Skip to content

Remove redundant local assignment in AclCommands #14358

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rjmholt merged 4 commits into from
Dec 10, 2020
Merged

Remove redundant local assignment in AclCommands #14358

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ba6abe6
Remove useless assignment to locals
xtqqczze Dec 9, 2020
16f46e2
Move declaration near reference
xtqqczze Dec 9, 2020
00ed5d0
More move declration near reference
xtqqczze Dec 9, 2020
efe86c4
Remove more unnecessary assignment
xtqqczze Dec 9, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
68 changes: 25 additions & 43 deletions src/Microsoft.PowerShell.Security/security/AclCommands.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -292,20 +292,17 @@ public static AuthorizationRuleCollection GetAccess(PSObject instance)
}

// Get DACL
AuthorizationRuleCollection dacl;
CommonObjectSecurity cos = sd as CommonObjectSecurity;
if (cos != null)
{
dacl = cos.GetAccessRules(true, true, typeof(NTAccount));
return cos.GetAccessRules(true, true, typeof(NTAccount));
}
else
{
DirectoryObjectSecurity dos = sd as DirectoryObjectSecurity;
Dbg.Diagnostics.Assert(dos != null, "Acl should be of type CommonObjectSecurity or DirectoryObjectSecurity");
dacl = dos.GetAccessRules(true, true, typeof(NTAccount));
return dos.GetAccessRules(true, true, typeof(NTAccount));
}

return dacl;
}

/// <summary>
Expand All @@ -330,20 +327,17 @@ public static AuthorizationRuleCollection GetAudit(PSObject instance)
PSTraceSource.NewArgumentException(nameof(instance));
}

AuthorizationRuleCollection sacl;
CommonObjectSecurity cos = sd as CommonObjectSecurity;
if (cos != null)
{
sacl = cos.GetAuditRules(true, true, typeof(NTAccount));
return cos.GetAuditRules(true, true, typeof(NTAccount));
}
else
{
DirectoryObjectSecurity dos = sd as DirectoryObjectSecurity;
Dbg.Diagnostics.Assert(dos != null, "Acl should be of type CommonObjectSecurity or DirectoryObjectSecurity");
sacl = dos.GetAuditRules(true, true, typeof(NTAccount));
return dos.GetAuditRules(true, true, typeof(NTAccount));
}

return sacl;
}

/// <summary>
Expand All @@ -360,8 +354,7 @@ public static SecurityIdentifier GetCentralAccessPolicyId(PSObject instance)
SessionState sessionState = new SessionState();
string path = sessionState.Path.GetUnresolvedProviderPathFromPSPath(
GetPath(instance));
IntPtr pOwner = IntPtr.Zero, pGroup = IntPtr.Zero;
IntPtr pDacl = IntPtr.Zero, pSacl = IntPtr.Zero, pSd = IntPtr.Zero;
IntPtr pSd = IntPtr.Zero;

try
{
Expand All @@ -370,10 +363,10 @@ public static SecurityIdentifier GetCentralAccessPolicyId(PSObject instance)
path,
NativeMethods.SeObjectType.SE_FILE_OBJECT,
NativeMethods.SecurityInformation.SCOPE_SECURITY_INFORMATION,
out pOwner,
out pGroup,
out pDacl,
out pSacl,
out IntPtr pOwner,
out IntPtr pGroup,
out IntPtr pDacl,
out IntPtr pSacl,
out pSd);
if (rs != NativeMethods.ERROR_SUCCESS)
{
Expand All @@ -385,8 +378,7 @@ public static SecurityIdentifier GetCentralAccessPolicyId(PSObject instance)
return null;
}

NativeMethods.ACL sacl = new NativeMethods.ACL();
sacl = Marshal.PtrToStructure<NativeMethods.ACL>(pSacl);
NativeMethods.ACL sacl = Marshal.PtrToStructure<NativeMethods.ACL>(pSacl);
if (sacl.AceCount == 0)
{
return null;
Expand All @@ -396,8 +388,7 @@ public static SecurityIdentifier GetCentralAccessPolicyId(PSObject instance)
IntPtr pAce = pSacl + Marshal.SizeOf(new NativeMethods.ACL());
for (ushort aceIdx = 0; aceIdx < sacl.AceCount; aceIdx++)
{
NativeMethods.ACE_HEADER ace = new NativeMethods.ACE_HEADER();
ace = Marshal.PtrToStructure<NativeMethods.ACE_HEADER>(pAce);
NativeMethods.ACE_HEADER ace = Marshal.PtrToStructure<NativeMethods.ACE_HEADER>(pAce);
Dbg.Diagnostics.Assert(ace.AceType ==
NativeMethods.SYSTEM_SCOPED_POLICY_ID_ACE_TYPE,
"Unexpected ACE type: " + ace.AceType.ToString(CultureInfo.CurrentCulture));
Expand Down Expand Up @@ -458,12 +449,11 @@ public static string GetCentralAccessPolicyName(PSObject instance)
Marshal.Copy(capIdArray, 0, pCapId, capIdSize);
IntPtr[] ppCapId = new IntPtr[1];
ppCapId[0] = pCapId;
uint capCount = 0;
uint rs = NativeMethods.LsaQueryCAPs(
ppCapId,
1,
out caps,
out capCount);
out uint capCount);
if (rs != NativeMethods.STATUS_SUCCESS)
{
throw new Win32Exception((int)rs);
Expand All @@ -475,8 +465,7 @@ public static string GetCentralAccessPolicyName(PSObject instance)
}

// Get the CAP name.
NativeMethods.CENTRAL_ACCESS_POLICY cap = new NativeMethods.CENTRAL_ACCESS_POLICY();
cap = Marshal.PtrToStructure<NativeMethods.CENTRAL_ACCESS_POLICY>(caps);
NativeMethods.CENTRAL_ACCESS_POLICY cap = Marshal.PtrToStructure<NativeMethods.CENTRAL_ACCESS_POLICY>(caps);
// LSA_UNICODE_STRING is composed of WCHARs, but its length is given in bytes.
return Marshal.PtrToStringUni(cap.Name.Buffer, cap.Name.Length / 2);
}
Expand Down Expand Up @@ -508,12 +497,11 @@ public static string[] GetAllCentralAccessPolicies(PSObject instance)
try
{
// Retrieve all CAPs.
uint capCount = 0;
uint rs = NativeMethods.LsaQueryCAPs(
null,
0,
out caps,
out capCount);
out uint capCount);
if (rs != NativeMethods.STATUS_SUCCESS)
{
throw new Win32Exception((int)rs);
Expand All @@ -528,14 +516,13 @@ public static string[] GetAllCentralAccessPolicies(PSObject instance)

// Add CAP names and IDs to a string array.
string[] policies = new string[capCount];
NativeMethods.CENTRAL_ACCESS_POLICY cap = new NativeMethods.CENTRAL_ACCESS_POLICY();
IntPtr capPtr = caps;
for (uint capIdx = 0; capIdx < capCount; capIdx++)
{
// Retrieve CAP name.
Dbg.Diagnostics.Assert(capPtr != IntPtr.Zero,
"Invalid central access policies array");
cap = Marshal.PtrToStructure<NativeMethods.CENTRAL_ACCESS_POLICY>(capPtr);
NativeMethods.CENTRAL_ACCESS_POLICY cap = Marshal.PtrToStructure<NativeMethods.CENTRAL_ACCESS_POLICY>(capPtr);
// LSA_UNICODE_STRING is composed of WCHARs, but its length is given in bytes.
policies[capIdx] = "\"" + Marshal.PtrToStringUni(
cap.Name.Buffer,
Expand Down Expand Up @@ -653,7 +640,7 @@ public string[] Path
}
}

private PSObject _inputObject = null;
private PSObject _inputObject;

/// <summary>
/// InputObject Parameter
Expand Down Expand Up @@ -695,7 +682,7 @@ public string[] LiteralPath
}
}

private bool _isLiteralPath = false;
private bool _isLiteralPath;

/// <summary>
/// Gets or sets the audit flag of the command. This flag
Expand Down Expand Up @@ -758,7 +745,6 @@ public SwitchParameter AllCentralAccessPolicies
/// </summary>
protected override void ProcessRecord()
{
Collection<PSObject> sd = null;
AccessControlSections sections =
AccessControlSections.Owner |
AccessControlSections.Group |
Expand Down Expand Up @@ -855,7 +841,7 @@ protected override void ProcessRecord()

InvokeProvider.SecurityDescriptor.Get(rp, sections, context);

sd = context.GetAccumulatedObjects();
Collection<PSObject> sd = context.GetAccumulatedObjects();
if (sd != null)
{
AddBrokeredProperties(
Expand Down Expand Up @@ -921,7 +907,7 @@ public string[] Path
}
}

private PSObject _inputObject = null;
private PSObject _inputObject;

/// <summary>
/// InputObject Parameter
Expand Down Expand Up @@ -962,7 +948,7 @@ public string[] LiteralPath
}
}

private bool _isLiteralPath = false;
private bool _isLiteralPath;

private object _securityDescriptor;

Expand Down Expand Up @@ -1125,12 +1111,11 @@ private IntPtr GetSaclWithCapId(string capStr)
// be deallocated separately (but with the entire buffer
// returned by LsaQueryCAPs).
freeCapId = false;
uint capCount = 0;
rs = NativeMethods.LsaQueryCAPs(
null,
0,
out caps,
out capCount);
out uint capCount);
if (rs != NativeMethods.STATUS_SUCCESS)
{
throw new Win32Exception((int)rs);
Expand All @@ -1144,13 +1129,12 @@ private IntPtr GetSaclWithCapId(string capStr)
}

// Find the supplied string among available CAP names, use the corresponding CAPID.
NativeMethods.CENTRAL_ACCESS_POLICY cap = new NativeMethods.CENTRAL_ACCESS_POLICY();
IntPtr capPtr = caps;
for (uint capIdx = 0; capIdx < capCount; capIdx++)
{
Dbg.Diagnostics.Assert(capPtr != IntPtr.Zero,
"Invalid central access policies array");
cap = Marshal.PtrToStructure<NativeMethods.CENTRAL_ACCESS_POLICY>(capPtr);
NativeMethods.CENTRAL_ACCESS_POLICY cap = Marshal.PtrToStructure<NativeMethods.CENTRAL_ACCESS_POLICY>(capPtr);
// LSA_UNICODE_STRING is composed of WCHARs, but its length is given in bytes.
string capName = Marshal.PtrToStringUni(
cap.Name.Buffer,
Expand Down Expand Up @@ -1334,14 +1318,13 @@ protected override void ProcessRecord()

if (methodInfo != null)
{
CommonSecurityDescriptor aclCommonSD = _securityDescriptor as CommonSecurityDescriptor;
string sddl;

if (aclObjectSecurity != null)
{
sddl = aclObjectSecurity.GetSecurityDescriptorSddlForm(AccessControlSections.All);
}
else if (aclCommonSD != null)
else if (_securityDescriptor is CommonSecurityDescriptor aclCommonSD)
{
sddl = aclCommonSD.GetSddlForm(AccessControlSections.All);
}
Expand Down Expand Up @@ -1476,9 +1459,8 @@ protected override void ProcessRecord()
context.PassThru = Passthru;
if (_isLiteralPath)
{
ProviderInfo Provider = null;
PSDriveInfo Drive = null;
string pathStr = SessionState.Path.GetUnresolvedProviderPathFromPSPath(p, out Provider, out Drive);
string pathStr = SessionState.Path.GetUnresolvedProviderPathFromPSPath(
p, out ProviderInfo Provider, out PSDriveInfo Drive);
pathsToProcess.Add(new PathInfo(Drive, Provider, pathStr, SessionState));
context.SuppressWildcardExpansion = true;
}
Expand Down