IAccessControl::IsAccessAllowed (Windows CE 5.0)
This method determines whether the given trustee has access rights to the object or property.
HRESULT IsAccessAllowed(PTRUSTEEWpTrustee,LPWSTRlpProperty,ACCESS_RIGHTSAccessRights,BOOL* pfAccessAllowed);
Parameters
- pTrustee
[in] Pointer to the trustee. - lpProperty
[in] Name of the property. If you are using the COM implementation of the IAccessControl interface, this parameter must be NULL. - AccessRights
[in] Access rights on the object. ACCESS_RIGHTS is defined as a ULONG. If you are using the COM implementation of IAccessControl, this value must be either zero or 1 (COM_RIGHTS_EXECUTE). - pfAccessAllowed
[out] Pointer to a BOOL variable that is set to TRUE if access is allowed; otherwise, it is set to FALSE.
Return Values
None.
Remarks
In the system-supplied implementation of IAccessControl (CLSID_DCOMAccessControl), IsAccessAllowed can be called only during a distributed COM call, and the only valid trustee name is the name of the client.
The following table lists the object-specific access permissions used with the Directory Service and storage implementation of IAccessControl.
Access permission | Object type | Description |
---|---|---|
ACTRL_DS_OPEN | Ds | Open of a DS object. |
ACTRL_DS_CREATE_CHILD | Ds | Creation of a child object. |
ACTRL_DS_DELETE_CHILD | Ds | Deletion of a child object. |
ACTRL_DS_LIST | Ds | Enumerate an object. |
ACTRL_DS_SELF | Ds | Member list updates involving the trustee. |
ACTRL_DS_READ_PROP | Ds | Read properties. |
ACTRL_DS_WRITE_PROP | Ds | Write properties. |
ACTRL_FILE-READ | File | Read from a file. |
ACTRL_FILE_WRITE | File | Write to a file. |
ACTRL_FILE_APPEND | File | Append to a file. |
ACTRL_FILE_READ_PROP | File | Read file properties or extended attributes. |
ACTRL_FILE_WRITE_PROP | File | Write file properties or extended attributes. |
ACTRL_FILE_EXECUTE | File | Execute the file. |
ACTRL_FILE_READ_ATTRIB | File | Read the file attributes. |
ACTRL_FILE_WRITE_ATTRIB | File | Write the file attributes. |
ACTRL_DIR_LIST | Directory | List the contents of a directory. |
ACTRL_DIR_CREATE_OBJECT | Directory | Create a child object (file) in a directory. |
ACTRL_DIR_CREATE_CHILD | Directory | Create a subdirectory. |
ACTRL_DIR_DELETE_CHILD | Directory | Delete a subdirectory. |
ACTRL_DIR_TRAVERSE | Directory | Traverse through the directory. |
ACTRL_KERNEL_KILL | Kernel | Terminate a kernel item (process or thread). |
ACTRL_KERNEL_THREAD | Kernel | Allow for the creation of a thread. |
ACTRL_KERNEL_VM | Kernel | Allow for address space operations. |
ACTRL_KERNEL_VM_READ | Kernel | Read memory. |
ACTRL_KERNEL_VM_WRITE | Kernel | Write memory. |
ACTRL_KERNEL_DUP_HANDLE | Kernel | Duplicate a handle. |
ACTRL_KERNEL_PROCESS | Kernel | Create a process. |
ACTRL_KERNEL_SET_INFO | Kernel | Get kernel object information/state. |
ACTRL_KERNEL_GET_INFO | Kernel | Set kernel object information/state. |
ACTRL_KERNEL_CONTROL | Kernel | Allow for the control of a kernel object (such as suspending a thread). |
ACTRL_KERNEL_ALERT | Kernel | Set kernel alert. |
ACTRL_KERNEL_GET_CONTEXT | Kernel | Get the threads context. |
ACTRL_KERNEL_SET_CONTEXT | Kernel | Set the threads context. |
ACTRL_KERNEL_TOKEN | Kernel | Set the threads token. |
ACTRL_KERNEL_IMPERSONATE | Kernel | Client impersonation. |
ACTRL_KERNEL_DIMPERSONATE | Kernel | Direct client impersonation. |
ACTRL_PRINT_SADMIN | Printer | Print server administration. |
ACTRL_PRINT_SLIST | Printer | Print server enumeration. |
ACTRL_PRINT_PADMIN | Printer | Printer administration. |
ACTRL_PRINT_PUSE | Printer | Can the printer be used. |
ACTRL_PRINT_JADMIN | Printer | Print job administration. |
ACTRL_SVC_GET_INFO | Service | Get the info on a service. |
ACTRL_SVC_SET_INFO | Service | Set the info on a service. |
ACTRL_SVC_STATUS | Service | Get the status of a service. |
ACTRL_SVC_LIST | Service | Enumerate the services. |
ACTRL_SVC_START | Service | Start a service. |
ACTRL_SVC_STOP | Service | Stop a service. |
ACTRL_SVC_PAUSE | Service | Pause a service. |
ACTRL_SVC_INTERROGATE | Service | Query the service for current status. |
ACTRL_SVC_UCONTROL | Service | User-defined control. |
ACTRL_REG_QUERY | Registry | Read a registry subkey. |
ACTRL_REG_SET | Registry | Write a registry subkey. |
ACTRL_REG_CREATE_CHILD | Registry | Create a registry subkey. |
ACTRL_REG_LIST | Registry | Enumerate a registry subkey. |
ACTRL_REG_NOTIFY | Registry | Create a registry notification. |
ACTRL_REG_LINK | Registry | Create a symbolic link. |
ACTRL_WIN_CLIPBRD | Window | Allow access to the clipboard. |
ACTRL_WIN_GLOBAL_ATOMS | Window | Allow global-atom access. |
ACTRL_WIN_CREATE | Window | Create desktop access. |
ACTRL_WIN_LIST_DESK | Window | Enumerate the desktops. |
ACTRL_WIN_LIST | Window | Enumerate the window station. |
ACTRL_WIN_READ_ATTRIBS | Window | Read the attributes. |
ACTRL_WIN_WRITE_ATTRIBS | Window | Write the attributes. |
ACTRL_WIN_SCREEN | Window | Allow access to the screen. |
ACTRL_WIN_EXIT | Window | Call ExitWindows* functions. |
To determine whether the platform supports this interface, see Determining Supported COM APIs.
Requirements
OS Versions: Windows CE 3.0 and later.
Header: IAccess.h.
Link Library: Ole32.lib, Uuid.lib.
Send Feedback on this topic to the authors