Struct windows_permissions::Acl[][src]

#[repr(C)]
pub struct Acl { /* fields omitted */ }
Expand description

An entry in an access control list (ACL).

Implementations

Determine what rights the given Trustee has under this ACL

use windows_permissions::{LocalBox, Trustee, Sid, SecurityDescriptor};
use windows_permissions::constants::AccessRights;

// Allow a particular user FA (File All) and give all users FR (File Read)
let sd = "D:(A;;FA;;;S-1-5-20-12345)(A;;FR;;;WD)"
    .parse::<LocalBox<SecurityDescriptor>>().unwrap();
let acl = sd.dacl().unwrap();

let sid1: LocalBox<Sid> = "S-1-5-20-12345".parse().unwrap();
let sid2: LocalBox<Sid> = "WD".parse().unwrap();

let trustee1: Trustee = sid1.as_ref().into();
let trustee2: Trustee = sid2.as_ref().into();

assert_eq!(acl.effective_rights(&trustee1).unwrap(), AccessRights::FileAllAccess);
assert_eq!(acl.effective_rights(&trustee2).unwrap(), AccessRights::FileGenericRead);

Determine the number of ACEs in this ACL

use windows_permissions::{LocalBox, SecurityDescriptor};

let sd = "D:(A;;GA;;;S-1-5-20-12345)(A;;GR;;;WD)"
    .parse::<LocalBox<SecurityDescriptor>>().unwrap();

assert_eq!(sd.dacl().unwrap().len(), 2);

Get an ACE by index

Returns None if there are too few ACEs to satisfy the request.

use windows_permissions::{LocalBox, Sid, SecurityDescriptor};
use windows_permissions::constants::{AceType::*, AccessRights};

let sd = "D:(A;;GA;;;S-1-5-20-12345)(A;;GR;;;WD)"
    .parse::<LocalBox<SecurityDescriptor>>().unwrap();
let acl = sd.dacl().unwrap();

let sid1: LocalBox<Sid> = "S-1-5-20-12345".parse().unwrap();
let sid2: LocalBox<Sid> = "WD".parse().unwrap();

assert_eq!(acl.get_ace(0).unwrap().ace_type(), ACCESS_ALLOWED_ACE_TYPE);
assert_eq!(acl.get_ace(0).unwrap().mask(), AccessRights::GenericAll);
assert_eq!(acl.get_ace(0).unwrap().sid(), Some(&*sid1));

assert_eq!(acl.get_ace(1).unwrap().ace_type(), ACCESS_ALLOWED_ACE_TYPE);
assert_eq!(acl.get_ace(1).unwrap().mask(), AccessRights::GenericRead);
assert_eq!(acl.get_ace(1).unwrap().sid(), Some(&*sid2));

assert!(acl.get_ace(2).is_none());

Get the ACL’s revision level

use windows_permissions::{LocalBox, SecurityDescriptor, Acl};
use windows_permissions::constants::AclRevision::*;

let simple_acl_sd: LocalBox<SecurityDescriptor> = "D:(A;;;;;WD)".parse().unwrap();
let complex_acl_sd: LocalBox<SecurityDescriptor> = "D:(OA;;;294be2fb-d1ca-4aa2-aa06-ab98a8b5556d;;WD)".parse().unwrap();

assert_eq!(simple_acl_sd.dacl().unwrap().revision_level(), ACL_REVISION);
assert_eq!(complex_acl_sd.dacl().unwrap().revision_level(), ACL_REVISION_DS);

Trait Implementations

Formats the value using the given formatter. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Performs the conversion.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.