如何使用 API 从 VisualBasic 访问高级控件
2006-12-05 14:28
411 查看
如何使用 API 从 VisualBasic 访问高级控件
察看本文应用于的产品function loadTOCNode(){}
注意:这篇文章是由无人工介入的自动的机器翻译系统翻译完成。这些文章是微软为不懂英语的用户提供的, 以使他们能够理解这些文章的内容。微软不保证机器翻译的正确度,也不对由于内容的误译或者客户对它的使用所引起的任何直接的, 或间接的可能的问题负责。
文章编号 | : | 295004 |
最后修改 | : | 2006年11月21日 |
修订 | : | 4.1 |
概要
loadTOCNode(1, 'summary');Win32API 提供两个 API 用于与安全描述符 (SDs) 处理和访问控制列表 (ACL)。 用于处理 SDs 和 ACL 以及高级访问控制低级 API 集提供接口。 高级访问控制 API 用于 Microsoft Windows 2000 和 WindowsXP, MIcrosoft 已得到增强以支持特定对象的访问控制项 (ACE)、 目录服务 (DS) 对象和自动继承。 本文提供示例代码使用高级访问控制 API 来修改一个现有自由访问控制列表 (DACL) 文件夹安全对象上。
更多信息
loadTOCNode(1, 'moreinformation');以下 Visual Basic 示例代码使用 GetNamedSecurityInfo() API 来检索现有 DACL 的目标 C:/Test1 文件夹。 通过 BuildExplicitAccessWithName() API 然后, 它建立对 所有人 具有 GENERIC _ READ 访问托管 EXPLICIT_ACCESS 结构。 在本示例, 与 CONTAINER_INHERIT_ACE 或 OBJECT_INHERIT_ACE, 如高效 ACE 对 C:/Test1 文件夹和用于子文件夹以及文件继承 ACE 应用继承构造 ACE。
SetEntriesInAcl() API 通过合并插入现有 ACL EXPLICIT_ACCESS 结构中指定新访问控制信息创建新访问控制列表 (ACL) 并返回新更新 DACL 内存中。 此更新 DACL 然后用于通过 SetNamedSecurityInfo() API C:/Test1 文件夹上设置安全性。
Option Explicit
' Success status of high level access control APIs
Private Const ERROR_SUCCESS = 0&
' Type of Securable Object we are operating in this sample code
Private Const SE_FILE_OBJECT = 1&
' The Security Information constants required
Private Const DACL_SECURITY_INFORMATION = 4&
Private Const SET_ACCESS = 2&
' Standard access rights extracted from WinNT.h
Private Const SYNCHRONIZE = &H100000
Private Const READ_CONTROL = &H20000
Private Const WRITE_DAC = &H40000
Private Const WRITE_OWNER = &H80000
Private Const STANDARD_RIGHTS_READ = (READ_CONTROL)
Private Const STANDARD_RIGHTS_WRITE = (READ_CONTROL)
Private Const DELETE = &H10000
' Generic access rights extracted from WinNT.h
Private Const GENERIC_ALL = &H10000000
Private Const GENERIC_EXECUTE = &H20000000
Private Const GENERIC_READ = &H80000000
Private Const GENERIC_WRITE = &H40000000
' Inheritance Flags
Private Const CONTAINER_INHERIT_ACE = &H2
Private Const OBJECT_INHERIT_ACE = &H1
' The TRUSTEE structure identifies the user account, group account, or logon session
' to which an ACE applies. The structure can use a name or a security identifier (SID)
' to identify the trustee.
' Access control APIs, such as SetEntriesInAcl and GetExplicitEntriesFromAcl, use this
' structure to identify the account associated with the access-control or audit-control
' information in an EXPLICIT_ACCESS structure.
Private Type TRUSTEE
pMultipleTrustee As Long
MultipleTrusteeOperation As Long
TrusteeForm As Long
TrusteeType As Long
ptstrName As String
End Type
' EXPLICIT_ACCESS structure that specifies access-control information for a specified
' trustee such as access mask as well as inheritance flags
Private Type EXPLICIT_ACCESS
grfAccessPermissions As Long
grfAccessMode As Long
grfInheritance As Long
pTRUSTEE As TRUSTEE
End Type
' High Level access control API declarations
Private Declare Sub BuildExplicitAccessWithName Lib "Advapi32.dll" Alias _
"BuildExplicitAccessWithNameA" _
(ea As Any, _
ByVal TrusteeName As String, _
ByVal AccessPermissions As Long, _
ByVal AccessMode As Integer, _
ByVal Inheritance As Long)
Private Declare Function SetEntriesInAcl Lib "Advapi32.dll" Alias _
"SetEntriesInAclA" _
(ByVal CountofExplicitEntries As Long, _
ea As Any, _
ByVal OldAcl As Long, _
NewAcl As Long) As Long
Private Declare Function GetNamedSecurityInfo Lib "Advapi32.dll" Alias _
"GetNamedSecurityInfoA" _
(ByVal ObjName As String, _
ByVal SE_OBJECT_TYPE As Long, _
ByVal SecInfo As Long, _
ByVal pSid As Long, _
ByVal pSidGroup As Long, _
pDacl As Long, _
ByVal pSacl As Long, _
pSecurityDescriptor As Long) As Long
Private Declare Function SetNamedSecurityInfo Lib "Advapi32.dll" Alias _
"SetNamedSecurityInfoA" _
(ByVal ObjName As String, _
ByVal SE_OBJECT As Long, _
ByVal SecInfo As Long, _
ByVal pSid As Long, _
ByVal pSidGroup As Long, _
ByVal pDacl As Long, _
ByVal pSacl As Long) As Long
Private Declare Function LocalFree Lib "kernel32" (ByVal hMem As Long) As Long
Private Sub Command1_Click()
Dim result As Long
Dim pSecDesc As Long
Dim ea As EXPLICIT_ACCESS
Dim pNewDACL As Long
Dim pOldDACL As Long
' Get the DACL information of c:/test1 folder using GetNamedSecurityInfo() API.
' SE_FILE_OBJECT constant says that the named securable object is a file or folder
result = GetNamedSecurityInfo("c:/test1", SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, 0&, 0&, pOldDACL, 0&, pSecDesc)
If result = ERROR_SUCCESS Then
' Construct an EXPLICIT_ACCESS structure for Everyone with GENERIC_READ access that will apply for c:/test1
' as well as subfolder and files using BuildExplicitAccessWithName() API
BuildExplicitAccessWithName ea, "Users", GENERIC_READ, SET_ACCESS, CONTAINER_INHERIT_ACE Or OBJECT_INHERIT_ACE
' Merge constructed EXPLICIT_ACCESS structure to the existing DACL and get an updated DACL in memory from
' SetEntriesInAcl() API
result = SetEntriesInAcl(1, ea, pOldDACL, pNewDACL)
If result = ERROR_SUCCESS Then
MsgBox "SetEntriesInAcl succeeded"
' Call SetNamedSecurityInfo() API with the updated DACL in memory to change the DACL of c:/test1 folder
result = SetNamedSecurityInfo("c:/test1", SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, 0&, 0&, pNewDACL, 0&)
If result = ERROR_SUCCESS Then
MsgBox "SetNamedSecurityInfo succeeded"
Else
MsgBox "SetNamedSecurityInfo failed with error code : " & result
End If
' Free the memory allocated for the new DACL by the SetEntriesInAcl() API, using LocalFree() API
LocalFree pNewDACL
Else
MsgBox "SetEntriesInAcl failed with error code : " & result
End If
' Free the memory allocated for the security descriptor by the GetNamedSecurityInfo() API, using LocalFree() API
LocalFree pSecDesc
Else
MsgBox "GetNamedSecurityInfo failed with error code : " & result
End If
End Sub
http://support.microsoft.com/default.aspx?scid=kb%3Bzh-cn%3B295004
相关文章推荐
- C++Builder下如何使用UniDAC控件访问ORACLE数据库
- 如何在使用了TemplateField的GridView控件中访问Cell值?
- 译:如何使用win32 api中的edit控件
- C#.NET常见问题(FAQ)-如何使用变量访问控件属性
- C#.NET常见问题(FAQ)-如何使用变量访问控件属性
- 如何使用Fiddler实现跨域访问(把自己做的静态HTML页面域名变成api.bing.com)
- ASP.NET - 如何:使用 ASP.NET Login 控件的高级功能
- 如何使用okhttp访问百度三方API-频道新闻API_易源
- 如何使用Fiddler实现跨域访问(把自己做的静态HTML页面域名变成api.bing.com)
- c# winform下使用多线程时在线程里如何安全访问窗体控件InvokeRequired
- 如何创建Qt Plugins (插件)之 使用高级api
- 如何:使用 ASP.NET Login 控件的高级功能
- java高级编程学习如何使用打印服务 API
- lwuit中如何直接使用高级ui控件?
- 如何使用 Windows Phone 的控件倾斜效果
- 如何使用 RBAC 组件实现访问控制
- 如何使用Repeater控件的模板
- JSP页面如何访问标签中定义的变量-使用实现
- 如何使用TdsSideBar控件得到XP风格的GROUP,2000风格的ITEM
- 如何让更多用户使用远程桌面访问您的服务器