Class: Puppet::Util::Windows::AccessControlEntry Private

Inherits:
Object
  • Object
show all
Includes:
SID
Defined in:
lib/puppet/util/windows/access_control_entry.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Windows Access Control Entry

Represents an access control entry, which grants or denies a subject, identified by a SID, rights to a securable object.

Constant Summary collapse

OBJECT_INHERIT_ACE =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

0x1
CONTAINER_INHERIT_ACE =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

0x2
NO_PROPAGATE_INHERIT_ACE =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

0x4
INHERIT_ONLY_ACE =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

0x8
INHERITED_ACE =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

0x10
ACCESS_ALLOWED_ACE_TYPE =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

0x0
ACCESS_DENIED_ACE_TYPE =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

0x1

Constants included from SID

SID::AccountOperators, SID::AllAppPackages, SID::Anonymous, SID::AuthenticatedUsers, SID::BackupOperators, SID::Batch, SID::BuiltinAdministrators, SID::BuiltinUsers, SID::Creator, SID::CreatorGroup, SID::CreatorGroupServer, SID::CreatorOwner, SID::CreatorOwnerServer, SID::Dialup, SID::ERROR_INVALID_SID_STRUCTURE, SID::ERROR_NONE_MAPPED, SID::EnterpriseDomainControllers, SID::Everyone, SID::Guests, SID::Interactive, SID::Local, SID::LocalSystem, SID::MAXIMUM_SID_STRING_LENGTH, SID::Network, SID::Nobody, SID::NonUnique, SID::Nt, SID::NtLocal, SID::NtNetwork, SID::Null, SID::PowerUsers, SID::PrincipalSelf, SID::PrintOperators, SID::Proxy, SID::Replicators, SID::RestrictedCode, SID::ServerOperators, SID::Service, SID::TerminalServerUsers, SID::World

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from SID

ads_to_principal, get_length_sid, name_to_principal, name_to_sid, octet_string_to_principal, octet_string_to_sid_string, sid_ptr_to_string, sid_to_name, string_to_sid_ptr, unresolved_principal, valid_sid?

Methods included from FFI::Library

#attach_function_private

Constructor Details

#initialize(sid, mask, flags = 0, type = ACCESS_ALLOWED_ACE_TYPE) ⇒ AccessControlEntry

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns a new instance of AccessControlEntry


24
25
26
27
28
29
# File 'lib/puppet/util/windows/access_control_entry.rb', line 24

def initialize(sid, mask, flags = 0, type = ACCESS_ALLOWED_ACE_TYPE)
  @sid = sid
  @mask = mask
  @flags = flags
  @type = type
end

Instance Attribute Details

#flagsObject (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.


13
14
15
# File 'lib/puppet/util/windows/access_control_entry.rb', line 13

def flags
  @flags
end

#maskObject (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.


13
14
15
# File 'lib/puppet/util/windows/access_control_entry.rb', line 13

def mask
  @mask
end

#sidObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.


12
13
14
# File 'lib/puppet/util/windows/access_control_entry.rb', line 12

def sid
  @sid
end

#typeObject (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.


13
14
15
# File 'lib/puppet/util/windows/access_control_entry.rb', line 13

def type
  @type
end

Instance Method Details

#==(other) ⇒ Object Also known as: eql?

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns true if this ACE is equal to other


75
76
77
78
79
80
81
# File 'lib/puppet/util/windows/access_control_entry.rb', line 75

def ==(other)
  self.class == other.class &&
    sid == other.sid &&
    mask == other.mask &&
    flags == other.flags &&
    type == other.type
end

#container_inherit?Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns true if this ACE applies to child directories.


51
52
53
# File 'lib/puppet/util/windows/access_control_entry.rb', line 51

def container_inherit?
  (@flags & CONTAINER_INHERIT_ACE) == CONTAINER_INHERIT_ACE
end

#inherit_only?Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns true if this ACE only applies to children of the object. If false, it applies to the object.

not the object itself.


44
45
46
# File 'lib/puppet/util/windows/access_control_entry.rb', line 44

def inherit_only?
  (@flags & INHERIT_ONLY_ACE) == INHERIT_ONLY_ACE
end

#inherited?Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns true if this ACE is inherited from a parent. If false, then the ACE is set directly on the object to which it refers.


35
36
37
# File 'lib/puppet/util/windows/access_control_entry.rb', line 35

def inherited?
  (@flags & INHERITED_ACE) == INHERITED_ACE
end

#inspectObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.


62
63
64
65
66
67
68
69
70
71
72
# File 'lib/puppet/util/windows/access_control_entry.rb', line 62

def inspect
  inheritance = ""
  inheritance << '(I)' if inherited?
  inheritance << '(OI)' if object_inherit?
  inheritance << '(CI)' if container_inherit?
  inheritance << '(IO)' if inherit_only?

  left = "#{sid_to_name(sid)}:#{inheritance}"
  left = left.ljust(45)
  "#{left} 0x#{mask.to_s(16)}"
end

#object_inherit?Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns true if this ACE applies to child files.


58
59
60
# File 'lib/puppet/util/windows/access_control_entry.rb', line 58

def object_inherit?
  (@flags & OBJECT_INHERIT_ACE) == OBJECT_INHERIT_ACE
end