public static JObject GetFileDaclJObject(string filePathString)
{
JObject fileDaclsJObject = new JObject();
FileSecurity filePathSecObj = new FileSecurity();
try
{
filePathSecObj = File.GetAccessControl(filePathString);
}
catch (System.ArgumentException e)
{
Console.WriteLine("Tried to check file permissions on invalid path: " + filePathString.ToString());
return(fileDaclsJObject);
}
AuthorizationRuleCollection fileAccessRules =
filePathSecObj.GetAccessRules(true, true, typeof(SecurityIdentifier));
foreach (FileSystemAccessRule fileAccessRule in fileAccessRules)
{
// get inheritance and access control type values
string isInheritedString = "False";
if (fileAccessRule.IsInherited)
{
isInheritedString = "True";
}
string accessControlTypeString = "Allow";
if (fileAccessRule.AccessControlType == AccessControlType.Deny)
{
accessControlTypeString = "Deny";
}
// get the user's SID
string identityReferenceString = fileAccessRule.IdentityReference.ToString();
string displayNameString = LDAPstuff.GetUserFromSid(identityReferenceString);
// get the rights
string fileSystemRightsString = fileAccessRule.FileSystemRights.ToString();
// strip spaces
fileSystemRightsString = fileSystemRightsString.Replace(" ", "");
// turn them into an array
string[] fileSystemRightsArray = fileSystemRightsString.Split(',');
// then into a JArray
JArray fileSystemRightsJArray = new JArray();
foreach (string x in fileSystemRightsArray)
{
fileSystemRightsJArray.Add(x);
}
JObject fileDaclJObject = new JObject();
fileDaclJObject.Add("Display Name", displayNameString);
fileDaclJObject.Add("Allow or Deny?", accessControlTypeString);
fileDaclJObject.Add("Inherited?", isInheritedString);
fileDaclJObject.Add("Rights", fileSystemRightsJArray);
fileDaclsJObject.Add(identityReferenceString, fileDaclJObject);
}
return(fileDaclsJObject);
}
private JObject GetAssessedGroupMember(JToken member)
{
JObject assessedMember = new JObject();
assessedMember.Add("Name", Utility.GetSafeString(member, "@name"));
assessedMember.Add("Action", Utility.GetSafeString(member, "@action"));
string memberSid = Utility.GetSafeString(member, "@sid");
if (memberSid.Length > 0)
{
assessedMember.Add("SID", memberSid);
if (GlobalVar.OnlineChecks)
{
string resolvedSID = LDAPstuff.GetUserFromSid(memberSid);
assessedMember.Add("Display Name From SID", resolvedSID);
}
}
return(assessedMember);
}
public static JObject GetFileDaclJObject(string filePathString)
{
if (!GlobalVar.OnlineChecks)
{
return(new JObject());
}
JObject fileDaclsJObject = new JObject();
FileSecurity filePathSecObj;
try
{
filePathSecObj = File.GetAccessControl(filePathString);
}
catch (ArgumentException)
{
Console.WriteLine("Tried to check file permissions on invalid path: " + filePathString);
return(null);
}
catch (UnauthorizedAccessException e)
{
if (GlobalVar.DebugMode)
{
DebugWrite(e.ToString());
}
return(null);
}
AuthorizationRuleCollection fileAccessRules =
filePathSecObj.GetAccessRules(true, true, typeof(SecurityIdentifier));
foreach (FileSystemAccessRule fileAccessRule in fileAccessRules)
{
// get inheritance and access control type values
string isInheritedString = "False";
if (fileAccessRule.IsInherited)
{
isInheritedString = "True";
}
string accessControlTypeString = "Allow";
if (fileAccessRule.AccessControlType == AccessControlType.Deny)
{
accessControlTypeString = "Deny";
}
// get the user's SID
string identityReferenceString = fileAccessRule.IdentityReference.ToString();
string displayNameString = LDAPstuff.GetUserFromSid(identityReferenceString);
// get the rights
string fileSystemRightsString = fileAccessRule.FileSystemRights.ToString();
// strip spaces
fileSystemRightsString = fileSystemRightsString.Replace(" ", "");
// turn them into an array
string[] fileSystemRightsArray = fileSystemRightsString.Split(',');
// then into a JArray
JArray fileSystemRightsJArray = new JArray();
foreach (string x in fileSystemRightsArray)
{
fileSystemRightsJArray.Add(x);
}
JObject fileDaclJObject = new JObject
{
{ accessControlTypeString, displayNameString },
{ "Inherited?", isInheritedString },
{ "Rights", fileSystemRightsJArray }
};
try
{
fileDaclsJObject.Merge(fileDaclJObject, new JsonMergeSettings
{
// union array values together to avoid duplicates
MergeArrayHandling = MergeArrayHandling.Union
});
//fileDaclsJObject.Add((identityReferenceString + " - " + accessControlTypeString), fileDaclJObject);
}
catch (ArgumentException e)
{
if (GlobalVar.DebugMode)
{
DebugWrite(e.ToString());
DebugWrite("\n" + "Trying to Add:");
DebugWrite(fileDaclJObject.ToString());
DebugWrite("\n" + "To:");
DebugWrite(fileDaclsJObject.ToString());
}
}
}
return(fileDaclsJObject);
}
