FX::FXACLEntity

FX::FXACLEntity Class Reference
[Writing secure code]

#include <FXACL.h>

List of all members.

Detailed Description

Something which can be permitted or denied to do something within this operating system.

As under most operating systems this is no more than a container for a very long integer, most of these operations are fast. The exceptions is lookupUser() as well as the asString() method which may need to query a remote machine.

Someday the functionality to obtain a list of all entities on a local or remote machine may be added.

Warning:
I've made this mistake myself, so I'll warn of it here - when browsing FXACL's, you must check each to see if it is owner() and if it is then you must indirect to the item's owner. Failing to do this causes different (usually breaking) behaviour on Windows and POSIX, but also is subtly broken on Windows where owner() appears if it's in the ACL instead of the owner id itself (this is rare post-NT4 as inheritability causes the dereferencing long before you usually see it).
Note:
User accounts on NT can belong to many groups and there is no primary one. However, NTFS does maintain a primary group as well as user and so where possible, FXACLEntity's static methods try to find a suitable primary group. Where this isn't possible, CREATOR_GROUP is used.
See also:
FX::FXACL

Public Member Functions

 FXACLEntity (const FXACLEntity &o)
FXACLEntityoperator= (const FXACLEntity &o)
bool operator== (const FXACLEntity &o) const
bool operator!= (const FXACLEntity &o) const
bool isGroup () const
FXACLEntity group () const
FXString asString (bool withId=true, bool withMachine=true) const
bool isLoginPassword (const FXchar *password) const
FXString homeDirectory (bool filesdir=false) const

Static Public Member Functions

static const FXACLEntitycurrentUser ()
static const FXACLEntityeverything ()
static const FXACLEntityroot ()
static const FXACLEntityowner ()
static FXACLEntity lookupUser (const FXString &username, const FXString &machine=FXString::nullStr())

Friends

class FXACL
struct FXACLPrivate

Member Function Documentation

bool FX::FXACLEntity::isGroup (  )  const

Returns true if this entity is a group.

FXACLEntity FX::FXACLEntity::group (  )  const

Returns the primary group this entity belongs to.

FXString FX::FXACLEntity::asString ( bool  withId = true,
bool  withMachine = true 
) const

Returns the entity as a string, localised to the system locale. If withId is true, appends the system-dependent underlying user id in curly brackets. If withMachine is true, on supported platforms this prepends the machine where the account lives - this is separated from the username with a / rather than a \

bool FX::FXACLEntity::isLoginPassword ( const FXchar *  password  )  const

Returns true if the specified password is the password to the entity's account. You should allocate the password in the secure heap. Due to implementation constraints on Windows, SSPI is used which requires the local machine to permit network logons. On POSIX, PAM is asked to perform the authentication - this requires root privileges to succeed (an exception is thrown if the calling process does not have them)

Note:
When successful, this entity becomes authenticated and can perform extra roles eg; on NT you can set it as owner of anything

FXString FX::FXACLEntity::homeDirectory ( bool  filesdir = false  )  const

Returns the home directory of the entity if it has one, if not a blank string is returned rather than an error. If filesdir is true, returns the path where the entity stores its files (this is the same as the home directory on POSIX, but on Windows it is "My Documents" in the system locale). Note that the entity must be authenticated before you can retrieve its home directory

static const FXACLEntity& FX::FXACLEntity::currentUser (  )  [static]

Returns an entity representing the current user (ie; the user who created this process) This entity is already authenticated, so you don't need to call isLoginPassword()

static const FXACLEntity& FX::FXACLEntity::everything (  )  [static]

Returns the special entity representing everything (ie; the public).

static const FXACLEntity& FX::FXACLEntity::root (  )  [static]

Returns the special entity representing the highest privileged user (eg; KATE\Administrator).

static const FXACLEntity& FX::FXACLEntity::owner (  )  [static]

Returns the special entity representing the owner of something.

static FXACLEntity FX::FXACLEntity::lookupUser ( const FXString username,
const FXString machine = FXString::nullStr() 
) [static]

Returns an entity representing the specified user on the specified machine. Note that on Windows, this may be a user on another machine

The documentation for this class was generated from the following file:
(C) 2002-2008 Niall Douglas. Some parts (C) to assorted authors.
Generated on Fri Jun 13 21:56:48 2008 for TnFOX by doxygen v1.5.6