/// <summary>
/// Sets the security descriptor for the item specified by <paramref name="path"/>
/// </summary>
///
/// <param name="path">
/// The path to the item to set the security descriptor on.
/// </param>
///
/// <param name="securityDescriptor">
/// The new security descriptor for the item.
/// </param>
public void SetSecurityDescriptor(
string path,
ObjectSecurity securityDescriptor)
{
IRegistryWrapper key = null;
if (String.IsNullOrEmpty(path))
{
throw PSTraceSource.NewArgumentException("path");
}
if (securityDescriptor == null)
{
throw PSTraceSource.NewArgumentNullException("securityDescriptor");
}
path = NormalizePath(path);
ObjectSecurity sd;
if (TransactionAvailable())
{
sd = securityDescriptor as TransactedRegistrySecurity;
if (sd == null)
{
throw PSTraceSource.NewArgumentException("securityDescriptor");
}
}
else
{
sd = securityDescriptor as RegistrySecurity;
if (sd == null)
{
throw PSTraceSource.NewArgumentException("securityDescriptor");
}
}
key = GetRegkeyForPathWriteIfError(path, true);
if (key != null)
{
//
// the caller already checks for the following exceptions:
// -- UnauthorizedAccessException
// -- PrivilegeNotHeldException
// -- NotSupportedException
// -- SystemException
//
try
{
key.SetAccessControl(sd);
}
catch (System.Security.SecurityException e)
{
WriteError(new ErrorRecord(e, e.GetType().FullName, ErrorCategory.PermissionDenied, path));
return;
}
catch (System.UnauthorizedAccessException e)
{
WriteError(new ErrorRecord(e, e.GetType().FullName, ErrorCategory.PermissionDenied, path));
return;
}
WriteSecurityDescriptorObject(sd, path);
}
} // SetSecurityDescriptor
