Class: Inspec::Resources::WindowsFilePermissions

Inherits:
FilePermissions show all
Defined in:
lib/resources/file.rb

Instance Attribute Summary

Attributes inherited from FilePermissions

#inspec

Instance Method Summary collapse

Methods inherited from FilePermissions

#initialize

Constructor Details

This class inherits a constructor from Inspec::Resources::FilePermissions

Instance Method Details

#check_file_permission_by_mask(_file, _access_type, _usergroup, _specific_user) ⇒ Object 



211
212
213
 
# File 'lib/resources/file.rb', line 211

def check_file_permission_by_mask(_file, _access_type, _usergroup, _specific_user)
  raise '`check_file_permission_by_mask` is not supported on Windows'
end

#check_file_permission_by_user(access_type, user, path) ⇒ Object 



215
216
217
218
219
220
221
 
# File 'lib/resources/file.rb', line 215

def check_file_permission_by_user(access_type, user, path)
  access_rule = translate_perm_names(access_type)
  access_rule = convert_to_powershell_array(access_rule)

  cmd = inspec.command("@(@((Get-Acl '#{path}').access | Where-Object {$_.AccessControlType -eq 'Allow' -and $_.IdentityReference -eq '#{user}' }) | Where-Object {($_.FileSystemRights.ToString().Split(',') | % {$_.trim()} | ? {#{access_rule} -contains $_}) -ne $null}) | measure | % { $_.Count }")
  cmd.stdout.chomp == '0' ? false : true
end