static void Main(string[] args)
{
var item1 = new FileInfo("D:\\file1.txt");
var item2 = new DirectoryInfo("D:\\test3");
var account1 = new List <IdentityReference2>()
{
(IdentityReference2)@"raandree1\randr_000"
};
FileSystemAccessRule2.AddFileSystemAccessRule(item1, account1, FileSystemRights2.FullControl, AccessControlType.Allow, InheritanceFlags.ContainerInherit, PropagationFlags.None);
return;
var path = @"C:\Windows";
var account = @"raandree1\randr_000";
var server = "localhost";
var sd = Directory.GetAccessControl(path, AccessControlSections.Access);
var id = new IdentityReference2(account);
EffectiveAccess.GetEffectiveAccess(new FileInfo(path), id, "localhost");
var result1 = InvokeCommand("gi2 c:\\windows");
var result2 = InvokeCommand(@"gi -Path D:\SingleMachine\ | Get-EffectiveAccess")
.Select(ace => ace.ImmediateBaseObject)
.Cast <FileSystemAccessRule2>().ToList();
foreach (var ace in result2)
{
Console.WriteLine(string.Format("{0};{1}", ace.Account, ace.IsInherited));
}
Console.ReadKey();
}
protected override void ProcessRecord()
{
IEnumerable <FileSystemAccessRule2> acl = null;
FileSystemInfo item = null;
foreach (var path in paths)
{
try
{
item = this.GetFileSystemInfo2(path);
}
catch (Exception ex)
{
this.WriteError(new ErrorRecord(ex, "ReadFileError", ErrorCategory.OpenError, path));
continue;
}
try
{
acl = FileSystemAccessRule2.GetFileSystemAccessRules(item, !ExcludeExplicit, !ExcludeInherited, getInheritedFrom);
}
catch (UnauthorizedAccessException)
{
try
{
var ownerInfo = FileSystemOwner.GetOwner(item);
var previousOwner = ownerInfo.Owner;
FileSystemOwner.SetOwner(item, System.Security.Principal.WindowsIdentity.GetCurrent().User);
acl = FileSystemAccessRule2.GetFileSystemAccessRules(item, !ExcludeExplicit, !ExcludeInherited, getInheritedFrom);
FileSystemOwner.SetOwner(item, previousOwner);
}
catch (Exception ex2)
{
this.WriteError(new ErrorRecord(ex2, "AddAceError", ErrorCategory.WriteError, path));
}
}
catch (Exception ex)
{
this.WriteWarning(string.Format("Could not read item {0}. The error was: {1}", path, ex.Message));
}
finally
{
if (acl != null)
{
var orphanedAces = acl.Where(ace => string.IsNullOrEmpty(ace.Account.AccountName));
orphanedSidCount += orphanedAces.Count();
WriteVerbose(string.Format("Item {0} knows about {1} orphaned SIDs in its ACL", path, orphanedAces.Count()));
orphanedAces.ForEach(ace => WriteObject(ace));
}
}
}
}
protected override void ProcessRecord()
{
if (ParameterSetName.EndsWith("Simple"))
{
FileSystemSecurity2.ConvertToFileSystemFlags(appliesTo, out inheritanceFlags, out propagationFlags);
}
if (ParameterSetName.StartsWith("Path"))
{
foreach (var path in paths)
{
FileSystemInfo item = null;
try
{
item = GetFileSystemInfo2(path);
}
catch (Exception ex)
{
WriteError(new ErrorRecord(ex, "ReadFileError", ErrorCategory.OpenError, path));
}
if (ParameterSetName == "PathSimple")
{
FileSystemSecurity2.ConvertToFileSystemFlags(appliesTo, out inheritanceFlags, out propagationFlags);
}
try
{
FileSystemAccessRule2.RemoveFileSystemAccessRule(item, account.ToList(), accessRights, accessType, inheritanceFlags, propagationFlags);
}
catch (UnauthorizedAccessException)
{
try
{
var ownerInfo = FileSystemOwner.GetOwner(item);
var previousOwner = ownerInfo.Owner;
FileSystemOwner.SetOwner(item, System.Security.Principal.WindowsIdentity.GetCurrent().User);
FileSystemAccessRule2.RemoveFileSystemAccessRule(item, account.ToList(), accessRights, accessType, inheritanceFlags, propagationFlags);
FileSystemOwner.SetOwner(item, previousOwner);
}
catch (Exception ex2)
{
WriteError(new ErrorRecord(ex2, "RemoveAceError", ErrorCategory.WriteError, path));
}
}
catch (Exception ex)
{
WriteError(new ErrorRecord(ex, "RemoveAceError", ErrorCategory.WriteError, path));
}
if (passThru == true)
{
FileSystemAccessRule2.GetFileSystemAccessRules(item, true, true).ForEach(ace => WriteObject(ace));
}
}
}
else
{
foreach (var sd in securityDescriptors)
{
FileSystemAccessRule2.RemoveFileSystemAccessRule(sd, account.ToList(), accessRights, accessType, inheritanceFlags, propagationFlags);
if (passThru == true)
{
FileSystemAccessRule2.GetFileSystemAccessRules(sd, true, true).ForEach(ace => WriteObject(ace));
}
}
}
}
protected override void ProcessRecord()
{
if (ParameterSetName == "Path")
{
FileSystemInfo item = null;
foreach (var path in paths)
{
try
{
item = GetFileSystemInfo2(path);
}
catch (Exception ex)
{
WriteError(new ErrorRecord(ex, "ReadFileError", ErrorCategory.OpenError, path));
continue;
}
try
{
FileSystemAccessRule2.RemoveFileSystemAccessRuleAll(item);
if (disableInheritance)
{
FileSystemInheritanceInfo.DisableAccessInheritance(item, true);
}
}
catch (UnauthorizedAccessException)
{
try
{
var ownerInfo = FileSystemOwner.GetOwner(item);
var previousOwner = ownerInfo.Owner;
FileSystemOwner.SetOwner(item, System.Security.Principal.WindowsIdentity.GetCurrent().User);
FileSystemAccessRule2.RemoveFileSystemAccessRuleAll(item);
if (disableInheritance)
{
FileSystemInheritanceInfo.DisableAccessInheritance(item, true);
}
FileSystemOwner.SetOwner(item, previousOwner);
}
catch (Exception ex2)
{
WriteError(new ErrorRecord(ex2, "ClearAclError", ErrorCategory.WriteError, path));
}
}
catch (Exception ex)
{
WriteError(new ErrorRecord(ex, "ClearAclError", ErrorCategory.WriteError, path));
}
}
}
else
{
foreach (var sd in securityDescriptors)
{
FileSystemAccessRule2.RemoveFileSystemAccessRuleAll(sd);
if (disableInheritance)
{
FileSystemInheritanceInfo.DisableAccessInheritance(sd, true);
}
}
}
}
protected override void ProcessRecord()
{
IEnumerable <FileSystemAccessRule2> acl = null;
FileSystemInfo item = null;
if (ParameterSetName == "Path")
{
foreach (var path in paths)
{
try
{
item = GetFileSystemInfo2(path);
}
catch (Exception ex)
{
WriteError(new ErrorRecord(ex, "ReadFileError", ErrorCategory.OpenError, path));
continue;
}
try
{
acl = FileSystemAccessRule2.GetFileSystemAccessRules(item, !excludeExplicit, !excludeInherited, getInheritedFrom);
}
catch (UnauthorizedAccessException)
{
try
{
var ownerInfo = FileSystemOwner.GetOwner(item);
var previousOwner = ownerInfo.Owner;
FileSystemOwner.SetOwner(item, System.Security.Principal.WindowsIdentity.GetCurrent().User);
acl = FileSystemAccessRule2.GetFileSystemAccessRules(item, !excludeExplicit, !excludeInherited, getInheritedFrom);
FileSystemOwner.SetOwner(item, previousOwner);
}
catch (Exception ex2)
{
WriteError(new ErrorRecord(ex2, "ReadSecurityError", ErrorCategory.WriteError, path));
continue;
}
}
catch (Exception ex)
{
WriteError(new ErrorRecord(ex, "ReadSecurityError", ErrorCategory.OpenError, path));
continue;
}
finally
{
if (acl != null)
{
if (account != null)
{
acl = acl.Where(ace => ace.Account == account);
}
acl.ForEach(ace => WriteObject(ace));
}
}
}
}
else
{
foreach (var sd in securityDescriptors)
{
acl = FileSystemAccessRule2.GetFileSystemAccessRules(sd, !excludeExplicit, !excludeInherited, getInheritedFrom);
if (account != null)
{
acl = acl.Where(ace => ace.Account == account);
}
acl.ForEach(ace => WriteObject(ace));
}
}
}
protected override void ProcessRecord()
{
//as this cmdlet retreives also the current working folder to show the permissions.
if (includeRootFolder & isFirstFolder)
{
string rootPath = System.IO.Path.GetDirectoryName(paths[0]);
if (!string.IsNullOrEmpty(rootPath))
{
List <string> l = new List <string>();
l.Add(rootPath);
l.AddRange(paths);
paths = l;
}
}
foreach (var p in paths)
{
try
{
item = GetFileSystemInfo2(p) as DirectoryInfo;
if (item != null)
{
WriteVerbose(string.Format("New folder: {0}", item.FullName));
directoryList.Add(item);
var acl = FileSystemAccessRule2.GetFileSystemAccessRules(item, !ExcludeExplicit, !ExcludeInherited).Select(ace => ace.ToSimpleFileSystemAccessRule2());
try
{
previousItem = item.GetParent();
}
catch { }
IEnumerable <SimpleFileSystemAccessRule> previousAcl = null;
if (isFirstFolder)
{
previousAcls.Add(item.FullName, acl);
aceList.AddRange(acl);
acl.ForEach(ace => WriteObject(ace));
isFirstFolder = false;
}
else
{
if (previousAcls.ContainsKey(previousItem.FullName))
{
previousAcl = previousAcls[previousItem.FullName];
previousAcls.Add(item.FullName, acl);
List <SimpleFileSystemAccessRule> diffAcl = new List <SimpleFileSystemAccessRule>();
foreach (var ace in acl)
{
var equalsUser = previousAcl.Where(prevAce => prevAce.Identity == ace.Identity);
var equalsUserAndAccessType = previousAcl.Where(prevAce => prevAce.Identity == ace.Identity & prevAce.AccessControlType == ace.AccessControlType);
var equalsRights = previousAcl.Where(prevAce => (prevAce.AccessRights & ace.AccessRights) == ace.AccessRights);
var totalEqual = previousAcl.Where(prevAce => prevAce.Identity == ace.Identity & prevAce.AccessControlType == ace.AccessControlType & (prevAce.AccessRights & ace.AccessRights) == ace.AccessRights);
if (previousAcl.Where(prevAce =>
prevAce.AccessControlType == ace.AccessControlType &
(prevAce.AccessRights & ace.AccessRights) == ace.AccessRights &
prevAce.Identity == ace.Identity).Count() == 0)
{
diffAcl.Add(ace);
}
}
aceList.AddRange(diffAcl);
diffAcl.ForEach(ace => WriteObject(ace));
}
}
}
}
catch (Exception ex)
{
WriteError(new ErrorRecord(ex, "ReadError", ErrorCategory.OpenError, p));
}
}
}
