private void SetUpAccountPreservations(IEnumerable <string> groupsToAddToPreserveList, IEnumerable <string> groupsToRemoveFromPreserveList)
{
if (groupsToRemoveFromPreserveList != null && groupsToRemoveFromPreserveList.Count() != 0)
{
foreach (string group in groupsToRemoveFromPreserveList)
{
WellKnownSecurityRoles.RemoveFromGroupToPreserveList(group);
}
}
if (groupsToAddToPreserveList != null && groupsToAddToPreserveList.Count() != 0)
{
foreach (string group in groupsToAddToPreserveList)
{
WellKnownSecurityRoles.AddToGroupToPreserveList(group);
}
}
}
public override DeploymentResult Execute()
{
var result = new DeploymentResult();
var security = Directory.GetAccessControl(_path);
var rules = security.GetAccessRules(true, true, typeof(NTAccount));
foreach (FileSystemAccessRule rule in rules)
{
if (WellKnownSecurityRoles.IsInherited(rule) || WellKnownSecurityRoles.IsPreserved(rule))
{
continue;
}
security.RemoveAccessRuleSpecific(rule);
LogSecurity("[security][acl] Removed '{0}' on '{1}'", rule.IdentityReference, _path);
result.AddGood("Removed '{0}' on '{1}'", rule.IdentityReference, _path);
}
Directory.SetAccessControl(_path, security);
return(result);
}