Split into domain vs local CAs

wixtoolset · Aug 3, 2024 · 15772ee · 15772ee
1 parent 8f9d9e7
commit 15772ee
Show file tree

Hide file tree

Showing 5 changed files with 66 additions and 12 deletions.
diff --git a/src/ext/Util/ca/scagroup.cpp b/src/ext/Util/ca/scagroup.cpp
@@ -553,7 +553,14 @@ HRESULT ScaGroupExecute(
             //
             // Schedule the creation now.
             //
-            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"CreateGroup"), pwzActionData, COST_GROUP_ADD);
+            if (psg->wzDomain && *psg->wzDomain)
+            {
+                hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"CreateDomainGroup"), pwzActionData, COST_GROUP_ADD);
+            }
+            else
+            {
+                hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"CreateGroup"), pwzActionData, COST_GROUP_ADD);
+            }
             ExitOnFailure(hr, "failed to schedule CreateGroup");
         }
         else if (((GROUP_EXISTS_YES == geGroupExists)
@@ -569,7 +576,14 @@ HRESULT ScaGroupExecute(
             //
             // Note: We can't rollback the removal of a group which is why RemoveGroup is a commit
             // CustomAction.
-            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"RemoveGroup"), pwzActionData, COST_GROUP_DELETE);
+            if (psg->wzDomain && *psg->wzDomain)
+            {
+                hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"RemoveDomainGroup"), pwzActionData, COST_GROUP_DELETE);
+            }
+            else
+            {
+                hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"RemoveGroup"), pwzActionData, COST_GROUP_DELETE);
+            }
             ExitOnFailure(hr, "failed to schedule RemoveGroup");
         }
 
@@ -641,7 +655,15 @@ HRESULT ScaGroupMembershipRemoveParentsExecute(
             ExitOnFailure(hr, "Failed to add child group domain to custom action data: %ls", psg->wzDomain);
             hr = WcaWriteIntegerToCaData(psg->iAttributes, &pwzActionData);
             ExitOnFailure(hr, "Failed to add group attributes to custom action data: %i", psg->iAttributes);
-            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"RemoveGroupMembership"), pwzActionData, COST_GROUPMEMBERSHIP_DELETE);
+
+            if (psgp->wzDomain && *psgp->wzDomain)
+            {
+                hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"RemoveDomainGroupMembership"), pwzActionData, COST_GROUPMEMBERSHIP_DELETE);
+            }
+            else
+            {
+                hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"RemoveGroupMembership"), pwzActionData, COST_GROUPMEMBERSHIP_DELETE);
+            }
 
         LExit:
             ReleaseNullStr(pwzActionData);
@@ -680,7 +702,14 @@ HRESULT ScaGroupMembershipRemoveChildrenExecute(
             ExitOnFailure(hr, "Failed to add child group domain to custom action data: %ls", psgc->wzDomain);
             hr = WcaWriteIntegerToCaData(psg->iAttributes, &pwzActionData);
             ExitOnFailure(hr, "Failed to add group attributes to custom action data: %i", psg->iAttributes);
-            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"RemoveGroupMembership"), pwzActionData, COST_GROUPMEMBERSHIP_DELETE);
+            if (psg->wzDomain && *psg->wzDomain)
+            {
+                hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"RemoveDomainGroupMembership"), pwzActionData, COST_GROUPMEMBERSHIP_DELETE);
+            }
+            else
+            {
+                hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"RemoveGroupMembership"), pwzActionData, COST_GROUPMEMBERSHIP_DELETE);
+            }
 
         LExit:
             ReleaseNullStr(pwzActionData);
@@ -748,7 +777,14 @@ HRESULT ScaGroupMembershipAddParentsExecute(
             ExitOnFailure(hr, "Failed to add child group domain to custom action data: %ls", psg->wzDomain);
             hr = WcaWriteIntegerToCaData(psg->iAttributes, &pwzActionData);
             ExitOnFailure(hr, "Failed to add group attributes to custom action data: %i", psg->iAttributes);
-            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"AddGroupMembership"), pwzActionData, COST_GROUPMEMBERSHIP_ADD);
+            if (psgp->wzDomain&&* psgp->wzDomain)
+            {
+                hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"AddDomainGroupMembership"), pwzActionData, COST_GROUPMEMBERSHIP_ADD);
+            }
+            else
+            {
+                hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"AddGroupMembership"), pwzActionData, COST_GROUPMEMBERSHIP_ADD);
+            }
 
         LExit:
             ReleaseNullStr(pwzActionData);
@@ -790,7 +826,14 @@ HRESULT ScaGroupMembershipAddChildrenExecute(
             ExitOnFailure(hr, "Failed to add parent group domain to custom action data: %ls", psgc->wzDomain);
             hr = WcaWriteIntegerToCaData(psg->iAttributes, &pwzActionData);
             ExitOnFailure(hr, "Failed to add group attributes to custom action data: %i", psg->iAttributes);
-            hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"AddGroupMembership"), pwzActionData, COST_GROUPMEMBERSHIP_ADD);
+            if (psg->wzDomain && *psg->wzDomain)
+            {
+                hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"AddDomainGroupMembership"), pwzActionData, COST_GROUPMEMBERSHIP_ADD);
+            }
+            else
+            {
+                hr = WcaDoDeferredAction(CUSTOM_ACTION_DECORATION6(L"AddGroupMembership"), pwzActionData, COST_GROUPMEMBERSHIP_ADD);
+            }
 
         LExit:
             ReleaseNullStr(pwzActionData);

diff --git a/src/ext/Util/test/WixToolsetTest.Util/UtilExtensionFixture.cs b/src/ext/Util/test/WixToolsetTest.Util/UtilExtensionFixture.cs
@@ -405,8 +405,11 @@ public void CanCreateUserGroupWithComment()
             {
                 "Binary:Wix4UtilCA_X64\t[Binary data]",
                 "CustomAction:Wix6ConfigureGroups_X64\t1\tWix4UtilCA_X64\tConfigureGroups\t",
+                "CustomAction:Wix6CreateDomainGroup_X64\t1025\tWix4UtilCA_X64\tCreateGroup\t",
+                "CustomAction:Wix6CreateDomainGroupRollback_X64\t1281\tWix4UtilCA_X64\tCreateGroupRollback\t",
                 "CustomAction:Wix6CreateGroup_X64\t3073\tWix4UtilCA_X64\tCreateGroup\t",
                 "CustomAction:Wix6CreateGroupRollback_X64\t3329\tWix4UtilCA_X64\tCreateGroupRollback\t",
+                "CustomAction:Wix6RemoveDomainGroup_X64\t1601\tWix4UtilCA_X64\tRemoveGroup\t",
                 "CustomAction:Wix6RemoveGroup_X64\t3649\tWix4UtilCA_X64\tRemoveGroup\t",
                 "Wix4Group:TEST_GROUP00\tComponent1\ttestName00\t",
                 "Wix4Group:TEST_GROUP01\tComponent1\ttestName01\t",

diff --git a/src/ext/Util/wixlib/UtilExtension.wxs b/src/ext/Util/wixlib/UtilExtension.wxs
@@ -22,7 +22,7 @@
     </Fragment>
 
     <Fragment>
-        <UI Id="ConfigureGroupGroupsErrorText">
+        <UI Id="ConfigureGroupMembershipErrorText">
             <Error Id="$(var.msierrGRPFailedGroupGroupAdd)" Message="!(loc.msierrGRPFailedGroupGroupAdd)" />
         </UI>
     </Fragment>

diff --git a/src/ext/Util/wixlib/UtilExtension_Platform.wxi b/src/ext/Util/wixlib/UtilExtension_Platform.wxi
@@ -1,4 +1,4 @@
-<!-- Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information. -->
+<!-- Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information. -->
 
 
 <Include xmlns="http://wixtoolset.org/schemas/v4/wxs">
@@ -139,17 +139,26 @@
         <CustomAction Id="$(var.Prefix6)CreateGroupRollback$(var.Suffix)" DllEntry="CreateGroupRollback" Impersonate="no" Execute="rollback" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
         <!-- RemoveGroup is a type commit action because it is not possible to rollback the removal of a group -->
         <CustomAction Id="$(var.Prefix6)RemoveGroup$(var.Suffix)" DllEntry="RemoveGroup" Impersonate="no" Execute="commit" Return="ignore" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
+
+        <CustomAction Id="$(var.Prefix6)CreateDomainGroup$(var.Suffix)" DllEntry="CreateGroup" Impersonate="yes" Execute="deferred" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
+        <CustomAction Id="$(var.Prefix6)CreateDomainGroupRollback$(var.Suffix)" DllEntry="CreateGroupRollback" Impersonate="yes" Execute="rollback" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
+        <!-- RemoveGroup is a type commit action because it is not possible to rollback the removal of a group -->
+        <CustomAction Id="$(var.Prefix6)RemoveDomainGroup$(var.Suffix)" DllEntry="RemoveGroup" Impersonate="yes" Execute="commit" Return="ignore" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
         <InstallExecuteSequence>
             <Custom Action="virtual $(var.Prefix6)ConfigureGroups$(var.Suffix)" Before="InstallFiles" Condition="VersionNT &gt; 400" />
         </InstallExecuteSequence>
     </Fragment>
 
     <Fragment>
-        <UIRef Id="ConfigureGroupGroupsErrorText" />
+        <UIRef Id="ConfigureGroupMembershipErrorText" />
         <CustomAction Id="$(var.Prefix6)AddGroupMembership$(var.Suffix)" DllEntry="AddGroupMembership" Impersonate="no" Execute="deferred" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
         <CustomAction Id="$(var.Prefix6)AddGroupMembershipRollback$(var.Suffix)" DllEntry="AddGroupMembershipRollback" Impersonate="no" Execute="rollback" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
         <CustomAction Id="$(var.Prefix6)RemoveGroupMembership$(var.Suffix)" DllEntry="RemoveGroupMembership" Impersonate="no" Execute="deferred" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
         <CustomAction Id="$(var.Prefix6)RemoveGroupMembershipRollback$(var.Suffix)" DllEntry="RemoveGroupMembershipRollback" Impersonate="no" Execute="rollback" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
+        <CustomAction Id="$(var.Prefix6)AddDomainGroupMembership$(var.Suffix)" DllEntry="AddGroupMembership" Impersonate="yes" Execute="deferred" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
+        <CustomAction Id="$(var.Prefix6)AddDomainGroupMembershipRollback$(var.Suffix)" DllEntry="AddGroupMembershipRollback" Impersonate="yes" Execute="rollback" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
+        <CustomAction Id="$(var.Prefix6)RemoveDomainGroupMembership$(var.Suffix)" DllEntry="RemoveGroupMembership" Impersonate="yes" Execute="deferred" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
+        <CustomAction Id="$(var.Prefix6)RemoveDomainGroupMembershipRollback$(var.Suffix)" DllEntry="RemoveGroupMembershipRollback" Impersonate="yes" Execute="rollback" Return="check" SuppressModularization="yes" BinaryRef="$(var.Prefix)UtilCA$(var.Suffix)" />
     </Fragment>
 
     <Fragment>

diff --git a/src/test/msi/TestData/UtilExtensionGroupTests/ProductNestedGroups/product.wxs b/src/test/msi/TestData/UtilExtensionGroupTests/ProductNestedGroups/product.wxs
@@ -7,12 +7,11 @@
             <ComponentRef Id="Component1" />
         </ComponentGroup>
 
-        <Property Id="TEMPDOMAIN" Secure="yes" />
-        <Property Id="TEMPGROUPNAME" Secure="yes" />
+        <Property Id="TEMPDOMAIN" Secure="yes" Value="TESTDOMAIN" />
     </Fragment>
 
     <Fragment>
-        <util:Group Id="AUTH_USERS" Name="Authenticated Users" >
+        <util:Group Id="AUTH_USERS" Name="Authenticated Users" Domain="[TEMPDOMAIN]" >
             <util:GroupRef Id="TEST_GROUP1" />
             <util:GroupRef Id="TEST_GROUP2" />
         </util:Group>