예제 #1
0
 private void SetUpAccountPreservations(IEnumerable <string> groupsToAddToPreserveList, IEnumerable <string> groupsToRemoveFromPreserveList)
 {
     if (groupsToRemoveFromPreserveList != null && groupsToRemoveFromPreserveList.Count() != 0)
     {
         foreach (string group in groupsToRemoveFromPreserveList)
         {
             WellKnownSecurityRoles.RemoveFromGroupToPreserveList(group);
         }
     }
     if (groupsToAddToPreserveList != null && groupsToAddToPreserveList.Count() != 0)
     {
         foreach (string group in groupsToAddToPreserveList)
         {
             WellKnownSecurityRoles.AddToGroupToPreserveList(group);
         }
     }
 }
예제 #2
0
        public override DeploymentResult Execute()
        {
            var result = new DeploymentResult();

            var security = Directory.GetAccessControl(_path);
            var rules    = security.GetAccessRules(true, true, typeof(NTAccount));

            foreach (FileSystemAccessRule rule in rules)
            {
                if (WellKnownSecurityRoles.IsInherited(rule) || WellKnownSecurityRoles.IsPreserved(rule))
                {
                    continue;
                }

                security.RemoveAccessRuleSpecific(rule);
                LogSecurity("[security][acl] Removed '{0}' on '{1}'", rule.IdentityReference, _path);
                result.AddGood("Removed '{0}' on '{1}'", rule.IdentityReference, _path);
            }

            Directory.SetAccessControl(_path, security);

            return(result);
        }