Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.

AddAudit.cs 6.8 KiB

před 8 roky
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183
  1. using Alphaleonis.Win32.Filesystem;
  2. using Security2;
  3. using System;
  4. using System.Linq;
  5. using System.Management.Automation;
  6. using System.Security.AccessControl;
  7. namespace NTFSSecurity
  8. {
  9. [Cmdlet(VerbsCommon.Add, "NTFSAudit", DefaultParameterSetName = "PathComplex")]
  10. [OutputType(typeof(FileSystemAccessRule2))]
  11. public class AddAudit : BaseCmdletWithPrivControl
  12. {
  13. private IdentityReference2[] account;
  14. private FileSystemRights2 accessRights;
  15. private AuditFlags auditFlags = AuditFlags.Failure | AuditFlags.Success;
  16. private InheritanceFlags inheritanceFlags = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
  17. private PropagationFlags propagationFlags = PropagationFlags.None;
  18. private ApplyTo appliesTo = ApplyTo.ThisFolderSubfoldersAndFiles;
  19. private bool passThru;
  20. [Parameter(Mandatory = true, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true, ParameterSetName = "PathSimple")]
  21. [Parameter(Mandatory = true, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true, ParameterSetName = "PathComplex")]
  22. [ValidateNotNullOrEmpty]
  23. [Alias("FullName")]
  24. public string[] Path
  25. {
  26. get { return paths.ToArray(); }
  27. set
  28. {
  29. paths.Clear();
  30. paths.AddRange(value);
  31. }
  32. }
  33. [Parameter(Mandatory = true, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true, ParameterSetName = "SDSimple")]
  34. [Parameter(Mandatory = true, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true, ParameterSetName = "SDComplex")]
  35. [ValidateNotNullOrEmpty]
  36. public FileSystemSecurity2[] SecurityDescriptor
  37. {
  38. get { return securityDescriptors.ToArray(); }
  39. set
  40. {
  41. securityDescriptors.Clear();
  42. securityDescriptors.AddRange(value);
  43. }
  44. }
  45. [Parameter(Mandatory = true, Position = 2, ValueFromPipelineByPropertyName = true)]
  46. [Alias("IdentityReference, ID")]
  47. public IdentityReference2[] Account
  48. {
  49. get { return account; }
  50. set { account = value; }
  51. }
  52. [Parameter(Mandatory = true, Position = 2, ValueFromPipelineByPropertyName = true)]
  53. [Alias("FileSystemRights")]
  54. public FileSystemRights2 AccessRights
  55. {
  56. get { return accessRights; }
  57. set { accessRights = value; }
  58. }
  59. [Parameter(ValueFromPipelineByPropertyName = true)]
  60. public AuditFlags AuditFlags
  61. {
  62. get { return auditFlags; }
  63. set { auditFlags = value; }
  64. }
  65. [Parameter(ValueFromPipelineByPropertyName = true, ParameterSetName = "PathComplex")]
  66. [Parameter(ValueFromPipelineByPropertyName = true, ParameterSetName = "SDComplex")]
  67. public InheritanceFlags InheritanceFlags
  68. {
  69. get { return inheritanceFlags; }
  70. set { inheritanceFlags = value; }
  71. }
  72. [Parameter(ValueFromPipelineByPropertyName = true, ParameterSetName = "PathComplex")]
  73. [Parameter(ValueFromPipelineByPropertyName = true, ParameterSetName = "SDComplex")]
  74. public PropagationFlags PropagationFlags
  75. {
  76. get { return propagationFlags; }
  77. set { propagationFlags = value; }
  78. }
  79. [Parameter(ValueFromPipelineByPropertyName = true, ParameterSetName = "PathSimple")]
  80. [Parameter(ValueFromPipelineByPropertyName = true, ParameterSetName = "SDSimple")]
  81. public ApplyTo AppliesTo
  82. {
  83. get { return appliesTo; }
  84. set { appliesTo = value; }
  85. }
  86. [Parameter]
  87. public SwitchParameter PassThru
  88. {
  89. get { return passThru; }
  90. set { passThru = value; }
  91. }
  92. protected override void BeginProcessing()
  93. {
  94. base.BeginProcessing();
  95. }
  96. protected override void ProcessRecord()
  97. {
  98. if (ParameterSetName.EndsWith("Simple"))
  99. {
  100. FileSystemSecurity2.ConvertToFileSystemFlags(appliesTo, out inheritanceFlags, out propagationFlags);
  101. }
  102. if (ParameterSetName.StartsWith("Path"))
  103. {
  104. FileSystemInfo item = null;
  105. foreach (var path in paths)
  106. {
  107. try
  108. {
  109. item = GetFileSystemInfo2(path);
  110. }
  111. catch (Exception ex)
  112. {
  113. WriteError(new ErrorRecord(ex, "ReadFileError", ErrorCategory.OpenError, path));
  114. continue;
  115. }
  116. try
  117. {
  118. FileSystemAuditRule2.AddFileSystemAuditRule(item, account.ToList(), accessRights, auditFlags, inheritanceFlags, propagationFlags);
  119. }
  120. catch (UnauthorizedAccessException)
  121. {
  122. try
  123. {
  124. var ownerInfo = FileSystemOwner.GetOwner(item);
  125. var previousOwner = ownerInfo.Owner;
  126. FileSystemOwner.SetOwner(item, System.Security.Principal.WindowsIdentity.GetCurrent().User);
  127. FileSystemAuditRule2.AddFileSystemAuditRule(item, account.ToList(), accessRights, auditFlags, inheritanceFlags, propagationFlags);
  128. FileSystemOwner.SetOwner(item, previousOwner);
  129. }
  130. catch (Exception ex2)
  131. {
  132. WriteError(new ErrorRecord(ex2, "AddAceError", ErrorCategory.WriteError, path));
  133. }
  134. }
  135. catch (Exception ex)
  136. {
  137. WriteError(new ErrorRecord(ex, "AddAceError", ErrorCategory.WriteError, path));
  138. }
  139. if (passThru == true)
  140. {
  141. FileSystemAuditRule2.GetFileSystemAuditRules(item, true, true).ForEach(ace => WriteObject(ace));
  142. }
  143. }
  144. }
  145. else
  146. {
  147. foreach (var sd in securityDescriptors)
  148. {
  149. FileSystemAuditRule2.AddFileSystemAuditRule(sd, account.ToList(), accessRights, auditFlags, inheritanceFlags, propagationFlags);
  150. if (passThru == true)
  151. {
  152. FileSystemAccessRule2.GetFileSystemAccessRules(sd, true, true).ForEach(ace => WriteObject(ace));
  153. }
  154. }
  155. }
  156. }
  157. protected override void EndProcessing()
  158. {
  159. base.EndProcessing();
  160. }
  161. }
  162. }