[DllImport("mqrt.dll", SetLastError=false, CharSet=CharSet.Auto)]
public static extern uint MQSetQueueSecurity(
[MarshalAs(UnmanagedType.LPWStr)]
string lpwcsFormatName
, int SecurityInformation
, IntPtr pSecurityDescriptor
);
Declare Function MQSetQueueSecurity Lib "mqrt.dll" (TODO) As TODO
SECURITY_INFORMATION
MQGetQueueSecurity and MQSetQueueSecurity don't have a managed equivalent in the System.Messaging namespace. If you need to read or change the ACL on a queue to, for example, change the queue owner, you need to use P/Invoke to mqrt.dll.
Please add some!
I can share more of the code if people are interested, but there are lots of API calls leading up to the call to MQSetQueueSecurity, so I'll just show the interesting parts here:
class mqrt {
public const int OWNER_SECURITY_INFORMATION = 0x1;
public const int MQ_OK = 0x0;
public const uint MQ_ERROR_SECURITY_DESCRIPTOR_TOO_SMALL = 0xC00E0023;
//MQGetQueueSecurity
//The MQGetQueueSecurity function retrieves the access control
//security descriptor for the queue that you specify
[DllImport("mqrt.dll", SetLastError=true)]
public static extern uint MQGetQueueSecurity (
[MarshalAs(UnmanagedType.LPWStr)]
string lpwcsFormatName
, int SecurityInformation
, IntPtr pSecurityDescriptor
, int nLength
, out int lpnLengthNeeded
);
//MQSetQueueSecurity
//The MQSetQueueSecurity function sets the access control
//security descriptor for the queue that you specify.
[DllImport("mqrt.dll", SetLastError=true, CharSet=CharSet.Auto)]
public static extern uint MQSetQueueSecurity(
[MarshalAs(UnmanagedType.LPWStr)]
string lpwcsFormatName
, int SecurityInformation
, IntPtr pSecurityDescriptor
);
}
public bool setQueueOwnerName(string formatName, string newOwner) {
uint result; //Return value of Win32 API call
advapi32.SECURITY_DESCRIPTOR sd = new advapi32.SECURITY_DESCRIPTOR();
IntPtr pSD = IntPtr.Zero;
GCHandle hSD = GCHandle.Alloc(sd, GCHandleType.Pinned);
pSD = hSD.AddrOfPinnedObject();
//Call advapi32!InitializeSecurityDescriptor()
//Call advapi32!SetSecurityDescriptorOwner()
result = mqrt.MQSetQueueSecurity(
formatName
, mqrt.OWNER_SECURITY_INFORMATION
, pSD
);
//Free the Pinned Objects
hSD.Free();
return true;
}
You can use System.Messaging.MessageQueue.SetPermissions, which exposes permissions at a much higher level. Unfortunately, there's no matching method GetPermissions