delphi - 获取组权限的文件/文件夹列表
问题描述
在 Delphi 中,使用 WinAPI,我尝试获取对文件或文件夹具有权限的组列表,例如组列表:
我需要使用什么功能或记录来获取这些信息?
我尝试使用GetNamedSecurityInfoA但它失败了 - 函数返回 false 并且带有dacl的变量sidGrp仍然为零,但变量sc(安全描述符)已初始化。
procedure TForm1.Button2Click(Sender: TObject);
var
sciezka: array [0 .. 256] of ansiChar;
sidOwn: PSID;
sidGrp: PSID;
dacl: PACL;
sacl: PACL;
sc: PSECURITY_DESCRIPTOR;
success: DWORD;
access: EXPLICIT_ACCESS_A;
sid_id_auth: _SID_IDENTIFIER_AUTHORITY;
hToken: THandle;
TokenUserPoint: pTokenUser;
bufferSize: DWORD;
BufferSize2: DWORD;
ptgGroups: PTokenGroups;
psidAdmin: PSID;
x: Integer;
const
SECURITY_NT_AUTHORITY: TSidIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 5));
begin
Memo1.Lines.Clear();
ZeroMemory(@sciezka, Length(sciezka));
GetMem(ptgGroups, 1024);
bufferSize := 0;
System.AnsiStrings.StrLCopy(@sciezka, PAnsiChar(AnsiString(Edit1.Text)), Length(Edit1.Text));
// success := CheckFileAccess(string(sciezka), FILE_READ_DATA);
success := Cardinal(OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY OR TOKEN_READ, hToken));
success := Cardinal(GetTokenInformation(hToken, TokenUser, ptgGroups, 1024, bufferSize));
GetMem(TokenUserPoint, BYTE(bufferSize));
//FillChar(TokenUserPoint, bufferSize, 0);
//success := Cardinal(GetTokenInformation(hToken, TokenUser, TokenUserPoint, bufferSize, BufferSize2));
sidOwn := nil;
sidGrp := nil;
dacl := nil;
sacl := nil;
sc := nil;
sid_id_auth.Value[0] := 2;
sid_id_auth.Value[1] := 3;
sid_id_auth.Value[2] := 5;
sid_id_auth.Value[3] := 0;
sid_id_auth.Value[4] := 0;
sid_id_auth.Value[5] := 0;
success := Cardinal(AllocateAndInitializeSid(SECURITY_NT_AUTHORITY, 2, SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, psidAdmin));
{$R-}
{ for x := 0 to ptgGroups.GroupCount - 1 do
if EqualSid(psidAdmin, ptgGroups.Groups[x].Sid) then
begin
Memo1.Lines.Add('Jest administrator');
Break;
end; }
{$R+}
// success := GetFileSecurityA(sciezka, GROUP_SECURITY_INFORMATION, sc, );
success := GetNamedSecurityInfoA(sciezka,
SE_FILE_OBJECT,
OWNER_SECURITY_INFORMATION or GROUP_SECURITY_INFORMATION or DACL_SECURITY_INFORMATION,
nil,
sidGrp,
dacl,
nil,
sc
);
Memo1.Lines.Add('Funkcja zwróciła wartoć = ' + success.ToHexString());
if IsValidSid(sidOwn) then Memo1.Lines.Add('sidOwn - poprawne')
else Memo1.Lines.Add('sidOwn - niepoprawne');
if IsValidSid(sidGrp) then Memo1.Lines.Add('sidGrp - poprawne')
else Memo1.Lines.Add('sidGrp - niepoprawne');
if(sidOwn = nil) then
Memo1.Lines.Add('sidOwn is null');
if(sidGrp = nil) then
Memo1.Lines.Add('sidGrp is null');
end;
解决方案
正如@FredS 所说,参数使用指针的指针,您在这里声明:
sidGrp: PSID;
Dacl: PACL;
Sacl: PACL;
sidGrp := nil;
dacl := nil;
sacl := nil;
sc: PSECURITY_DESCRIPTOR;
success := GetNamedSecurityInfoA(sciezka,
SE_FILE_OBJECT,
OWNER_SECURITY_INFORMATION or GROUP_SECURITY_INFORMATION or DACL_SECURITY_INFORMATION,
nil,
sidGrp,
dacl,
nil,
sc
);
这等于:
success := GetNamedSecurityInfoA(sciezka,
SE_FILE_OBJECT,
OWNER_SECURITY_INFORMATION or GROUP_SECURITY_INFORMATION or DACL_SECURITY_INFORMATION,
nil,
nil,
nil,
nil,
nil
);
你会得到返回错误:87( ERROR_INVALID_PARAMETER) 根据函数文档:
success := GetNamedSecurityInfoA(sciezka,
SE_FILE_OBJECT,
OWNER_SECURITY_INFORMATION or GROUP_SECURITY_INFORMATION or DACL_SECURITY_INFORMATION,
nil,
@sidGrp,
@dacl,
nil,
sc
);
推荐阅读
- c++ - 具有管理员权限的 shellexecute 不会结束
- javascript - Woocommerce 实时计算:数量 x get_meta('_value') = 最终值
- python - 如何将自变量作为参数传递给 lmfit 最小化
- reactjs - 当超链接元素嵌套在列表项元素中时,无法通过 onClick 事件将值从列表项传递给函数
- javascript - 无法访问不同“类”中的 JavaScript 方法
- dotnetnuke - DNN 错误 - 一般异常 - AbsoluteURL
- symfony - Symfony ApiPlatform ApiTestCase 不工作
- c# - 编译期间的 Asp.net Web 应用程序错误
- python - 当我在python中使用ks测试时,为什么我的p值等于0而统计量等于1?
- r - Code equivalent to 'broom' icon in viewer pane of RStudio?