mirror of
https://github.com/DNSCrypt/dnscrypt-proxy.git
synced 2024-12-29 00:30:30 +01:00
4324a09fc9
To simulate failures opening a cache file, fixtures are written without the read permission bits. Since Unix permission bits have no meaning on Windows, a slightly more complicated solution is required to achieve the same permissions. Thankfully, there's a library to abstract that already.
63 lines
1.8 KiB
Go
63 lines
1.8 KiB
Go
//+build windows
|
|
|
|
package acl
|
|
|
|
import (
|
|
"github.com/hectane/go-acl/api"
|
|
"golang.org/x/sys/windows"
|
|
|
|
"unsafe"
|
|
)
|
|
|
|
// Create an ExplicitAccess instance granting permissions to the provided SID.
|
|
func GrantSid(accessPermissions uint32, sid *windows.SID) api.ExplicitAccess {
|
|
return api.ExplicitAccess{
|
|
AccessPermissions: accessPermissions,
|
|
AccessMode: api.GRANT_ACCESS,
|
|
Inheritance: api.SUB_CONTAINERS_AND_OBJECTS_INHERIT,
|
|
Trustee: api.Trustee{
|
|
TrusteeForm: api.TRUSTEE_IS_SID,
|
|
Name: (*uint16)(unsafe.Pointer(sid)),
|
|
},
|
|
}
|
|
}
|
|
|
|
// Create an ExplicitAccess instance granting permissions to the provided name.
|
|
func GrantName(accessPermissions uint32, name string) api.ExplicitAccess {
|
|
return api.ExplicitAccess{
|
|
AccessPermissions: accessPermissions,
|
|
AccessMode: api.GRANT_ACCESS,
|
|
Inheritance: api.SUB_CONTAINERS_AND_OBJECTS_INHERIT,
|
|
Trustee: api.Trustee{
|
|
TrusteeForm: api.TRUSTEE_IS_NAME,
|
|
Name: windows.StringToUTF16Ptr(name),
|
|
},
|
|
}
|
|
}
|
|
|
|
// Create an ExplicitAccess instance denying permissions to the provided SID.
|
|
func DenySid(accessPermissions uint32, sid *windows.SID) api.ExplicitAccess {
|
|
return api.ExplicitAccess{
|
|
AccessPermissions: accessPermissions,
|
|
AccessMode: api.DENY_ACCESS,
|
|
Inheritance: api.SUB_CONTAINERS_AND_OBJECTS_INHERIT,
|
|
Trustee: api.Trustee{
|
|
TrusteeForm: api.TRUSTEE_IS_SID,
|
|
Name: (*uint16)(unsafe.Pointer(sid)),
|
|
},
|
|
}
|
|
}
|
|
|
|
// Create an ExplicitAccess instance denying permissions to the provided name.
|
|
func DenyName(accessPermissions uint32, name string) api.ExplicitAccess {
|
|
return api.ExplicitAccess{
|
|
AccessPermissions: accessPermissions,
|
|
AccessMode: api.DENY_ACCESS,
|
|
Inheritance: api.SUB_CONTAINERS_AND_OBJECTS_INHERIT,
|
|
Trustee: api.Trustee{
|
|
TrusteeForm: api.TRUSTEE_IS_NAME,
|
|
Name: windows.StringToUTF16Ptr(name),
|
|
},
|
|
}
|
|
}
|