it can work properly.
-      #
-      def add_ace(ace, index=MAXDWORD)
-        unless AddAce(@acl, @revision, index, ace, ace.length)
-          raise Error, get_last_error
-        end
-
-        index
-      end
-
-      # Deletes an ACE from the ACL object at +index+, or from the end of
-      # the chain if no index is specified.
-      #
-      # Returns the index if successful.
-      #--
-      # This is untested and will require an actual implementation of
-      # Win32::Security::Ace before it can work properly.
-      #
-      def delete_ace(index=MAXDWORD)
-        unless DeleteAce(@ace, index)
-          raise Error, get_last_error
-        end
-
-        index
-      end
-
-      # Finds and returns a pointer (address) to an ACE in the ACL at the
-      # given +index+. If no index is provided, then an address to the
-      # first free byte of the ACL is returned.
-      #
-      def find_ace(index = nil)
-        ptr = [0].pack('L')
-
-        if index.nil?
-          unless FindFirstFreeAce(@acl, ptr)
-            raise Error, get_last_error
-          end
-        else
-          unless GetAce(@acl, index, ptr)
-            raise Error, get_last_error
-          end
-        end
-
-        [ptr].pack('p*').unpack('L')[0]
-      end
-
-      # Sets the revision information level, where the +revision_level+
-      # can be ACL_REVISION1, ACL_REVISION2, ACL_REVISION3 or ACL_REVISION4.
-      #
-      # Returns the revision level if successful.
-      #
-      def revision=(revision_level)
-        buf = [revision_level].pack('L')
-
-        unless SetAclInformation(@acl, buf, buf.size, AclRevisionInformation)
-          raise Error, get_last_error
-        end
-
-        @revision = revision_level
-
-        revision_level
-      end
-
-      # Returns whether or not the ACL is a valid ACL.
-      #
-      def valid?
-        IsValidAcl(@acl)
-      end
-    end
-  end
-end
+require 'windows/security'
+require 'windows/error'
+require 'windows/limits'
+require 'windows/msvcrt/buffer'
+
+# The Win32 module serves as a namespace only.
+module Win32
+   
+  # The Security class serves as a toplevel class namespace.
+  class Security
+      
+    # The ACL class encapsulates an Access Control List.
+    class ACL
+      include Windows::Error
+      include Windows::Security
+      include Windows::Limits
+      include Windows::MSVCRT::Buffer
+         
+      # The version of the Win32::Security::ACL class.
+      VERSION = '0.1.0'
+
+      # The binary representation of the ACL structure
+      attr_reader :acl
+
+      # The revision level.
+      attr_reader :revision
+
+      # Creates and returns a new Win32::Security::ACL object. This object
+      # encapsulates an ACL structure, including a binary representation of
+      # the ACL itself, and the revision information.
+      #
+      def initialize(revision = ACL_REVISION)
+        acl = 0.chr * 8 # This can be increased later as needed
+
+        unless InitializeAcl(acl, acl.size, revision)
+          raise Error, get_last_error
+        end
+
+        @acl = acl
+        @revision = revision
+      end
+
+      # Returns the number of ACE's in the ACL object.
+      #
+      def ace_count
+        buf = 0.chr * 12 # sizeof(ACL_SIZE_INFORMATION)
+
+        unless GetAclInformation(@acl, buf, buf.size, AclSizeInformation)
+          raise Error, get_last_error
+        end
+
+        buf[0, 4].unpack('L')[0]
+      end
+
+      # Adds an access allowed ACE to the given +sid+. The +mask+ is a
+      # bitwise OR'd value of access rights.
+      #
+      def add_access_allowed_ace(sid, mask=0)
+        unless AddAccessAllowedAce(@acl, @revision, mask, sid)
+          raise Error, get_last_error
+        end
+      end
+
+      # Adds an access denied ACE to the given +sid+.
+      #
+      def add_access_denied_ace(sid, mask=0)
+        unless AddAccessDeniedAce(@acl, @revision, mask, sid)
+          raise Error, get_last_error
+        end
+      end
+
+      # Adds an ACE to the ACL object with the given +revision+ at +index+
+      # or the end of the chain if no index is specified.
+      #
+      # Returns the index if successful.
+      #--
+      # This is untested and will require an actual implementation of
+      # Win32::Security::Ace before it can work properly.
+      #
+      def add_ace(ace, index=MAXDWORD)
+        unless AddAce(@acl, @revision, index, ace, ace.length)
+          raise Error, get_last_error
+        end
+
+        index
+      end
+
+      # Deletes an ACE from the ACL object at +index+, or from the end of
+      # the chain if no index is specified.
+      #
+      # Returns the index if successful.
+      #--
+      # This is untested and will require an actual implementation of
+      # Win32::Security::Ace before it can work properly.
+      #
+      def delete_ace(index=MAXDWORD)
+        unless DeleteAce(@ace, index)
+          raise Error, get_last_error
+        end
+
+        index
+      end
+
+      # Finds and returns a pointer (address) to an ACE in the ACL at the
+      # given +index+. If no index is provided, then an address to the
+      # first free byte of the ACL is returned.
+      #
+      def find_ace(index = nil)
+        ptr = [0].pack('L')
+
+        if index.nil?
+          unless FindFirstFreeAce(@acl, ptr)
+            raise Error, get_last_error
+          end
+        else
+          unless GetAce(@acl, index, ptr)
+            raise Error, get_last_error
+          end
+        end
+
+        [ptr].pack('p*').unpack('L')[0]
+      end
+
+      # Sets the revision information level, where the +revision_level+
+      # can be ACL_REVISION1, ACL_REVISION2, ACL_REVISION3 or ACL_REVISION4.
+      #
+      # Returns the revision level if successful.
+      #
+      def revision=(revision_level)
+        buf = [revision_level].pack('L')
+
+        unless SetAclInformation(@acl, buf, buf.size, AclRevisionInformation)
+          raise Error, get_last_error
+        end
+
+        @revision = revision_level
+
+        revision_level
+      end
+
+      # Returns whether or not the ACL is a valid ACL.
+      #
+      def valid?
+        IsValidAcl(@acl)
+      end
+    end
+  end
+end