use strict;
use warnings;
use Win32::SDDL;
$| = 1;

my $SD = $ARGV[0];
if(defined($SD)){
    chomp $SD;
}

my $option = $ARGV[1];
if(defined($option)){
    chomp $option;
}

unless(@ARGV == 2 || @ARGV == 3){
    Fail("INCORRECT NUMBER OF ARGUMENTS!");
}

unless($option and $option =~ /^-s$/i){
    Fail("ILLEGAL OPTION!");
}

my $sddl = Win32::SDDL->new('service');
my $return = $sddl->Import($SD) or die("Unable to import security descriptor '$SD'!\n");
if($return == 2){
    Print("EMPTY ACE!\n\n");
    Print("\n********************\n\n");
}

print "\n\n";

#Cycle through the access control entries
foreach my $ace(sort {$a->{Trustee} cmp $b->{Trustee}} @{$sddl->{ACL}}){
    Print("    Type                  => ".$ace->{Type}."\n\n");
    Print("    Trustee               => ".$ace->{Trustee}."\n\n");
    Print("    Access                => ".join("\n                             ",@{$ace->{AccessMask}})."\n\n");
    Print("    Flags                 => ".join("\n                             ",@{$ace->{Flags}})."\n\n");
    Print("    Object Type           => ".$ace->{ObjectType}."\n\n");
    Print("    Inherited Object Type => ".$ace->{InheritedObjectType}."\n");
    Print("\n");
    Print("    ---------------------\n\n");
}

sub Print{
    print @_;
}

sub Fail{
    my $msg = shift;
    print "\n\n";
    print "ERROR:  $msg\n";
    print "=" for (1..length("ERROR:  $msg"));
    print "\n\n";
    print "USAGE: SDTranslate SDDL_String [-s]\n\n\n";
    print "(c)2006 by Tim Johnson <tojo2000\@tojo2000.com>\n\n";
    exit 9;
}