Class: Puppet::Util::Windows::SecurityDescriptor Private

Inherits:
Object
  • Object
show all
Includes:
SID
Defined in:
lib/puppet/util/windows/security_descriptor.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Windows Security Descriptor

Represents a security descriptor that can be applied to any Windows securable object, e.g. file, registry key, service, etc. It consists of an owner, group, flags, DACL, and SACL. The SACL is not currently supported, though it has the same layout as a DACL.

Constant Summary

Constants included from SID

Puppet::Util::Windows::SID::AccountOperators, Puppet::Util::Windows::SID::AllAppPackages, Puppet::Util::Windows::SID::Anonymous, Puppet::Util::Windows::SID::AuthenticatedUsers, Puppet::Util::Windows::SID::BackupOperators, Puppet::Util::Windows::SID::Batch, Puppet::Util::Windows::SID::BuiltinAdministrators, Puppet::Util::Windows::SID::BuiltinUsers, Puppet::Util::Windows::SID::Creator, Puppet::Util::Windows::SID::CreatorGroup, Puppet::Util::Windows::SID::CreatorGroupServer, Puppet::Util::Windows::SID::CreatorOwner, Puppet::Util::Windows::SID::CreatorOwnerServer, Puppet::Util::Windows::SID::Dialup, Puppet::Util::Windows::SID::ERROR_INVALID_SID_STRUCTURE, Puppet::Util::Windows::SID::ERROR_NONE_MAPPED, Puppet::Util::Windows::SID::ERROR_TRUSTED_DOMAIN_FAILURE, Puppet::Util::Windows::SID::ERROR_TRUSTED_RELATIONSHIP_FAILURE, Puppet::Util::Windows::SID::EnterpriseDomainControllers, Puppet::Util::Windows::SID::Everyone, Puppet::Util::Windows::SID::Guests, Puppet::Util::Windows::SID::Interactive, Puppet::Util::Windows::SID::Local, Puppet::Util::Windows::SID::LocalSystem, Puppet::Util::Windows::SID::MAXIMUM_SID_STRING_LENGTH, Puppet::Util::Windows::SID::Network, Puppet::Util::Windows::SID::Nobody, Puppet::Util::Windows::SID::NonUnique, Puppet::Util::Windows::SID::Nt, Puppet::Util::Windows::SID::NtLocal, Puppet::Util::Windows::SID::NtNetwork, Puppet::Util::Windows::SID::Null, Puppet::Util::Windows::SID::PowerUsers, Puppet::Util::Windows::SID::PrincipalSelf, Puppet::Util::Windows::SID::PrintOperators, Puppet::Util::Windows::SID::Proxy, Puppet::Util::Windows::SID::Replicators, Puppet::Util::Windows::SID::RestrictedCode, Puppet::Util::Windows::SID::ServerOperators, Puppet::Util::Windows::SID::Service, Puppet::Util::Windows::SID::TerminalServerUsers, Puppet::Util::Windows::SID::World

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from SID

ads_to_principal, get_length_sid, name_to_principal, name_to_sid, octet_string_to_principal, octet_string_to_sid_string, sid_ptr_to_string, sid_to_name, string_to_sid_ptr, unresolved_principal, valid_sid?

Constructor Details

#initialize(owner, group, dacl, protect = false) ⇒ SecurityDescriptor

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Construct a security descriptor

each user for accessing the object that the security descriptor refers to. entries will be blocked, and not applied to the object.

Parameters:

  • owner (String)

    The SID of the owner, e.g. ‘S-1-5-18’

  • group (String)

    The SID of the group

  • dacl (AccessControlList)

    The ACL specifying the rights granted to

  • protect (Boolean) (defaults to: false)

    If true, then inheritable access control



27
28
29
30
31
32
# File 'lib/puppet/util/windows/security_descriptor.rb', line 27

def initialize(owner, group, dacl, protect = false)
  @owner = owner
  @group = group
  @dacl = dacl
  @protect = protect
end

Instance Attribute Details

#daclObject (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.



16
17
18
# File 'lib/puppet/util/windows/security_descriptor.rb', line 16

def dacl
  @dacl
end

#groupObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.



16
17
18
# File 'lib/puppet/util/windows/security_descriptor.rb', line 16

def group
  @group
end

#ownerObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.



16
17
18
# File 'lib/puppet/util/windows/security_descriptor.rb', line 16

def owner
  @owner
end

#protectObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.



17
18
19
# File 'lib/puppet/util/windows/security_descriptor.rb', line 17

def protect
  @protect
end

Instance Method Details

#inspectObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.



56
57
58
59
60
61
62
63
# File 'lib/puppet/util/windows/security_descriptor.rb', line 56

def inspect
  str = sid_to_name(owner)
  str << "\n"
  str << sid_to_name(group)
  str << "\n"
  str << @dacl.inspect
  str
end