Code Quality: Introduced IStorageSecurityService #15760
Conversation
0x5bfa
force-pushed
the
5bfa/CQ-VanaraRemoval1
branch
from
a1ccc18 to
3946f99
Compare
0x5bfa
force-pushed
the
5bfa/CQ-VanaraRemoval1
branch
from
44fdcd8 to
35161ce
Compare
0x5bfa
changed the title
0x5bfa
added
needs - code review
needs - testing
|
Compared to 3.5.4, I found
|
This comment was marked as resolved.
This comment was marked as resolved.
0x5bfa
removed
the
needs - testing
0x5bfa
force-pushed
the
5bfa/CQ-VanaraRemoval1
branch
from
5c255eb to
b159fe4
Compare
|
@Josh65-2201 I fixed everything. Would you mind check on your end as well? |
|
I found that it won't save my other local user when added but does add system principles (Administrator and system) but makes them separate entries for the folder I'm applying to and one for subfolders/files. File explorer will include them as one entry. |
|
You can't add an entry via their name such as '0x5bfa' or 'Josh'? It's weird though I tested. I'm not sure I get what you meant but merging isn't available for now because it requires additional implementation (this lower layer's Windows API doesn't provide such rich features...) If you can add/remove an entry and change owner without crash and weird behavior (and try them when you have insufficient permission such as 'Program Files/WindowsApps'), it's enough for this PR. |
|
I'm using the security principles find now menu to try add a local account but it doesn't save it after clicking save and reopening the properties windows. This works on 3.5.6 As for the duplicate entries I found preview only add permission targeting the folder I have selected where now it's adding an entry for sub folders/files too. File Explorer set them all in the same permission but I'd say it fine for now as it better then 3.5.6. Add/removing entries and changing ownership work with no crash or other things. |
Before: After: Thank you for the testing, it've helped me a lot! |
|
@Josh65-2201 is your testing complete? |
|
They found an issue with adding a new entry via user logon names. I’ll check later but everything else should be fine now. |
|
All done. |
|
@Josh65-2201 is it fine for you to review again? |
|
Thank you guys! As a side note for the future reference, I maybe should've used 'Get(Set)SecurityInfo' (File Explorer's dialog ACLUI.dll uses it iirc) but and 'Get(Set)NamedSeucurityInfo' doesn't require a handle of the specified file, which means this function would fail when access denied (not having READ_CONTROL), while CreateFileW to get a handle would fail before GetSecurityInfo. |
|
Is it something different from the stable build? |
|
It always showing as read and execute for me in Preview and this branch |
Please open that entry in File Explorer's dialog and expand permissions list for advanced ones to be shown and send a screenshot of it. |
|
I added Administrator. (Sorry for Japanese) The second time I open Advanced permissions, it says Special. |
|
I mean this window. Make sure to click ‘Show advanced permissions’.
|
|
Here it is. |
|
😩 so this is basically I didn’t include SYNCHRONIZE access mask (?) |
|
@hishitetsu when you have time could you try to change this magic code to 0x20000000 | 0x80000000 /* GENERIC_EXECUTE and GENERIC_READ */These generic access masks covers SYNCHRONIZE access mask. (for me)
|
It works for me! |
yaira2
added
ready to merge
Summary
Resolved / Related Issues
Steps used to test these changes