public static string GetOwner(PSObject instance) { string str; if (instance != null) { ObjectSecurity baseObject = instance.BaseObject as ObjectSecurity; if (baseObject != null) { try { IdentityReference owner = baseObject.GetOwner(typeof(NTAccount)); str = owner.ToString(); } catch (IdentityNotMappedException identityNotMappedException) { return(baseObject.GetSecurityDescriptorSddlForm(AccessControlSections.Owner)); } return(str); } else { throw PSTraceSource.NewArgumentNullException("instance"); } } else { throw PSTraceSource.NewArgumentNullException("instance"); } }
public static string GetSddl(PSObject instance) { if (instance != null) { ObjectSecurity baseObject = instance.BaseObject as ObjectSecurity; if (baseObject != null) { string securityDescriptorSddlForm = baseObject.GetSecurityDescriptorSddlForm(AccessControlSections.All); return(securityDescriptorSddlForm); } else { throw PSTraceSource.NewArgumentNullException("instance"); } } else { throw PSTraceSource.NewArgumentNullException("instance"); } }
protected override void ProcessRecord() { string sddlForm; ObjectSecurity objectSecurity = this.securityDescriptor as ObjectSecurity; if (this.inputObject == null) { if (this.Path != null) { if (objectSecurity != null) { if ((this.CentralAccessPolicy != null || this.ClearCentralAccessPolicy) && !DownLevelHelper.IsWin8AndAbove()) { Exception parameterBindingException = new ParameterBindingException(); base.WriteError(new ErrorRecord(parameterBindingException, "SetAcl_OperationNotSupported", ErrorCategory.InvalidArgument, null)); return; } else { if (this.CentralAccessPolicy == null || !this.ClearCentralAccessPolicy) { IntPtr zero = IntPtr.Zero; NativeMethods.TOKEN_PRIVILEGE tOKENPRIVILEGE = new NativeMethods.TOKEN_PRIVILEGE(); try { if (this.CentralAccessPolicy == null) { if (this.ClearCentralAccessPolicy) { zero = this.GetEmptySacl(); if (zero == IntPtr.Zero) { SystemException systemException = new SystemException(UtilsStrings.GetEmptySaclFail); base.WriteError(new ErrorRecord(systemException, "SetAcl_ClearCentralAccessPolicy", ErrorCategory.InvalidResult, null)); return; } } } else { zero = this.GetSaclWithCapId(this.CentralAccessPolicy); if (zero == IntPtr.Zero) { SystemException systemException1 = new SystemException(UtilsStrings.GetSaclWithCapIdFail); base.WriteError(new ErrorRecord(systemException1, "SetAcl_CentralAccessPolicy", ErrorCategory.InvalidResult, null)); return; } } string[] path = this.Path; for (int i = 0; i < (int)path.Length; i++) { string str = path[i]; Collection <PathInfo> pathInfos = new Collection <PathInfo>(); CmdletProviderContext cmdletProviderContext = base.CmdletProviderContext; cmdletProviderContext.PassThru = this.Passthru; if (!this.isLiteralPath) { pathInfos = base.SessionState.Path.GetResolvedPSPathFromPSPath(str, base.CmdletProviderContext); } else { ProviderInfo providerInfo = null; PSDriveInfo pSDriveInfo = null; string unresolvedProviderPathFromPSPath = base.SessionState.Path.GetUnresolvedProviderPathFromPSPath(str, out providerInfo, out pSDriveInfo); pathInfos.Add(new PathInfo(pSDriveInfo, providerInfo, unresolvedProviderPathFromPSPath, base.SessionState)); cmdletProviderContext.SuppressWildcardExpansion = true; } foreach (PathInfo pathInfo in pathInfos) { if (!base.ShouldProcess(pathInfo.Path)) { continue; } try { base.InvokeProvider.SecurityDescriptor.Set(pathInfo.Path, objectSecurity, cmdletProviderContext); if (this.CentralAccessPolicy != null || this.ClearCentralAccessPolicy) { if (pathInfo.Provider.NameEquals(base.Context.ProviderNames.FileSystem)) { IntPtr tokenWithEnabledPrivilege = this.GetTokenWithEnabledPrivilege("SeSecurityPrivilege", tOKENPRIVILEGE); if (tokenWithEnabledPrivilege != IntPtr.Zero) { int num = NativeMethods.SetNamedSecurityInfo(pathInfo.ProviderPath, NativeMethods.SeObjectType.SE_FILE_OBJECT, NativeMethods.SecurityInformation.SCOPE_SECURITY_INFORMATION, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, zero); if (tokenWithEnabledPrivilege != IntPtr.Zero) { NativeMethods.TOKEN_PRIVILEGE tOKENPRIVILEGE1 = new NativeMethods.TOKEN_PRIVILEGE(); uint num1 = 0; NativeMethods.AdjustTokenPrivileges(tokenWithEnabledPrivilege, false, ref tOKENPRIVILEGE, Marshal.SizeOf(tOKENPRIVILEGE1), ref tOKENPRIVILEGE1, ref num1); NativeMethods.CloseHandle(tokenWithEnabledPrivilege); } if (num != 0) { SystemException win32Exception = new Win32Exception(num, UtilsStrings.SetCentralAccessPolicyFail); base.WriteError(new ErrorRecord(win32Exception, "SetAcl_SetNamedSecurityInfo", ErrorCategory.InvalidResult, null)); } } else { SystemException systemException2 = new SystemException(UtilsStrings.GetTokenWithEnabledPrivilegeFail); base.WriteError(new ErrorRecord(systemException2, "SetAcl_AdjustTokenPrivileges", ErrorCategory.InvalidResult, null)); return; } } else { Exception argumentException = new ArgumentException("Path"); base.WriteError(new ErrorRecord(argumentException, "SetAcl_Path", ErrorCategory.InvalidArgument, this.AclObject)); continue; } } } catch (NotSupportedException notSupportedException) { object[] objArray = new object[1]; objArray[0] = pathInfo.Path; ErrorRecord errorRecord = SecurityUtils.CreateNotSupportedErrorRecord(UtilsStrings.OperationNotSupportedOnPath, "SetAcl_OperationNotSupported", objArray); base.WriteError(errorRecord); } } } return; } finally { Marshal.FreeHGlobal(zero); } } else { Exception exception = new ArgumentException(UtilsStrings.InvalidCentralAccessPolicyParameters); ErrorRecord errorRecord1 = SecurityUtils.CreateInvalidArgumentErrorRecord(exception, "SetAcl_OperationNotSupported"); base.WriteError(errorRecord1); return; } } } else { Exception argumentException1 = new ArgumentException("AclObject"); base.WriteError(new ErrorRecord(argumentException1, "SetAcl_AclObject", ErrorCategory.InvalidArgument, this.AclObject)); return; } } else { Exception exception1 = new ArgumentException("Path"); base.WriteError(new ErrorRecord(exception1, "SetAcl_Path", ErrorCategory.InvalidArgument, this.AclObject)); } } else { PSMethodInfo item = this.inputObject.Methods["SetSecurityDescriptor"]; if (item == null) { ErrorRecord errorRecord2 = SecurityUtils.CreateNotSupportedErrorRecord(UtilsStrings.SetMethodNotFound, "SetAcl_OperationNotSupported", new object[0]); base.WriteError(errorRecord2); return; } else { CommonSecurityDescriptor commonSecurityDescriptor = this.securityDescriptor as CommonSecurityDescriptor; if (objectSecurity == null) { if (commonSecurityDescriptor == null) { Exception argumentException2 = new ArgumentException("AclObject"); base.WriteError(new ErrorRecord(argumentException2, "SetAcl_AclObject", ErrorCategory.InvalidArgument, this.AclObject)); return; } else { sddlForm = commonSecurityDescriptor.GetSddlForm(AccessControlSections.All); } } else { sddlForm = objectSecurity.GetSecurityDescriptorSddlForm(AccessControlSections.All); } try { object[] objArray1 = new object[1]; objArray1[0] = sddlForm; item.Invoke(objArray1); return; } catch (Exception exception3) { Exception exception2 = exception3; CommandProcessorBase.CheckForSevereException(exception2); ErrorRecord errorRecord3 = SecurityUtils.CreateNotSupportedErrorRecord(UtilsStrings.MethodInvokeFail, "SetAcl_OperationNotSupported", new object[0]); base.WriteError(errorRecord3); } } } }