The interface "IAccount" represents a user or group account. It implements
those aspects of account functionality, which are needed for the other parts
of "madSecurity" like ACEs and Security Objects. Some
properties only work in winNT/2k, because win9x doesn't support the
respective APIs. A list of methods and properties can be found in the
IAccount Reference.
|
type IAccount = interface (IBasic) ['{28D27EC2-3A98-11D3-A52D-00005A180D69}'];
|
|
You can directly get an "IAccount" object for a specific account, if you
have the complete name of the account or its SID. You can enter the SID
as a PSid pointer or as a "S-1-x-x..." string. Furthermore you can directly
get an "IAccount" object for the current user or for some special
users/groups.
|
function Account (name : string; group: TExtBool = other) : IAccount; overload;
function Account (sid : PSid ) : IAccount; overload;
function CurrentUser : IAccount;
function Everyone : IAccount;
function AuthenticatedUsers : IAccount;
if Everyone.IsEqual(Account('S-1-1-0')) then
ShowMessage('madSecurity seems to be working correctly');
|
|
The property "Name" returns the name of the account:
|
property IAccount.Name : string;
|
|
The following method checks whether the account which is represented by the
current "IAccount" instance is identical to the specified account:
|
function IAccount.IsEqual (const otherAccount: IAccount) : boolean;
|
|
The method "IsStillValid" checks, whether the account is still valid, that
is whether it was not deleted in the meanwhile. This property always returns
"true" in win9x.
|
function IAccount.IsStillValid : boolean;
|
|
The following property returns the type of the account. In win9x you'll
always get "atUnknown".
|
type TAccountType = (atUnknown, atUser, atGroup, atDomain, atAlias, atWellKnownGroup,
atDeletedAccount, atInvalid, atUnknown2);
property IAccount.Type_ : TAccountType;
|
|
The property "Domain" tells you the name of the domain where the account is
maintained. In win9x you'll get an empty string.
|
property IAccount.Domain : string;
|
|
The following properties return infos about the winNT SID structure, which
identifies the account. In win9x you'll get nil/0/''.
|
property IAccount.PSid : PSid;
property IAccount.SidSize : integer;
property IAccount.SidStr : string;
|
|
All accounts are cached to get higher performance. You can clear the cache
at any time without any danger. You should do so after you've changed a
user. Otherwise the cache might hinder some actions.
|
procedure AccountCache_Add (const account: IAccount);
procedure AccountCache_Clear;
|
|