static void Main(string[] args) { var item1 = new FileInfo("D:\\file1.txt"); var item2 = new DirectoryInfo("D:\\test3"); var account1 = new List <IdentityReference2>() { (IdentityReference2)@"raandree1\randr_000" }; FileSystemAccessRule2.AddFileSystemAccessRule(item1, account1, FileSystemRights2.FullControl, AccessControlType.Allow, InheritanceFlags.ContainerInherit, PropagationFlags.None); return; var path = @"C:\Windows"; var account = @"raandree1\randr_000"; var server = "localhost"; var sd = Directory.GetAccessControl(path, AccessControlSections.Access); var id = new IdentityReference2(account); EffectiveAccess.GetEffectiveAccess(new FileInfo(path), id, "localhost"); var result1 = InvokeCommand("gi2 c:\\windows"); var result2 = InvokeCommand(@"gi -Path D:\SingleMachine\ | Get-EffectiveAccess") .Select(ace => ace.ImmediateBaseObject) .Cast <FileSystemAccessRule2>().ToList(); foreach (var ace in result2) { Console.WriteLine(string.Format("{0};{1}", ace.Account, ace.IsInherited)); } Console.ReadKey(); }
protected override void ProcessRecord() { IEnumerable <FileSystemAccessRule2> acl = null; FileSystemInfo item = null; foreach (var path in paths) { try { item = this.GetFileSystemInfo2(path); } catch (Exception ex) { this.WriteError(new ErrorRecord(ex, "ReadFileError", ErrorCategory.OpenError, path)); continue; } try { acl = FileSystemAccessRule2.GetFileSystemAccessRules(item, !ExcludeExplicit, !ExcludeInherited, getInheritedFrom); } catch (UnauthorizedAccessException) { try { var ownerInfo = FileSystemOwner.GetOwner(item); var previousOwner = ownerInfo.Owner; FileSystemOwner.SetOwner(item, System.Security.Principal.WindowsIdentity.GetCurrent().User); acl = FileSystemAccessRule2.GetFileSystemAccessRules(item, !ExcludeExplicit, !ExcludeInherited, getInheritedFrom); FileSystemOwner.SetOwner(item, previousOwner); } catch (Exception ex2) { this.WriteError(new ErrorRecord(ex2, "AddAceError", ErrorCategory.WriteError, path)); } } catch (Exception ex) { this.WriteWarning(string.Format("Could not read item {0}. The error was: {1}", path, ex.Message)); } finally { if (acl != null) { var orphanedAces = acl.Where(ace => string.IsNullOrEmpty(ace.Account.AccountName)); orphanedSidCount += orphanedAces.Count(); WriteVerbose(string.Format("Item {0} knows about {1} orphaned SIDs in its ACL", path, orphanedAces.Count())); orphanedAces.ForEach(ace => WriteObject(ace)); } } } }
protected override void ProcessRecord() { if (ParameterSetName.EndsWith("Simple")) { FileSystemSecurity2.ConvertToFileSystemFlags(appliesTo, out inheritanceFlags, out propagationFlags); } if (ParameterSetName.StartsWith("Path")) { foreach (var path in paths) { FileSystemInfo item = null; try { item = GetFileSystemInfo2(path); } catch (Exception ex) { WriteError(new ErrorRecord(ex, "ReadFileError", ErrorCategory.OpenError, path)); } if (ParameterSetName == "PathSimple") { FileSystemSecurity2.ConvertToFileSystemFlags(appliesTo, out inheritanceFlags, out propagationFlags); } try { FileSystemAccessRule2.RemoveFileSystemAccessRule(item, account.ToList(), accessRights, accessType, inheritanceFlags, propagationFlags); } catch (UnauthorizedAccessException) { try { var ownerInfo = FileSystemOwner.GetOwner(item); var previousOwner = ownerInfo.Owner; FileSystemOwner.SetOwner(item, System.Security.Principal.WindowsIdentity.GetCurrent().User); FileSystemAccessRule2.RemoveFileSystemAccessRule(item, account.ToList(), accessRights, accessType, inheritanceFlags, propagationFlags); FileSystemOwner.SetOwner(item, previousOwner); } catch (Exception ex2) { WriteError(new ErrorRecord(ex2, "RemoveAceError", ErrorCategory.WriteError, path)); } } catch (Exception ex) { WriteError(new ErrorRecord(ex, "RemoveAceError", ErrorCategory.WriteError, path)); } if (passThru == true) { FileSystemAccessRule2.GetFileSystemAccessRules(item, true, true).ForEach(ace => WriteObject(ace)); } } } else { foreach (var sd in securityDescriptors) { FileSystemAccessRule2.RemoveFileSystemAccessRule(sd, account.ToList(), accessRights, accessType, inheritanceFlags, propagationFlags); if (passThru == true) { FileSystemAccessRule2.GetFileSystemAccessRules(sd, true, true).ForEach(ace => WriteObject(ace)); } } } }
protected override void ProcessRecord() { if (ParameterSetName == "Path") { FileSystemInfo item = null; foreach (var path in paths) { try { item = GetFileSystemInfo2(path); } catch (Exception ex) { WriteError(new ErrorRecord(ex, "ReadFileError", ErrorCategory.OpenError, path)); continue; } try { FileSystemAccessRule2.RemoveFileSystemAccessRuleAll(item); if (disableInheritance) { FileSystemInheritanceInfo.DisableAccessInheritance(item, true); } } catch (UnauthorizedAccessException) { try { var ownerInfo = FileSystemOwner.GetOwner(item); var previousOwner = ownerInfo.Owner; FileSystemOwner.SetOwner(item, System.Security.Principal.WindowsIdentity.GetCurrent().User); FileSystemAccessRule2.RemoveFileSystemAccessRuleAll(item); if (disableInheritance) { FileSystemInheritanceInfo.DisableAccessInheritance(item, true); } FileSystemOwner.SetOwner(item, previousOwner); } catch (Exception ex2) { WriteError(new ErrorRecord(ex2, "ClearAclError", ErrorCategory.WriteError, path)); } } catch (Exception ex) { WriteError(new ErrorRecord(ex, "ClearAclError", ErrorCategory.WriteError, path)); } } } else { foreach (var sd in securityDescriptors) { FileSystemAccessRule2.RemoveFileSystemAccessRuleAll(sd); if (disableInheritance) { FileSystemInheritanceInfo.DisableAccessInheritance(sd, true); } } } }
protected override void ProcessRecord() { IEnumerable <FileSystemAccessRule2> acl = null; FileSystemInfo item = null; if (ParameterSetName == "Path") { foreach (var path in paths) { try { item = GetFileSystemInfo2(path); } catch (Exception ex) { WriteError(new ErrorRecord(ex, "ReadFileError", ErrorCategory.OpenError, path)); continue; } try { acl = FileSystemAccessRule2.GetFileSystemAccessRules(item, !excludeExplicit, !excludeInherited, getInheritedFrom); } catch (UnauthorizedAccessException) { try { var ownerInfo = FileSystemOwner.GetOwner(item); var previousOwner = ownerInfo.Owner; FileSystemOwner.SetOwner(item, System.Security.Principal.WindowsIdentity.GetCurrent().User); acl = FileSystemAccessRule2.GetFileSystemAccessRules(item, !excludeExplicit, !excludeInherited, getInheritedFrom); FileSystemOwner.SetOwner(item, previousOwner); } catch (Exception ex2) { WriteError(new ErrorRecord(ex2, "ReadSecurityError", ErrorCategory.WriteError, path)); continue; } } catch (Exception ex) { WriteError(new ErrorRecord(ex, "ReadSecurityError", ErrorCategory.OpenError, path)); continue; } finally { if (acl != null) { if (account != null) { acl = acl.Where(ace => ace.Account == account); } acl.ForEach(ace => WriteObject(ace)); } } } } else { foreach (var sd in securityDescriptors) { acl = FileSystemAccessRule2.GetFileSystemAccessRules(sd, !excludeExplicit, !excludeInherited, getInheritedFrom); if (account != null) { acl = acl.Where(ace => ace.Account == account); } acl.ForEach(ace => WriteObject(ace)); } } }
protected override void ProcessRecord() { //as this cmdlet retreives also the current working folder to show the permissions. if (includeRootFolder & isFirstFolder) { string rootPath = System.IO.Path.GetDirectoryName(paths[0]); if (!string.IsNullOrEmpty(rootPath)) { List <string> l = new List <string>(); l.Add(rootPath); l.AddRange(paths); paths = l; } } foreach (var p in paths) { try { item = GetFileSystemInfo2(p) as DirectoryInfo; if (item != null) { WriteVerbose(string.Format("New folder: {0}", item.FullName)); directoryList.Add(item); var acl = FileSystemAccessRule2.GetFileSystemAccessRules(item, !ExcludeExplicit, !ExcludeInherited).Select(ace => ace.ToSimpleFileSystemAccessRule2()); try { previousItem = item.GetParent(); } catch { } IEnumerable <SimpleFileSystemAccessRule> previousAcl = null; if (isFirstFolder) { previousAcls.Add(item.FullName, acl); aceList.AddRange(acl); acl.ForEach(ace => WriteObject(ace)); isFirstFolder = false; } else { if (previousAcls.ContainsKey(previousItem.FullName)) { previousAcl = previousAcls[previousItem.FullName]; previousAcls.Add(item.FullName, acl); List <SimpleFileSystemAccessRule> diffAcl = new List <SimpleFileSystemAccessRule>(); foreach (var ace in acl) { var equalsUser = previousAcl.Where(prevAce => prevAce.Identity == ace.Identity); var equalsUserAndAccessType = previousAcl.Where(prevAce => prevAce.Identity == ace.Identity & prevAce.AccessControlType == ace.AccessControlType); var equalsRights = previousAcl.Where(prevAce => (prevAce.AccessRights & ace.AccessRights) == ace.AccessRights); var totalEqual = previousAcl.Where(prevAce => prevAce.Identity == ace.Identity & prevAce.AccessControlType == ace.AccessControlType & (prevAce.AccessRights & ace.AccessRights) == ace.AccessRights); if (previousAcl.Where(prevAce => prevAce.AccessControlType == ace.AccessControlType & (prevAce.AccessRights & ace.AccessRights) == ace.AccessRights & prevAce.Identity == ace.Identity).Count() == 0) { diffAcl.Add(ace); } } aceList.AddRange(diffAcl); diffAcl.ForEach(ace => WriteObject(ace)); } } } } catch (Exception ex) { WriteError(new ErrorRecord(ex, "ReadError", ErrorCategory.OpenError, p)); } } }