Struct windows_permissions::Acl [−][src]
#[repr(C)]pub struct Acl { /* fields omitted */ }
Expand description
An entry in an access control list (ACL).
Implementations
Determine what rights the given Trustee
has under this ACL
use windows_permissions::{LocalBox, Trustee, Sid, SecurityDescriptor}; use windows_permissions::constants::AccessRights; // Allow a particular user FA (File All) and give all users FR (File Read) let sd = "D:(A;;FA;;;S-1-5-20-12345)(A;;FR;;;WD)" .parse::<LocalBox<SecurityDescriptor>>().unwrap(); let acl = sd.dacl().unwrap(); let sid1: LocalBox<Sid> = "S-1-5-20-12345".parse().unwrap(); let sid2: LocalBox<Sid> = "WD".parse().unwrap(); let trustee1: Trustee = sid1.as_ref().into(); let trustee2: Trustee = sid2.as_ref().into(); assert_eq!(acl.effective_rights(&trustee1).unwrap(), AccessRights::FileAllAccess); assert_eq!(acl.effective_rights(&trustee2).unwrap(), AccessRights::FileGenericRead);
Determine the number of ACEs in this ACL
use windows_permissions::{LocalBox, SecurityDescriptor}; let sd = "D:(A;;GA;;;S-1-5-20-12345)(A;;GR;;;WD)" .parse::<LocalBox<SecurityDescriptor>>().unwrap(); assert_eq!(sd.dacl().unwrap().len(), 2);
Get an ACE by index
Returns None
if there are too few ACEs to satisfy the request.
use windows_permissions::{LocalBox, Sid, SecurityDescriptor}; use windows_permissions::constants::{AceType::*, AccessRights}; let sd = "D:(A;;GA;;;S-1-5-20-12345)(A;;GR;;;WD)" .parse::<LocalBox<SecurityDescriptor>>().unwrap(); let acl = sd.dacl().unwrap(); let sid1: LocalBox<Sid> = "S-1-5-20-12345".parse().unwrap(); let sid2: LocalBox<Sid> = "WD".parse().unwrap(); assert_eq!(acl.get_ace(0).unwrap().ace_type(), ACCESS_ALLOWED_ACE_TYPE); assert_eq!(acl.get_ace(0).unwrap().mask(), AccessRights::GenericAll); assert_eq!(acl.get_ace(0).unwrap().sid(), Some(&*sid1)); assert_eq!(acl.get_ace(1).unwrap().ace_type(), ACCESS_ALLOWED_ACE_TYPE); assert_eq!(acl.get_ace(1).unwrap().mask(), AccessRights::GenericRead); assert_eq!(acl.get_ace(1).unwrap().sid(), Some(&*sid2)); assert!(acl.get_ace(2).is_none());
Get the ACL’s revision level
use windows_permissions::{LocalBox, SecurityDescriptor, Acl}; use windows_permissions::constants::AclRevision::*; let simple_acl_sd: LocalBox<SecurityDescriptor> = "D:(A;;;;;WD)".parse().unwrap(); let complex_acl_sd: LocalBox<SecurityDescriptor> = "D:(OA;;;294be2fb-d1ca-4aa2-aa06-ab98a8b5556d;;WD)".parse().unwrap(); assert_eq!(simple_acl_sd.dacl().unwrap().revision_level(), ACL_REVISION); assert_eq!(complex_acl_sd.dacl().unwrap().revision_level(), ACL_REVISION_DS);
Trait Implementations
Auto Trait Implementations
impl RefUnwindSafe for Acl
impl UnwindSafe for Acl