Skip to main content

windows_erg/security/
descriptor.rs

1//! Security descriptor domain model.
2
3use super::{Dacl, Sid};
4
5/// Resource target represented by a security descriptor.
6#[derive(Debug, Clone, PartialEq, Eq)]
7pub enum SecurityTarget {
8    /// File or directory path.
9    FilePath(String),
10    /// Registry key path.
11    RegistryPath(String),
12    /// In-memory descriptor with no external binding.
13    Detached,
14}
15
16/// Security descriptor model containing owner/group and DACL.
17#[derive(Debug, Clone, PartialEq, Eq)]
18pub struct SecurityDescriptor {
19    target: SecurityTarget,
20    owner: Option<Sid>,
21    group: Option<Sid>,
22    dacl: Dacl,
23}
24
25impl SecurityDescriptor {
26    /// Create a detached descriptor with empty DACL.
27    pub fn new() -> Self {
28        Self {
29            target: SecurityTarget::Detached,
30            owner: None,
31            group: None,
32            dacl: Dacl::new(),
33        }
34    }
35
36    /// Create descriptor bound to a file path.
37    pub fn for_file_path(path: impl Into<String>) -> Self {
38        Self {
39            target: SecurityTarget::FilePath(path.into()),
40            owner: None,
41            group: None,
42            dacl: Dacl::new(),
43        }
44    }
45
46    /// Create descriptor bound to a registry path.
47    pub fn for_registry_path(path: impl Into<String>) -> Self {
48        Self {
49            target: SecurityTarget::RegistryPath(path.into()),
50            owner: None,
51            group: None,
52            dacl: Dacl::new(),
53        }
54    }
55
56    /// Set owner SID.
57    pub fn with_owner(mut self, owner: Sid) -> Self {
58        self.owner = Some(owner);
59        self
60    }
61
62    /// Set group SID.
63    pub fn with_group(mut self, group: Sid) -> Self {
64        self.group = Some(group);
65        self
66    }
67
68    /// Set DACL.
69    pub fn with_dacl(mut self, dacl: Dacl) -> Self {
70        self.dacl = dacl;
71        self
72    }
73
74    /// Returns target information.
75    pub fn target(&self) -> &SecurityTarget {
76        &self.target
77    }
78
79    /// Returns owner SID if present.
80    pub fn owner(&self) -> Option<&Sid> {
81        self.owner.as_ref()
82    }
83
84    /// Returns group SID if present.
85    pub fn group(&self) -> Option<&Sid> {
86        self.group.as_ref()
87    }
88
89    /// Returns descriptor DACL.
90    pub fn dacl(&self) -> &Dacl {
91        &self.dacl
92    }
93
94    /// Returns mutable descriptor DACL.
95    pub fn dacl_mut(&mut self) -> &mut Dacl {
96        &mut self.dacl
97    }
98}
99
100impl Default for SecurityDescriptor {
101    fn default() -> Self {
102        Self::new()
103    }
104}