Listing 5 Extract from AccessToken.cpp
SID *AccessToken::get_User() { if(0 == m_user) { token_information<TokenUser> user(m_hToken); if(!user) { throw new SecurityException(::GetLastError()); } else { m_user = new SID(user->User.Sid); } } return m_user; } GroupList *AccessToken::get_Groups() { if(0 == m_groups) { m_groups = _get_groups(TokenGroups); } return m_groups; } GroupList *AccessToken::get_RestrictedSIDs() { if(0 == m_restrictedSIDs) { m_restrictedSIDs = _get_groups(TokenRestrictedSids); } return m_restrictedSIDs; } PrivilegeList *AccessToken::get_Privileges() { if(0 == m_privileges) { winstl::token_information<TokenPrivileges> privileges(m_hToken); if(!privileges) { throw new SecurityException(::GetLastError()); } else { m_privileges = new PrivilegeList(privileges->PrivilegeCount, privileges->Privileges); } return m_privileges; } return m_privileges; } TokenType AccessToken::get_Type() { TOKEN_TYPE tt; DWORD chRequired; if(!::GetTokenInformation(m_hToken, ::TokenType, &tt, sizeof(tt), &chRequired)) { throw new SecurityException(::GetLastError(), "Could not elicit type from token"); } return TokenType(tt); } GroupList *AccessToken::_get_groups(TOKEN_INFORMATION_CLASS tic) { GroupList *grouplist; DWORD cbRequired; DWORD dwErr; stlsoft_assert(tic == TokenGroups || tic == TokenRestrictedSids); ::GetTokenInformation(m_hToken, tic, NULL, 0, &cbRequired); dwErr = ::GetLastError(); if(ERROR_INSUFFICIENT_BUFFER != dwErr) { throw new SecurityException(dwErr); } else { TOKEN_GROUPS *groups = static_cast<TOKEN_GROUPS*>(Sec_Alloc(cbRequired)); if(!::GetTokenInformation(m_hToken, tic, groups, cbRequired, &cbRequired)) { throw new SecurityException(::GetLastError()); } else { try { grouplist = new GroupList(groups->GroupCount, groups->Groups); } catch(Exception *x) { Sec_Free(groups); throw x; } } } return grouplist; }