Powershell-Modules
/
NTFSSecurity-Module
mirror of https://github.com/raandree/NTFSSecurity
1
0
Fork 0
Code Issues 0 Releases 3 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
3 Branches
20 MiB
Tree: d42b871972
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd42b871972'
${ noResults }
NTFSSecurity-Module/NTFSSecurity/AccessCmdlets/AddAccess.cs

AddAccess.cs 6.9 KiB
Raw Normal View History

Initial upload
8 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184 
  1. using Alphaleonis.Win32.Filesystem;

  2. using Security2;

  3. using System;

  4. using System.Linq;

  5. using System.Management.Automation;

  6. using System.Security.AccessControl;

  7. 

  8. namespace NTFSSecurity

  9. {

  10.     [Cmdlet(VerbsCommon.Add, "NTFSAccess", DefaultParameterSetName = "PathComplex")]

  11.     [OutputType(typeof(FileSystemAccessRule2))]

  12.     public class AddAccess : BaseCmdletWithPrivControl

  13.     {

  14.         private IdentityReference2[] account;

  15.         private FileSystemRights2 accessRights;

  16.         private AccessControlType accessType = AccessControlType.Allow;

  17.         private InheritanceFlags inheritanceFlags = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;

  18.         private PropagationFlags propagationFlags = PropagationFlags.None;

  19.         private ApplyTo appliesTo = ApplyTo.ThisFolderSubfoldersAndFiles;

  20.         private bool passThru;

  21. 

  22.         [Parameter(Mandatory = true, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true, ParameterSetName = "PathSimple")]

  23.         [Parameter(Mandatory = true, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true, ParameterSetName = "PathComplex")]

  24.         [ValidateNotNullOrEmpty]

  25.         [Alias("FullName")]

  26.         public string[] Path

  27.         {

  28.             get { return paths.ToArray(); }

  29.             set

  30.             {

  31.                 paths.Clear();

  32.                 paths.AddRange(value);

  33.             }

  34.         }

  35. 

  36.         [Parameter(Mandatory = true, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true, ParameterSetName = "SDSimple")]

  37.         [Parameter(Mandatory = true, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true, ParameterSetName = "SDComplex")]

  38.         [ValidateNotNullOrEmpty]

  39.         public FileSystemSecurity2[] SecurityDescriptor

  40.         {

  41.             get { return securityDescriptors.ToArray(); }

  42.             set

  43.             {

  44.                 securityDescriptors.Clear();

  45.                 securityDescriptors.AddRange(value);

  46.             }

  47.         }

  48. 

  49.         [Parameter(Mandatory = true, Position = 2, ValueFromPipelineByPropertyName = true)]

  50.         [Alias("IdentityReference, ID")]

  51.         public IdentityReference2[] Account

  52.         {

  53.             get { return account; }

  54.             set { account = value; }

  55.         }

  56. 

  57.         [Parameter(Mandatory = true, Position = 3, ValueFromPipelineByPropertyName = true)]

  58.         [Alias("FileSystemRights")]

  59.         public FileSystemRights2 AccessRights

  60.         {

  61.             get { return accessRights; }

  62.             set { accessRights = value; }

  63.         }

  64. 

  65.         [Parameter(ValueFromPipelineByPropertyName = true)]

  66.         [Alias("AccessControlType")]

  67.         public AccessControlType AccessType

  68.         {

  69.             get { return accessType; }

  70.             set { accessType = value; }

  71.         }

  72. 

  73.         [Parameter(ValueFromPipelineByPropertyName = true, ParameterSetName = "PathComplex")]

  74.         [Parameter(ValueFromPipelineByPropertyName = true, ParameterSetName = "SDComplex")]

  75.         public InheritanceFlags InheritanceFlags

  76.         {

  77.             get { return inheritanceFlags; }

  78.             set { inheritanceFlags = value; }

  79.         }

  80. 

  81.         [Parameter(ValueFromPipelineByPropertyName = true, ParameterSetName = "PathComplex")]

  82.         [Parameter(ValueFromPipelineByPropertyName = true, ParameterSetName = "SDComplex")]

  83.         public PropagationFlags PropagationFlags

  84.         {

  85.             get { return propagationFlags; }

  86.             set { propagationFlags = value; }

  87.         }

  88. 

  89.         [Parameter(ValueFromPipelineByPropertyName = true, ParameterSetName = "PathSimple")]

  90.         [Parameter(ValueFromPipelineByPropertyName = true, ParameterSetName = "SDSimple")]

  91.         public ApplyTo AppliesTo

  92.         {

  93.             get { return appliesTo; }

  94.             set { appliesTo = value; }

  95.         }

  96. 

  97.         [Parameter]

  98.         public SwitchParameter PassThru

  99.         {

  100.             get { return passThru; }

  101.             set { passThru = value; }

  102.         }

  103. 

  104.         protected override void BeginProcessing()

  105.         {

  106.             base.BeginProcessing();

  107.         }

  108. 

  109.         protected override void ProcessRecord()

  110.         {

  111.             if (ParameterSetName.EndsWith("Simple"))

  112.             {

  113.                 FileSystemSecurity2.ConvertToFileSystemFlags(appliesTo, out inheritanceFlags, out propagationFlags);

  114.             }

  115. 

  116.             if (ParameterSetName.StartsWith("Path"))

  117.             {

  118.                 FileSystemInfo item = null;

  119. 

  120.                 foreach (var path in paths)

  121.                 {

  122.                     try

  123.                     {

  124.                         item = GetFileSystemInfo2(path);

  125.                     }

  126.                     catch (Exception ex)

  127.                     {

  128.                         WriteError(new ErrorRecord(ex, "ReadFileError", ErrorCategory.OpenError, path));

  129.                         continue;

  130.                     }

  131. 

  132.                     try

  133.                     {

  134.                         FileSystemAccessRule2.AddFileSystemAccessRule(item, account.ToList(), accessRights, accessType, inheritanceFlags, propagationFlags);

  135.                     }

  136.                     catch (UnauthorizedAccessException)

  137.                     {

  138.                         try

  139.                         {

  140.                             var ownerInfo = FileSystemOwner.GetOwner(item);

  141.                             var previousOwner = ownerInfo.Owner;

  142. 

  143.                             FileSystemOwner.SetOwner(item, System.Security.Principal.WindowsIdentity.GetCurrent().User);

  144. 

  145.                             FileSystemAccessRule2.AddFileSystemAccessRule(item, account.ToList(), accessRights, accessType, inheritanceFlags, propagationFlags);

  146. 

  147.                             FileSystemOwner.SetOwner(item, previousOwner);

  148.                         }

  149.                         catch (Exception ex2)

  150.                         {

  151.                             WriteError(new ErrorRecord(ex2, "AddAceError", ErrorCategory.WriteError, path));

  152.                         }

  153.                     }

  154.                     catch (Exception ex)

  155.                     {

  156.                         WriteError(new ErrorRecord(ex, "AddAceError", ErrorCategory.WriteError, path));

  157.                     }

  158. 

  159.                     if (passThru == true)

  160.                     {

  161.                         FileSystemAccessRule2.GetFileSystemAccessRules(item, true, true).ForEach(ace => WriteObject(ace));

  162.                     }

  163.                 }

  164.             }

  165.             else

  166.             {

  167.                 foreach (var sd in securityDescriptors)

  168.                 {

  169.                     FileSystemAccessRule2.AddFileSystemAccessRule(sd, account.ToList(), accessRights, accessType, inheritanceFlags, propagationFlags);

  170. 

  171.                     if (passThru == true)

  172.                     {

  173.                         FileSystemAccessRule2.GetFileSystemAccessRules(sd, true, true).ForEach(ace => WriteObject(ace));

  174.                     }

  175.                 }

  176.             }

  177. 

  178.         }

  179.         protected override void EndProcessing()

  180.         {

  181.             base.EndProcessing();

  182.         }

  183.     }

  184. }