Powershell-Modules
/
NTFSSecurity-Module
镜像自地址 https://github.com/raandree/NTFSSecurity
1
0
派生 0
代码 工单 0 版本发布 3 百科 动态
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
52 提交
3 分支
74 MiB
目录树: 9f0a0f5014
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 '9f0a0f5014'
${ noResults }
NTFSSecurity-Module/NTFSSecurity/InheritanceCmdlets/SetInheritance.cs

SetInheritance.cs 9.9 KiB
原始文件 普通视图 文件历史

new upload
7 年前
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238 
  1. using Alphaleonis.Win32.Filesystem;

  2. using Security2;

  3. using System;

  4. using System.Management.Automation;

  5. 

  6. namespace NTFSSecurity

  7. {

  8.     [Cmdlet(VerbsCommon.Set, "NTFSInheritance", DefaultParameterSetName = "Path")]

  9.     public class SetInheritance : BaseCmdletWithPrivControl

  10.     {

  11.         private bool? accessInheritanceEnabled;

  12.         private bool? auditInheritanceEnabled;

  13.         private bool passThru;

  14. 

  15.         [Parameter(Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true, ParameterSetName = "Path")]

  16.         [ValidateNotNullOrEmpty]

  17.         [Alias("FullName")]

  18.         public string[] Path

  19.         {

  20.             get { return paths.ToArray(); }

  21.             set

  22.             {

  23.                 paths.Clear();

  24.                 paths.AddRange(value);

  25.             }

  26.         }

  27. 

  28.         [Parameter(Mandatory = true, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true, ParameterSetName = "SecurityDescriptor")]

  29.         [ValidateNotNullOrEmpty]

  30.         public FileSystemSecurity2[] SecurityDescriptor

  31.         {

  32.             get { return securityDescriptors.ToArray(); }

  33.             set

  34.             {

  35.                 securityDescriptors.Clear();

  36.                 securityDescriptors.AddRange(value);

  37.             }

  38.         }

  39. 

  40.         [Parameter(ValueFromPipelineByPropertyName = true)]

  41.         public bool? AccessInheritanceEnabled

  42.         {

  43.             get { return accessInheritanceEnabled; }

  44.             set { accessInheritanceEnabled = value; }

  45.         }

  46. 

  47.         [Parameter(ValueFromPipelineByPropertyName = true)]

  48.         public bool? AuditInheritanceEnabled

  49.         {

  50.             get { return auditInheritanceEnabled; }

  51.             set { auditInheritanceEnabled = value; }

  52.         }

  53. 

  54.         [Parameter]

  55.         public SwitchParameter PassThru

  56.         {

  57.             get { return passThru; }

  58.             set { passThru = value; }

  59.         }

  60. 

  61.         protected override void BeginProcessing()

  62.         {

  63.             base.BeginProcessing();

  64.             EnableFileSystemPrivileges(true);

  65.         }

  66. 

  67.         protected override void ProcessRecord()

  68.         {

  69.             if (ParameterSetName == "Path")

  70.             {

  71.                 foreach (var path in paths)

  72.                 {

  73.                     FileSystemInfo item = null;

  74. 

  75.                     try

  76.                     {

  77.                         item = GetFileSystemInfo2(path);

  78.                     }

  79.                     catch (Exception ex)

  80.                     {

  81.                         WriteError(new ErrorRecord(ex, "ReadFileError", ErrorCategory.OpenError, path));

  82.                         continue;

  83.                     }

  84. 

  85.                     try

  86.                     {

  87.                         var currentState = FileSystemInheritanceInfo.GetFileSystemInheritanceInfo(item);

  88. 

  89.                         if (currentState.AccessInheritanceEnabled != accessInheritanceEnabled)

  90.                         {

  91.                             WriteVerbose("AccessInheritanceEnabled not equal");

  92.                             if (accessInheritanceEnabled.Value)

  93.                             {

  94.                                 WriteVerbose("Calling EnableAccessInheritance");

  95.                                 FileSystemInheritanceInfo.EnableAccessInheritance(item, false);

  96.                             }

  97.                             else

  98.                             {

  99.                                 WriteVerbose("Calling DisableAccessInheritance");

  100.                                 FileSystemInheritanceInfo.DisableAccessInheritance(item, true);

  101.                             }

  102.                         }

  103.                         else

  104.                             WriteVerbose("AccessInheritanceEnabled is equal - no change was done");

  105. 

  106.                         if (currentState.AuditInheritanceEnabled != auditInheritanceEnabled)

  107.                         {

  108.                             WriteVerbose("AuditInheritanceEnabled not equal");

  109.                             if (auditInheritanceEnabled.Value)

  110.                             {

  111.                                 WriteVerbose("Calling EnableAuditInheritance");

  112.                                 FileSystemInheritanceInfo.EnableAuditInheritance(item, true);

  113.                             }

  114.                             else

  115.                             {

  116.                                 WriteVerbose("Calling DisableAuditInheritance");

  117.                                 FileSystemInheritanceInfo.DisableAuditInheritance(item, false);

  118.                             }

  119.                         }

  120.                         else

  121.                             WriteVerbose("AuditInheritanceEnabled is equal - no change was done");

  122.                     }

  123.                     catch (UnauthorizedAccessException)

  124.                     {

  125.                         try

  126.                         {

  127.                             var ownerInfo = FileSystemOwner.GetOwner(item);

  128.                             var previousOwner = ownerInfo.Owner;

  129. 

  130.                             FileSystemOwner.SetOwner(item, System.Security.Principal.WindowsIdentity.GetCurrent().User);

  131. 

  132.                             var currentState = FileSystemInheritanceInfo.GetFileSystemInheritanceInfo(item);

  133. 

  134.                             if (currentState.AccessInheritanceEnabled != accessInheritanceEnabled)

  135.                             {

  136.                                 WriteVerbose("AccessInheritanceEnabled not equal");

  137.                                 if (accessInheritanceEnabled.Value)

  138.                                 {

  139.                                     WriteVerbose("Calling EnableAccessInheritance");

  140.                                     FileSystemInheritanceInfo.EnableAccessInheritance(item, false);

  141.                                 }

  142.                                 else

  143.                                 {

  144.                                     WriteVerbose("Calling DisableAccessInheritance");

  145.                                     FileSystemInheritanceInfo.DisableAccessInheritance(item, true);

  146.                                 }

  147.                             }

  148.                             else

  149.                                 WriteVerbose("AccessInheritanceEnabled is equal - no change was done");

  150. 

  151.                             if (currentState.AuditInheritanceEnabled != auditInheritanceEnabled)

  152.                             {

  153.                                 WriteVerbose("AuditInheritanceEnabled not equal");

  154.                                 if (auditInheritanceEnabled.Value)

  155.                                 {

  156.                                     WriteVerbose("Calling EnableAuditInheritance");

  157.                                     FileSystemInheritanceInfo.EnableAuditInheritance(item, true);

  158.                                 }

  159.                                 else

  160.                                 {

  161.                                     WriteVerbose("Calling DisableAuditInheritance");

  162.                                     FileSystemInheritanceInfo.DisableAuditInheritance(item, false);

  163.                                 }

  164.                             }

  165.                             else

  166.                                 WriteVerbose("AuditInheritanceEnabled is equal - no change was done");

  167. 

  168.                             FileSystemOwner.SetOwner(item, previousOwner);

  169.                         }

  170.                         catch (Exception ex2)

  171.                         {

  172.                             WriteError(new ErrorRecord(ex2, "ModifySdError", ErrorCategory.WriteError, path));

  173.                             continue;

  174.                         }

  175.                     }

  176.                     catch (Exception ex)

  177.                     {

  178.                         WriteError(new ErrorRecord(ex, "ModifySdError", ErrorCategory.WriteError, path));

  179.                         continue;

  180.                     }

  181.                     finally

  182.                     {

  183.                         if (passThru)

  184.                         {

  185.                             WriteObject(FileSystemInheritanceInfo.GetFileSystemInheritanceInfo(item));

  186.                         }

  187.                     }

  188.                 }

  189.             }

  190.             else

  191.             {

  192.                 foreach (var sd in securityDescriptors)

  193.                 {

  194.                     var currentState = FileSystemInheritanceInfo.GetFileSystemInheritanceInfo(sd);

  195. 

  196.                     if (currentState.AccessInheritanceEnabled != accessInheritanceEnabled)

  197.                     {

  198.                         WriteVerbose("AccessInheritanceEnabled not equal");

  199.                         if (accessInheritanceEnabled.Value)

  200.                         {

  201.                             WriteVerbose("Calling EnableAccessInheritance");

  202.                             FileSystemInheritanceInfo.EnableAccessInheritance(sd, false);

  203.                         }

  204.                         else

  205.                         {

  206.                             WriteVerbose("Calling DisableAccessInheritance");

  207.                             FileSystemInheritanceInfo.DisableAccessInheritance(sd, true);

  208.                         }

  209.                     }

  210.                     else

  211.                         WriteVerbose("AccessInheritanceEnabled is equal - no change was done");

  212. 

  213.                     if (currentState.AuditInheritanceEnabled != auditInheritanceEnabled)

  214.                     {

  215.                         WriteVerbose("AuditInheritanceEnabled not equal");

  216.                         if (auditInheritanceEnabled.Value)

  217.                         {

  218.                             WriteVerbose("Calling EnableAuditInheritance");

  219.                             FileSystemInheritanceInfo.EnableAuditInheritance(sd, true);

  220.                         }

  221.                         else

  222.                         {

  223.                             WriteVerbose("Calling DisableAuditInheritance");

  224.                             FileSystemInheritanceInfo.DisableAuditInheritance(sd, false);

  225.                         }

  226.                     }

  227.                     else

  228.                         WriteVerbose("AuditInheritanceEnabled is equal - no change was done");

  229. 

  230.                     if (passThru)

  231.                     {

  232.                         WriteObject(FileSystemInheritanceInfo.GetFileSystemInheritanceInfo(sd));

  233.                     }

  234.                 }

  235.             }

  236.         }

  237.     }

  238. }