Internet Magazine 2003 October

home *** CD-ROM | disk | FTP | other *** search

/ Internet Magazine 2003 October / INTERNET108.ISO / pc / software / windows / utils / tiny_firewall / tpf5.exe / Tiny Personal Firewall 5.0.msi / ws_misc.js < prev next >

Wrap

JavaScript | 2003-07-01 | 31.0 KB | 1,206 lines

//ws_misc.js var ERR_GET_MODULE_PARSER = "Error: Cannot get Parser object for Sandbox", ERR_GET_RULELIST = "Error: Cannot get rule list from parser", THIS_DIV = "misc", HTML_THIS_DIV_HEADER = '<DIV id=' + THIS_DIV + '>', HTML_THIS_DIV_TRAILER = "</DIV>", HTML_TABLE_HEADER = '<table border="1" align="center" bgcolor="#D7DDF2">', HTML_TABLE_TRAILER = "</table>", HTML_TABLE_LABEL_HEADER1 = "<table width=100% border=0 cellspacing=0 cellpadding=0><tr bgcolor=", HTML_TABLE_LABEL_HEADER2 = "><td height=25 align=middle><font color=white><B>", HTML_TABLE_LABEL_TRAILER = "</B></font></td></tr></table>", HTML_TABLES_SEPARATOR = "<BR/><BR/>" HTML_ROW_HEADER = "<TR>", HTML_ROW_TRAILER = "</TR>", HTML_HEADER_HEADER = '<TH style="font-face:bold;font-size:8pt;">', HTML_HEADER_TRAILER = "</TH>", HTML_CELL_HEADER = "<TD align=center>", HTML_CELL_TRAILER = "</TD>", HTML_ID_EDIT_HEADER = '<INPUT type=edit size=3 ', HTML_ID_EDIT_TRAILER = '></INPUT>', HTML_ID_LINK_HEADER = '<A href=# onclick=', HTML_ID_LINK_TRAILER = '</A>', HTML_INSERT_RULE = '<IMG src="ico-plus.gif" align=absMiddle alt = "Insert rule"/> Insert rule', HTML_ICO_MINUS = '<IMG src="ico-minus.gif" alt="Delete rule"/>', HTML_SELECT_HEADER = '<SELECT ', HTML_SELECT_TRAILER = '></SELECT>', HTML_OPTION_HEADER = '<OPTION value="', HTML_OPTION_TRAILER = '</OPTION>'; var NO_COLUMNS = 10; var TXT_PRO_HIGH_MASTER = "High Priority List - Common rules", TXT_CLIENT = "Medium Priority List - Non-Privileged User Defined", TXT_PRO_LOW_MASTER = "Low Priority List - Common rules", TXT_DELETING = "Deleting rule", TXT_QST_REALLYDELETE1 = 'Do you really want to delete ', TXT_QST_REALLYDELETE2 = ' from the list of rules?', TXT_NEW_EXC_APP = 'Enter app./group', // columns TXT_ID_CAPTION = "Rule #", TXT_APP_CAPTION = "Application to trigger the rule", TXT_VBA_MACR = "VBA Macro", TXT_VBA_AUTO = "VBA Auto Macro", TXT_SYS_FPTT = "Forced proc./thread term.", TXT_SYS_SSHD = "System shutdown", TXT_SYS_SLLA = "System low level api", TXT_SYS_CBAC = "Clipboard access", TXT_DEV_DANG = "Dangerous device access", TXT_ASGNMT = "Assignment"; var arrAccessResultStrings = new Array("Prevent", "Allow", "Ask User"); var arrAuditLevelStrings = new Array("Ignore", "Monitor", "Alert"); var arrVBAOptions = new Array("Inherit from parent", "Use custom VBA settings", "Do not run macro"); var arrGuardIds = new Array('V'.charCodeAt(0), 'Y'.charCodeAt(0), 'G'.charCodeAt(0)); var AR_ALLOW = 0x0001, AR_PREVENT = 0x0000, AR_ASKUSER = 0x0002; var AL_IGNORE = 0x0000, AL_MONITOR = 0x0001, AL_ALERT = 0x0002; var OT_VBAMACRO = 0x00000020, OT_SYSTEMPRIV = 0x00000080, OT_DEVICEPRIV = 0x00000100; var PRIOR_LOW = 0, PRIOR_NORMAL = 1, PRIOR_HIGH = 2; var RT_DIRECT = 0, RT_DEFINITION = RT_DIRECT + 1; var AT_VBA_MACRO_RUN_IN_ORIG = 0x00000001, AT_VBA_MACRO_RUN_IN_SPECIAL = 0x00000002, AT_VBA_AUTO_RUN_IN_ORIG = 0x00000004, AT_VBA_AUTO_RUN_IN_SPECIAL = 0x00000008, AT_VBA_FULL = 0x00000005, AT_SYSPRIV_FORCED_PROC_THREAD_TERM = 0x00002000, AT_SYSPRIV_SYSTEMSHUTDOWN = 0x00000100, AT_SYSPRIV_SYSTEMLOWLEVELAPI = 0x00001000, AT_SYSPRIV_CLIPBOARDACCESS = 0x00004000, AT_SYSPRIV_ALL = 0x00007100, AT_DEVPRIV_DANGEROUSDEVICEACCESS = 0x00000002; var VbaAccessTypes = new Array(4); VbaAccessTypes[0] = AT_VBA_MACRO_RUN_IN_ORIG; VbaAccessTypes[1] = AT_VBA_MACRO_RUN_IN_SPECIAL; VbaAccessTypes[2] = AT_VBA_AUTO_RUN_IN_ORIG; VbaAccessTypes[3] = AT_VBA_AUTO_RUN_IN_SPECIAL; var SysprivAccessTypes = new Array(4); SysprivAccessTypes[0] = AT_SYSPRIV_FORCED_PROC_THREAD_TERM; SysprivAccessTypes[1] = AT_SYSPRIV_SYSTEMSHUTDOWN; SysprivAccessTypes[2] = AT_SYSPRIV_SYSTEMLOWLEVELAPI; SysprivAccessTypes[3] = AT_SYSPRIV_CLIPBOARDACCESS; var strHeaders = new Array(NO_COLUMNS); strHeaders[0] = TXT_ID_CAPTION; strHeaders[1] = TXT_APP_CAPTION; strHeaders[2] = TXT_VBA_MACR; strHeaders[3] = TXT_VBA_AUTO; strHeaders[4] = TXT_SYS_FPTT; strHeaders[5] = TXT_SYS_SSHD; strHeaders[6] = TXT_SYS_SLLA; strHeaders[7] = TXT_SYS_CBAC; strHeaders[8] = TXT_DEV_DANG; strHeaders[9] = TXT_ASGNMT; var arrAllClientRules = null, // all VBA, SysPrio, DevPrio rules from Client db arrAllServerRules = null, // dtto. from server db arrRuleTriples; // rule triples from both dbs grouped by app/group var ServerParser = null, ClientParser = null, ServerAppParser = null, ClientAppParser = null, ClientRuleList = null, ServerRuleList = null; var firstLabel = new Array(), arrLabelTypes = new Array(); var iMaxServerId = 0, iMaxClientId = 0; var iContext = 0; var ctrlAsgnmt = null; var strAsgnmt = ""; function SetAssignment(str) { strAsgnmt = str; try { if (window.external.Context == 1) { ctrlAsgnmt = new ActiveXObject("cfgasgnmt.cfgasgnmtCtrl"); ctrlAsgnmt.SetAssignment(str); } } catch (e) { // this is home edition - ctrlAsgnmt does not exist } _ruleList.innerHTML = GetRuleList(); } function RuleTriple(r1, r2, r3) { this[0] = r1; this[1] = r2; this[2] = r3; } function LoadAllRules(ruleList, arrRulesToStore) { var i, j, maxId = 0; ruleListEnum = new Enumerator(ruleList); ruleListEnum.moveFirst(); j = arrRulesToStore.length; while (!ruleListEnum.atEnd()) { //add option to array var rule = ruleListEnum.item(); var id; var curOT = rule.ObjectType; if (curOT == OT_VBAMACRO || curOT == OT_SYSTEMPRIV || curOT == OT_DEVICEPRIV) { id = GetRuleID(rule); if (id > maxId) maxId = id; // find 'full' access type, convert it into specific access types var adList = rule.AccessDescriptorList; var adEnum = new Enumerator(adList); adEnum.moveFirst(); var accessDescriptor = null; if (!adEnum.atEnd()) { var acCur = adEnum.item(); switch(curOT) { case OT_VBAMACRO: if (acCur.AccessType == AT_VBA_FULL) { adList.Clear(); for (i = 0; i < 4; i++) { var ad = adList.CreateAccessDescriptor(); ad.AccessType = VbaAccessTypes[i]; ad.AccessResult = acCur.AccessResult; ad.AuditLevel = acCur.AuditLevel; adList.Insert(ad); } } break; case OT_SYSTEMPRIV: if (acCur.AccessType == AT_SYSPRIV_ALL) { adList.Clear(); for (i = 0; i < 4; i++) { var ad = adList.CreateAccessDescriptor(); ad.AccessType = SysprivAccessTypes[i]; ad.AccessResult = acCur.AccessResult; ad.AuditLevel = acCur.AuditLevel; adList.Insert(ad); } } break; } } arrRulesToStore[j++] = rule; } ruleListEnum.moveNext(); //Get next rule } return maxId; } function GetRuleList() { var Option, OptList, strRules = HTML_THIS_DIV_HEADER; iContext = window.external.Context; if (iContext == 0) strAsgnmt = window.external.LoggedUser; try { ServerParser = window.external.ServerParser(1) ; ClientParser = window.external.ClientParser(1) ; ServerAppParser = window.external.ServerParser(64) ; ClientAppParser = window.external.ClientParser(64) ; } catch(e) { alert(ERR_GET_MODULE_PARSER); return; } try { if (ServerParser != null) ServerRuleList = ServerParser.RuleList; if (ClientParser != null) ClientRuleList = ClientParser.RuleList; } catch(e) { alert(ERR_GET_RULELIST); return; } arrAllClientRules = new Array(); arrAllServerRules = new Array(); arrRuleTriples = new Array(); if (ClientRuleList != null) iMaxClientId = LoadAllRules(ClientRuleList, arrAllClientRules); if (ServerRuleList != null) iMaxServerId = LoadAllRules(ServerRuleList, arrAllServerRules); iShowObjects = cmbShowObjects.options[cmbShowObjects.selectedIndex].value; if (ServerRuleList != null && (iShowObjects == 0 || iShowObjects == 2 || iShowObjects == 3)) { strRules = HTML_TABLE_LABEL_HEADER1 + "#01088b" + HTML_TABLE_LABEL_HEADER2 + TXT_PRO_HIGH_MASTER + HTML_TABLE_LABEL_TRAILER; strRules += GetRuleListByPriority(arrAllServerRules, PRIOR_HIGH, "Server") + HTML_TABLES_SEPARATOR; } if (ClientRuleList != null && (iShowObjects == 0 || iShowObjects == 1)) { strRules += HTML_TABLE_LABEL_HEADER1 + "#7aa1e6" + HTML_TABLE_LABEL_HEADER2 + TXT_CLIENT + HTML_TABLE_LABEL_TRAILER; strRules += GetRuleListByPriority(arrAllClientRules, PRIOR_NORMAL, "Client") + HTML_TABLES_SEPARATOR; } if (ServerRuleList != null && (iShowObjects == 0 || iShowObjects == 2 || iShowObjects == 4)) { strRules += HTML_TABLE_LABEL_HEADER1 + "#01088b" + HTML_TABLE_LABEL_HEADER2 + TXT_PRO_LOW_MASTER + HTML_TABLE_LABEL_TRAILER; strRules += GetRuleListByPriority(arrAllServerRules, PRIOR_LOW, "Server") } strRules += HTML_THIS_DIV_TRAILER; return strRules; } function GetRuleListByPriority(arrAllRules, prio, ParserName) { var strRetVal = '<table width="100%" border="0" bgcolor="#DBDBDB"><tr><td><A href="#" style="color: Black; text-decoration: none;" onclick="OnAdd(' + prio + ')">' + HTML_INSERT_RULE + '</A></td></tr></table>'; var i; strRetVal += HTML_TABLE_HEADER; strRetVal += HTML_ROW_HEADER; for (i = 0; i < NO_COLUMNS; i++) { strRetVal += HTML_HEADER_HEADER + strHeaders[i] + HTML_HEADER_TRAILER; } strRetVal += HTML_ROW_TRAILER; j = arrRuleTriples.length; for (i = 0; i < arrAllRules.length; i++) { var rule = arrAllRules[i]; var ot = rule.ObjectType if (!RuleTripleExists(rule) && (ot == OT_VBAMACRO || ot == OT_SYSTEMPRIV || ot == OT_DEVICEPRIV) && rule.Priority == prio) { var ruleTriple; switch (ot) { case OT_VBAMACRO: ruleTriple = new RuleTriple(rule, GetSysPrioRule(rule, arrAllRules), GetDevPrioRule(rule, arrAllRules) ); break; case OT_SYSTEMPRIV: ruleTriple = new RuleTriple(GetVBARule(rule, arrAllRules), rule, GetDevPrioRule(rule, arrAllRules) ); break; case OT_DEVICEPRIV: ruleTriple = new RuleTriple(GetVBARule(rule, arrAllRules), GetSysPrioRule(rule, arrAllRules), rule ); break; } if (RuleTripleContainsRule(ruleTriple)) { arrRuleTriples[j++] = ruleTriple; strRetVal += GetRuleHtmlStr(ruleTriple, prio, arrRuleTriples.length - 1); } } } strRetVal += HTML_TABLE_TRAILER; return strRetVal; } function RuleTripleContainsRule(ruleTriple) { var i; for (i = 0; i < 3; i++) if (ruleTriple[i] != null) return 1; return 0; } function GetApplication(ruleTriple) { var i; for (i = 0; i < 3; i++) if (ruleTriple[i] != null) return ruleTriple[i].Application; } function GetPriority(ruleTriple) { var i; for (i = 0; i < 3; i++) if (ruleTriple[i] != null) return ruleTriple[i].Priority; } function GetRuleID(rule) { return rule.RuleID & 0x0000ffff; } function GetRuleTripleID(ruleTriple) { var i; for (i = 0; i < 3; i++) if (ruleTriple[i] != null) { return ruleTriple[i].RuleID & 0x0000ffff; } } function GetAssignment(ruleTriple) { var i; for (i = 0; i < 3; i++) if (ruleTriple[i] != null) { return ruleTriple[i].Assignment; } } function GetRuleHtmlStr(ruleTriple, prio, index) { var strRule = HTML_ROW_HEADER; if (!RuleTripleContainsRule(ruleTriple)) return ""; var ruleAsgnmt = GetAssignment(ruleTriple); switch (iContext) { case 0: ruleAsgnmt = ruleAsgnmt.toLowerCase( ); if (ruleAsgnmt != "*" && strAsgnmt != "All@" && ruleAsgnmt.indexOf(strAsgnmt.toLowerCase( )) == -1) { return ""; } break; case 1: if (!ctrlAsgnmt.CheckRule(ruleAsgnmt)) { return ""; } break; } var strID = GetRuleTripleID(ruleTriple); strRule += HTML_CELL_HEADER + strID + HTML_CELL_TRAILER; var strAppName = GetApplication(ruleTriple); var i; if (strAppName == '') { ChangeApplication(ruleTriple, '*'); strRule += HTML_CELL_HEADER + GetLabelListHtmlStr('SELECT_' + index, '*', index) + HTML_CELL_TRAILER; } else { strRule += HTML_CELL_HEADER + HTML_ID_LINK_HEADER + '\'this.outerHTML=GetLabelListHtmlStr("SELECT_' + index + '","' + strAppName + '",' + index +');\'>' + strAppName + HTML_ID_LINK_TRAILER + HTML_CELL_TRAILER; } for (i = 0; i < 3; i++) { var AccessType, j; switch (i) { case 0: // VBA_macro: strRule += HTML_CELL_HEADER + GenerateVBAAccessResult(ruleTriple[i], 1, '"OnVBAAccessResultChange(' + index + ',1,parseInt(this.value),' + prio +')"'); strRule += "<BR/>" + GenerateVBAAuditLevel(ruleTriple[i], 1, '"OnVBAAuditLevelChange(' + index + ',1,parseInt(this.value),' + prio +')"') + HTML_CELL_TRAILER; strRule += HTML_CELL_HEADER + GenerateVBAAccessResult(ruleTriple[i], 0, '"OnVBAAccessResultChange(' + index + ',0,parseInt(this.value),' + prio +')"'); strRule += "<BR/>" + GenerateVBAAuditLevel(ruleTriple[i], 0, '"OnVBAAuditLevelChange(' + index + ',0,parseInt(this.value),' + prio +')"') + HTML_CELL_TRAILER; break; case 1: // System privileges for (j = 0; j < 4; j++) { strRule += HTML_CELL_HEADER + GenerateAccessResult(ruleTriple[i], SysprivAccessTypes[j], '"OnAccessResultChange(' + index + ',' + i + ',' + SysprivAccessTypes[j] + ',' + 'parseInt(this.value),' + prio + ')"'); strRule += "<BR/>" + GenerateAuditLevel(ruleTriple[i], SysprivAccessTypes[j], '"OnAuditLevelChange(' + index + ',' + i + ',' + SysprivAccessTypes[j] + ',' + 'parseInt(this.value),' + prio + ')"') + HTML_CELL_TRAILER; } break; case 2: // Device privilege strRule += HTML_CELL_HEADER + GenerateAccessResult(ruleTriple[i], AT_DEVPRIV_DANGEROUSDEVICEACCESS, '"OnAccessResultChange(' + index + ',' + i + ',' + AT_DEVPRIV_DANGEROUSDEVICEACCESS + ',' + 'parseInt(this.value),' + prio + ')"'); strRule += "<BR/>" + GenerateAuditLevel(ruleTriple[i], AT_DEVPRIV_DANGEROUSDEVICEACCESS, '"OnAuditLevelChange(' + index + ',' + i + ',' + AT_DEVPRIV_DANGEROUSDEVICEACCESS + ',' + 'parseInt(this.value),' + prio + ')"') + HTML_CELL_TRAILER; break; } } strRule += HTML_CELL_HEADER + HTML_ID_EDIT_HEADER + ' value="' + GetAssignment(ruleTriple) + '"' + ' onchange="OnAsgnmtChange(' + index + ',this.value);" ' + HTML_ID_EDIT_TRAILER + HTML_CELL_TRAILER; strRule += HTML_CELL_HEADER + '<A href="#" onclick="OnDelete(' + prio + ',' + index + ')">' + HTML_ICO_MINUS + HTML_CELL_TRAILER; "Delete</A>" strRule += HTML_ROW_TRAILER; return strRule; } function RuleTripleExists(rule) { var appRule = rule.Application; var rulePrio = rule.Priority; var ruleOT = rule.ObjectType; var asgnmtRule = rule.Assignment; var indIntoTriple; switch (ruleOT) { case OT_VBAMACRO: indIntoTriple = 0; break; case OT_SYSTEMPRIV: indIntoTriple = 1; break; case OT_DEVICEPRIV: indIntoTriple = 2; break; } for (i = 0; i < arrRuleTriples.length; i++) { if ( GetPriority(arrRuleTriples[i]) == rulePrio && GetApplication(arrRuleTriples[i]) == appRule && GetAssignment(arrRuleTriples[i]) == asgnmtRule && arrRuleTriples[i][indIntoTriple] == rule) return 1; } return 0; } function GetVBARule(rule, arrAllRules) { var strApplication = rule.Application; var ruleFound = null; var i; for (i = 0; i < arrAllRules.length; i++) { var ruleCur = arrAllRules[i]; if (ruleCur.ObjectType == OT_VBAMACRO && ruleCur.Application == strApplication) { ruleFound = ruleCur; break; } } return ruleFound; } function GetSysPrioRule(rule, arrAllRules) { var strApplication = rule.Application; var ruleFound = null; var i; for (i = 0; i < arrAllRules.length; i++) { var ruleCur = arrAllRules[i]; if (ruleCur.ObjectType == OT_SYSTEMPRIV && ruleCur.Application == strApplication) { ruleFound = ruleCur; break; } } return ruleFound; } function GetDevPrioRule(rule, arrAllRules) { var strApplication = rule.Application; var ruleFound = null; var i; for (i = 0; i < arrAllRules.length; i++) { var ruleCur = arrAllRules[i]; if (ruleCur.ObjectType == OT_DEVICEPRIV && ruleCur.Application == strApplication) { ruleFound = ruleCur; break; } } return ruleFound; } function OnAdd(priority) { var ruleList; switch (priority) { case PRIOR_HIGH: case PRIOR_LOW: ruleList = ServerRuleList; break; case PRIOR_NORMAL: ruleList = ClientRuleList; } var newRule = ruleList.CreateRule(); switch (priority) { case PRIOR_HIGH: case PRIOR_LOW: SetRuleID(newRule, 0, ++iMaxServerId, 1); break; case PRIOR_NORMAL: SetRuleID(newRule, 0, ++iMaxClientId, 0); } newRule.Application = ''; newRule.Priority = priority; newRule.ObjectType = OT_VBAMACRO; newRule.Path = "*"; newRule.PathType = RT_DEFINITION; ruleList.Insert(newRule, newRule); _ruleList.innerHTML = GetRuleList(); } function OnDelete(priority, index) { var arg = new Array(2); var i; arg[0] = TXT_QST_REALLYDELETE1 + '"' + GetApplication(arrRuleTriples[index]) + '"' + TXT_QST_REALLYDELETE2; arg[1] = TXT_DELETING; var answer=showModalDialog('question.html', arg, 'dialogWidth=300pt;dialogHeight=100pt;'); if (answer == 0) return; var Parser; switch (priority) { case PRIOR_HIGH: case PRIOR_LOW: ruleList = ServerRuleList; break; case PRIOR_NORMAL: ruleList = ClientRuleList; break; } try { ruleTriple = arrRuleTriples[index]; for (i = 0; i < 3; i++) if (ruleTriple[i] != null) ruleList.Remove(ruleTriple[i]); } catch (e) { alert("Access violation"); } _ruleList.innerHTML = GetRuleList(); } function OnAppChange(id, index, value) { var i; try { ruleTriple = arrRuleTriples[index]; for (i = 0; i < 3; i++) { if (ruleTriple[i] != null) { arrRuleTriples[index][i].Application = value; arrRuleTriples[index][i].AppType = arrLabelTypes[id.selectedIndex]; } } } catch (e) { alert("Access violation"); } } function OnIDChange(index, value, priority) { try { SetRuleTripleID(arrRuleTriples[index], parseInt(value), (priority==PRIOR_HIGH || priority==PRIOR_LOW) ? 1 : 0); } catch (e) { alert("ID already exists"); } } function OnAccessResultChange(index, subindex, accessType, value, prio) { try { var rule = arrRuleTriples[index][subindex]; var adList; if (rule == null) { rule = CreateRule(index, subindex, prio); } adList = rule.AccessDescriptorList; var adEnum = new Enumerator(adList); adEnum.moveFirst(); var accessDescriptor = null; while (!adEnum.atEnd()) { var acCur = adEnum.item(); if (acCur.AccessType == accessType) { accessDescriptor = acCur; break; } adEnum.moveNext(); } if (accessDescriptor == null) { accessDescriptor = adList.CreateAccessDescriptor(); accessDescriptor.AccessType = accessType; accessDescriptor.AuditLevel = AL_IGNORE; adList.Insert(accessDescriptor); } accessDescriptor.AccessResult = value; } catch (e) { alert("Access violation"); } } function OnVBAAccessResultChange(index, macroNotAuto, value, prio) { try { var rule = arrRuleTriples[index][0]; if (rule == null) { rule = CreateRule(index, subindex, prio); } var adList = rule.AccessDescriptorList; var adEnum = new Enumerator(adList); adEnum.moveFirst(); var accessDescriptor = null, accessDescriptor2 = null; while (!adEnum.atEnd()) // find VBA access descriptors { var acCur = adEnum.item(); var atCur = acCur.AccessType; if (macroNotAuto && ( atCur == AT_VBA_MACRO_RUN_IN_ORIG || atCur == AT_VBA_MACRO_RUN_IN_SPECIAL) || !macroNotAuto && ( atCur == AT_VBA_AUTO_RUN_IN_ORIG || atCur == AT_VBA_AUTO_RUN_IN_SPECIAL) ) { accessDescriptor = acCur; switch(value) { case 0: acCur.AccessResult = AR_ALLOW; break; case 2: acCur.AccessResult = AR_PREVENT; break; case 1: if ( atCur == AT_VBA_MACRO_RUN_IN_ORIG || atCur == AT_VBA_AUTO_RUN_IN_ORIG ) acCur.AccessResult = AR_PREVENT; else acCur.AccessResult = AR_ALLOW; break; } } adEnum.moveNext(); } if (accessDescriptor == null) // access descriptors for this access type do not exist yet { accessDescriptor = adList.CreateAccessDescriptor(); accessDescriptor2 = adList.CreateAccessDescriptor(); accessDescriptor.AuditLevel = AL_IGNORE; accessDescriptor2.AuditLevel = AL_IGNORE; if (macroNotAuto) { accessDescriptor.AccessType = AT_VBA_MACRO_RUN_IN_ORIG; accessDescriptor2.AccessType = AT_VBA_MACRO_RUN_IN_SPECIAL; } else { accessDescriptor.AccessType = AT_VBA_AUTO_RUN_IN_ORIG; accessDescriptor2.AccessType = AT_VBA_AUTO_RUN_IN_SPECIAL; } switch(value) { case 0: accessDescriptor.AccessResult = AR_ALLOW; accessDescriptor2.AccessResult = AR_ALLOW; break; case 1: accessDescriptor.AccessResult = AR_PREVENT; accessDescriptor2.AccessResult = AR_ALLOW; break; case 2: accessDescriptor.AccessResult = AR_PREVENT; accessDescriptor2.AccessResult = AR_PREVENT; break; } adList.Insert(accessDescriptor); adList.Insert(accessDescriptor2); } } catch (e) { alert("Access violation"); } } function OnAuditLevelChange(index, subindex, accessType, value, prio) { try { var rule = arrRuleTriples[index][subindex]; if (rule == null) { rule = CreateRule(index, subindex, prio); } var adList = rule.AccessDescriptorList; var adEnum = new Enumerator(adList); adEnum.moveFirst(); var accessDescriptor = null; while (!adEnum.atEnd()) { var acCur = adEnum.item(); if (acCur.AccessType == accessType) { accessDescriptor = acCur; break; } adEnum.moveNext(); } if (accessDescriptor == null) { accessDescriptor = adList.CreateAccessDescriptor(); accessDescriptor.AccessType = accessType; accessDescriptor.AccessResult = AR_ALLOW; adList.Insert(accessDescriptor); } accessDescriptor.AuditLevel = value; } catch (e) { alert("Access violation"); } } function OnVBAAuditLevelChange(index, macroNotAuto, value, prio) { try { var rule = arrRuleTriples[index][0]; if (rule == null) { rule = CreateRule(index, subindex, prio); } var adList = rule.AccessDescriptorList; var adEnum = new Enumerator(adList); adEnum.moveFirst(); var accessDescriptor = null, accessDescriptor2 = null; while (!adEnum.atEnd()) // find VBA access descriptors { var acCur = adEnum.item(); var atCur = acCur.AccessType; if (macroNotAuto && ( atCur == AT_VBA_MACRO_RUN_IN_ORIG || atCur == AT_VBA_MACRO_RUN_IN_SPECIAL) || !macroNotAuto && ( atCur == AT_VBA_AUTO_RUN_IN_ORIG || atCur == AT_VBA_AUTO_RUN_IN_SPECIAL) ) { accessDescriptor = acCur; acCur.AuditLevel = value; } adEnum.moveNext(); } if (accessDescriptor == null) // access descriptors for this access type do not exist yet { accessDescriptor = adList.CreateAccessDescriptor(); accessDescriptor2 = adList.CreateAccessDescriptor(); accessDescriptor.AccessResult = AR_ALLOW; accessDescriptor2.AccessResult = AR_ALLOW; accessDescriptor.AuditLevel = value; accessDescriptor2.AuditLevel = value; if (macroNotAuto) { accessDescriptor.AccessType = AT_VBA_MACRO_RUN_IN_ORIG; adList.Insert(accessDescriptor); accessDescriptor2.AccessType = AT_VBA_MACRO_RUN_IN_SPECIAL; adList.Insert(accessDescriptor2); } else { accessDescriptor.AccessType = atCur == AT_VBA_AUTO_RUN_IN_ORIG; adList.Insert(accessDescriptor); accessDescriptor2.AccessType = AT_VBA_AUTO_RUN_IN_SPECIAL; adList.Insert(accessDescriptor2); } } } catch (e) { alert("Access violation"); } } function OnAsgnmtChange(index, newVal) { try { var ruleTriple = arrRuleTriples[index]; var i; for (i = 0; i < 3; i++) if (ruleTriple[i] != null) ruleTriple[i].Assignment = newVal; _ruleList.innerHTML = GetRuleList(); } catch (e) { alert("Access violation"); } } function GenerateAccessResult(rule, accessType, strOnChange) { var strARList = HTML_SELECT_HEADER + ' onchange=' + strOnChange + '>'; var i, iCurAR; // access result set for this rule and access type if (rule != null) { var enumARDesc = new Enumerator(rule.AccessDescriptorList); // find access descriptor for this access type var adList = rule.AccessDescriptorList; var adEnum = new Enumerator(adList); adEnum.moveFirst(); var accessDescriptor = null; while (!adEnum.atEnd()) { var acCur = adEnum.item(); if (acCur.AccessType == accessType) { accessDescriptor = acCur; break; } adEnum.moveNext(); } if (accessDescriptor == null) iCurAR = AR_ALLOW; else iCurAR = accessDescriptor.AccessResult; } else iCurAR = AR_ALLOW; for (i = AR_PREVENT; i <= AR_ASKUSER; i++) { strARList += '<OPTION value="' + i + '"'; if (i == iCurAR) { strARList += ' selected '; } strARList += '>' + arrAccessResultStrings[i] + '</OPTION>'; } strARList += HTML_SELECT_TRAILER; return strARList; } function GenerateVBAAccessResult(rule, macroOrAuto, strOnChange) { var strARList = HTML_SELECT_HEADER + ' onchange=' + strOnChange + '>'; var i, iCurOption; if (rule != null) { var enumARDesc = new Enumerator(rule.AccessDescriptorList); // find access descriptor for this access type var adList = rule.AccessDescriptorList; var adEnum = new Enumerator(adList); adEnum.moveFirst(); var accessDescriptor = null; iCurOption = 2; while (!adEnum.atEnd()) { var acCur = adEnum.item(); var atCur = acCur.AccessType; if ( macroOrAuto && (atCur == AT_VBA_MACRO_RUN_IN_ORIG || atCur == AT_VBA_MACRO_RUN_IN_SPECIAL) || !macroOrAuto && (atCur == AT_VBA_AUTO_RUN_IN_ORIG || atCur == AT_VBA_AUTO_RUN_IN_SPECIAL) ) { accessDescriptor = acCur; if ( atCur == AT_VBA_MACRO_RUN_IN_ORIG || atCur == AT_VBA_AUTO_RUN_IN_ORIG ) { if (acCur.AccessResult == AR_ALLOW) { iCurOption = 0; break; } } if ( atCur == AT_VBA_MACRO_RUN_IN_SPECIAL || atCur == AT_VBA_AUTO_RUN_IN_SPECIAL ) { if (acCur.AccessResult == AR_ALLOW) { iCurOption = 1; break; } } } adEnum.moveNext(); } if (accessDescriptor == null) iCurOption = 0; } else iCurOption = 0; for (i = 0; i <= 2; i++) { strARList += '<OPTION value="' + i + '"'; if (i == iCurOption) { strARList += ' selected '; } strARList += '>' + arrVBAOptions[i] + '</OPTION>'; } strARList += HTML_SELECT_TRAILER; return strARList; } function GenerateAuditLevel(rule, accessType, strOnChange) { var strALList = HTML_SELECT_HEADER + ' onchange=' + strOnChange + '>'; var i, iCurAL; // access result set for this rule and access type if (rule != null) { var enumARDesc = new Enumerator(rule.AccessDescriptorList); // find access descriptor for this access type var adList = rule.AccessDescriptorList; var adEnum = new Enumerator(adList); adEnum.moveFirst(); var accessDescriptor = null; while (!adEnum.atEnd()) { var acCur = adEnum.item(); if (acCur.AccessType == accessType) { accessDescriptor = acCur; break; } adEnum.moveNext(); } if (accessDescriptor == null) iCurAL = AL_IGNORE; else iCurAL = accessDescriptor.AuditLevel; } else iCurAL = AL_IGNORE; for (i = AL_IGNORE; i <= AL_ALERT; i++) { strALList += '<OPTION value="' + i + '"'; if (i == iCurAL) { strALList += ' selected '; } strALList += '>' + arrAuditLevelStrings[i] + '</OPTION>'; } strALList += HTML_SELECT_TRAILER; return strALList; } function GenerateVBAAuditLevel(rule, macroOrAuto, strOnChange) { var strALList = HTML_SELECT_HEADER + ' onchange=' + strOnChange + '>'; var i, iCurAL; // access result set for this rule and access type if (rule != null) { var enumARDesc = new Enumerator(rule.AccessDescriptorList); // find access descriptor for this access type var adList = rule.AccessDescriptorList; var adEnum = new Enumerator(adList); adEnum.moveFirst(); var accessDescriptor = null; while (!adEnum.atEnd()) { var acCur = adEnum.item(); var atCur = acCur.AccessType; if (macroOrAuto && (acCur.AccessType == AT_VBA_MACRO_RUN_IN_ORIG || acCur.AccessType == AT_VBA_MACRO_RUN_IN_SPECIAL) || !macroOrAuto && (acCur.AccessType == AT_VBA_AUTO_RUN_IN_ORIG || acCur.AccessType == AT_VBA_AUTO_RUN_IN_SPECIAL) ) { accessDescriptor = acCur; break; } adEnum.moveNext(); } if (accessDescriptor == null) iCurAL = AL_IGNORE; else iCurAL = accessDescriptor.AuditLevel; } else iCurAL = AL_IGNORE; for (i = AL_IGNORE; i <= AL_MONITOR; i++) { strALList += '<OPTION value="' + i + '"'; if (i == iCurAL) { strALList += ' selected '; } strALList += '>' + arrAuditLevelStrings[i] + '</OPTION>'; } strALList += HTML_SELECT_TRAILER; return strALList; } function ChangeApplication(ruleTriple, appNew) { var i; for (i = 0; i < 3; i++) { if (ruleTriple[i] != null) ruleTriple[i].Application = appNew; } } function SetRuleID(rule, type, value, bIsServer) { var ruleId = value | bIsServer<<16 | arrGuardIds[type]<<24; rule.RuleID = ruleId; } function SetRuleIDFromTriple(subindex, ruleTriple, bIsServer) { var i, id = 0; for (i = 0; i < 3; i++) if (subindex != i && ruleTriple[i] != null) { id = ruleTriple[i].RuleID & 0x0000ffff; break; } var ruleId = id | bIsServer<<16 | arrGuardIds[subindex]<<24; ruleTriple[subindex].RuleID = ruleId; } function SetRuleTripleID(ruleTriple, id, bIsServer) { var i; for (i = 0; i < 3; i++) { var ruleId = arrGuardIds[i]<<24 | bIsServer<<16 | id; if (ruleTriple[i] != null) ruleTriple[i].RuleID = ruleId; } } function CreateRule(index, subindex, priority) { var ruleList, ruleTriple = arrRuleTriples[index]; var strApp = ""; var i; switch(priority) { case PRIOR_LOW: case PRIOR_HIGH: ruleList = ServerRuleList; break; case PRIOR_NORMAL: ruleList = ClientRuleList; break; } for (i = 0; i < 3; i++) if (ruleTriple[i] != null) strApp = ruleTriple[i].Application; var ruleNew = ruleList.CreateRule(); ruleNew.Application = strApp; switch (subindex) { case 0: ruleNew.ObjectType = OT_VBAMACRO; break; case 1: ruleNew.ObjectType = OT_SYSTEMPRIV; break; case 2: ruleNew.ObjectType = OT_DEVICEPRIV; break; } ruleNew.Priority = priority; ruleNew.Path = "*"; ruleNew.PathType = RT_DEFINITION; ruleList.Insert(ruleNew, ruleNew); ruleTriple[subindex] = ruleNew; SetRuleIDFromTriple(subindex, ruleTriple, (priority == PRIOR_HIGH || priority == PRIOR_LOW) ? 1 : 0); return ruleNew; } function AddToAssignment() { ctrlAsgnmt.AddFromSBXList(OT_VBAMACRO, ClientParser, ServerParser, ClientAppParser, ServerAppParser ); _ruleList.innerHTML = GetRuleList(); }