Module: Chef::FileAccessControl::Windows

Includes:
ReservedNames::Win32::API::Security
Included in:
Chef::FileAccessControl
Defined in:
lib/chef/file_access_control/windows.rb

Defined Under Namespace

Modules: ClassMethods

Constant Summary collapse

Security =
Chef::ReservedNames::Win32::Security
ACL =
Security::ACL
ACE =
Security::ACE
SID =
Security::SID

Constants included from ReservedNames::Win32::API::Security

ReservedNames::Win32::API::Security::ACCESS_ALLOWED_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_ALLOWED_CALLBACK_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_ALLOWED_COMPOUND_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_ALLOWED_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_DENIED_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_DENIED_CALLBACK_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_DENIED_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_V2_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_V3_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_V4_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_V5_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MIN_MS_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MIN_MS_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_SYSTEM_SECURITY, ReservedNames::Win32::API::Security::ACL_REVISION, ReservedNames::Win32::API::Security::ACL_REVISION1, ReservedNames::Win32::API::Security::ACL_REVISION2, ReservedNames::Win32::API::Security::ACL_REVISION3, ReservedNames::Win32::API::Security::ACL_REVISION4, ReservedNames::Win32::API::Security::ACL_REVISION_DS, ReservedNames::Win32::API::Security::CONTAINER_INHERIT_ACE, ReservedNames::Win32::API::Security::DACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::DELETE, ReservedNames::Win32::API::Security::ELEVATION_TYPE, ReservedNames::Win32::API::Security::FAILED_ACCESS_ACE_FLAG, ReservedNames::Win32::API::Security::FILE_ADD_FILE, ReservedNames::Win32::API::Security::FILE_ADD_SUBDIRECTORY, ReservedNames::Win32::API::Security::FILE_ALL_ACCESS, ReservedNames::Win32::API::Security::FILE_APPEND_DATA, ReservedNames::Win32::API::Security::FILE_CREATE_PIPE_INSTANCE, ReservedNames::Win32::API::Security::FILE_DELETE_CHILD, ReservedNames::Win32::API::Security::FILE_EXECUTE, ReservedNames::Win32::API::Security::FILE_GENERIC_EXECUTE, ReservedNames::Win32::API::Security::FILE_GENERIC_READ, ReservedNames::Win32::API::Security::FILE_GENERIC_WRITE, ReservedNames::Win32::API::Security::FILE_LIST_DIRECTORY, ReservedNames::Win32::API::Security::FILE_READ_ATTRIBUTES, ReservedNames::Win32::API::Security::FILE_READ_DATA, ReservedNames::Win32::API::Security::FILE_READ_EA, ReservedNames::Win32::API::Security::FILE_TRAVERSE, ReservedNames::Win32::API::Security::FILE_WRITE_ATTRIBUTES, ReservedNames::Win32::API::Security::FILE_WRITE_DATA, ReservedNames::Win32::API::Security::FILE_WRITE_EA, ReservedNames::Win32::API::Security::GENERIC_ALL, ReservedNames::Win32::API::Security::GENERIC_EXECUTE, ReservedNames::Win32::API::Security::GENERIC_READ, ReservedNames::Win32::API::Security::GENERIC_WRITE, ReservedNames::Win32::API::Security::GROUP_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::INHERITED_ACE, ReservedNames::Win32::API::Security::INHERIT_ONLY_ACE, ReservedNames::Win32::API::Security::LABEL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::LOGON32_LOGON_BATCH, ReservedNames::Win32::API::Security::LOGON32_LOGON_INTERACTIVE, ReservedNames::Win32::API::Security::LOGON32_LOGON_NETWORK, ReservedNames::Win32::API::Security::LOGON32_LOGON_NETWORK_CLEARTEXT, ReservedNames::Win32::API::Security::LOGON32_LOGON_NEW_CREDENTIALS, ReservedNames::Win32::API::Security::LOGON32_LOGON_SERVICE, ReservedNames::Win32::API::Security::LOGON32_LOGON_UNLOCK, ReservedNames::Win32::API::Security::LOGON32_PROVIDER_DEFAULT, ReservedNames::Win32::API::Security::LOGON32_PROVIDER_WINNT35, ReservedNames::Win32::API::Security::LOGON32_PROVIDER_WINNT40, ReservedNames::Win32::API::Security::LOGON32_PROVIDER_WINNT50, ReservedNames::Win32::API::Security::MAXDWORD, ReservedNames::Win32::API::Security::MAX_ACL_REVISION, ReservedNames::Win32::API::Security::MIN_ACL_REVISION, ReservedNames::Win32::API::Security::NO_PROPAGATE_INHERIT_ACE, ReservedNames::Win32::API::Security::OBJECT_INHERIT_ACE, ReservedNames::Win32::API::Security::OWNER_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::POLICY_AUDIT_LOG_ADMIN, ReservedNames::Win32::API::Security::POLICY_CREATE_ACCOUNT, ReservedNames::Win32::API::Security::POLICY_CREATE_PRIVILEGE, ReservedNames::Win32::API::Security::POLICY_CREATE_SECRET, ReservedNames::Win32::API::Security::POLICY_GET_PRIVATE_INFORMATION, ReservedNames::Win32::API::Security::POLICY_LOOKUP_NAMES, ReservedNames::Win32::API::Security::POLICY_NOTIFICATION, ReservedNames::Win32::API::Security::POLICY_SERVER_ADMIN, ReservedNames::Win32::API::Security::POLICY_SET_AUDIT_REQUIREMENTS, ReservedNames::Win32::API::Security::POLICY_SET_DEFAULT_QUOTA_LIMITS, ReservedNames::Win32::API::Security::POLICY_TRUST_ADMIN, ReservedNames::Win32::API::Security::POLICY_VIEW_AUDIT_INFORMATION, ReservedNames::Win32::API::Security::POLICY_VIEW_LOCAL_INFORMATION, ReservedNames::Win32::API::Security::PROTECTED_DACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::PROTECTED_SACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::READ_CONTROL, ReservedNames::Win32::API::Security::SACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::SECURITY_DESCRIPTOR_MIN_LENGTH, ReservedNames::Win32::API::Security::SECURITY_DESCRIPTOR_REVISION, ReservedNames::Win32::API::Security::SECURITY_DESCRIPTOR_REVISION1, ReservedNames::Win32::API::Security::SECURITY_IMPERSONATION_LEVEL, ReservedNames::Win32::API::Security::SE_DACL_AUTO_INHERITED, ReservedNames::Win32::API::Security::SE_DACL_AUTO_INHERIT_REQ, ReservedNames::Win32::API::Security::SE_DACL_DEFAULTED, ReservedNames::Win32::API::Security::SE_DACL_PRESENT, ReservedNames::Win32::API::Security::SE_DACL_PROTECTED, ReservedNames::Win32::API::Security::SE_GROUP_DEFAULTED, ReservedNames::Win32::API::Security::SE_OBJECT_TYPE, ReservedNames::Win32::API::Security::SE_OWNER_DEFAULTED, ReservedNames::Win32::API::Security::SE_PRIVILEGE_ENABLED, ReservedNames::Win32::API::Security::SE_PRIVILEGE_ENABLED_BY_DEFAULT, ReservedNames::Win32::API::Security::SE_PRIVILEGE_REMOVED, ReservedNames::Win32::API::Security::SE_PRIVILEGE_USED_FOR_ACCESS, ReservedNames::Win32::API::Security::SE_PRIVILEGE_VALID_ATTRIBUTES, ReservedNames::Win32::API::Security::SE_RM_CONTROL_VALID, ReservedNames::Win32::API::Security::SE_SACL_AUTO_INHERITED, ReservedNames::Win32::API::Security::SE_SACL_AUTO_INHERIT_REQ, ReservedNames::Win32::API::Security::SE_SACL_DEFAULTED, ReservedNames::Win32::API::Security::SE_SACL_PRESENT, ReservedNames::Win32::API::Security::SE_SACL_PROTECTED, ReservedNames::Win32::API::Security::SE_SELF_RELATIVE, ReservedNames::Win32::API::Security::SID_NAME_USE, ReservedNames::Win32::API::Security::SPECIFIC_RIGHTS_ALL, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_ALL, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_EXECUTE, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_READ, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_REQUIRED, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_WRITE, ReservedNames::Win32::API::Security::SUBFOLDERS_AND_FILES_ONLY, ReservedNames::Win32::API::Security::SUCCESSFUL_ACCESS_ACE_FLAG, ReservedNames::Win32::API::Security::SYNCHRONIZE, ReservedNames::Win32::API::Security::SYSTEM_ALARM_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_ALARM_CALLBACK_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_ALARM_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_AUDIT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_AUDIT_CALLBACK_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_AUDIT_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_MANDATORY_LABEL_ACE_TYPE, ReservedNames::Win32::API::Security::TOKEN_ADJUST_DEFAULT, ReservedNames::Win32::API::Security::TOKEN_ADJUST_GROUPS, ReservedNames::Win32::API::Security::TOKEN_ADJUST_PRIVILEGES, ReservedNames::Win32::API::Security::TOKEN_ADJUST_SESSIONID, ReservedNames::Win32::API::Security::TOKEN_ALL_ACCESS, ReservedNames::Win32::API::Security::TOKEN_ASSIGN_PRIMARY, ReservedNames::Win32::API::Security::TOKEN_DUPLICATE, ReservedNames::Win32::API::Security::TOKEN_IMPERSONATE, ReservedNames::Win32::API::Security::TOKEN_INFORMATION_CLASS, ReservedNames::Win32::API::Security::TOKEN_QUERY, ReservedNames::Win32::API::Security::TOKEN_QUERY_SOURCE, ReservedNames::Win32::API::Security::TOKEN_READ, ReservedNames::Win32::API::Security::UNPROTECTED_DACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::UNPROTECTED_SACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::VALID_INHERIT_FLAGS, ReservedNames::Win32::API::Security::WRITE, ReservedNames::Win32::API::Security::WRITE_DAC, ReservedNames::Win32::API::Security::WRITE_OWNER

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.included(base) ⇒ Object



42
43
44
45
# File 'lib/chef/file_access_control/windows.rb', line 42

def self.included(base)
  # When this file is mixed in, make sure we also add the class methods
  base.send :extend, ClassMethods
end

Instance Method Details

#define_resource_requirementsObject



59
60
61
# File 'lib/chef/file_access_control/windows.rb', line 59

def define_resource_requirements
  # windows FAC has no assertions
end

#describe_changesObject



67
68
69
70
71
72
73
74
# File 'lib/chef/file_access_control/windows.rb', line 67

def describe_changes
  # FIXME: describe what these are changing from and to
  changes = []
  changes << "change dacl" if should_update_dacl?
  changes << "change owner" if should_update_owner?
  changes << "change group" if should_update_group?
  changes
end

#requires_changes?Boolean

Returns:

  • (Boolean)


63
64
65
# File 'lib/chef/file_access_control/windows.rb', line 63

def requires_changes?
  should_update_dacl? || should_update_owner? || should_update_group?
end

#set_allObject



53
54
55
56
57
# File 'lib/chef/file_access_control/windows.rb', line 53

def set_all
  set_owner
  set_group
  set_dacl
end

#set_all!Object



47
48
49
50
51
# File 'lib/chef/file_access_control/windows.rb', line 47

def set_all!
  set_owner!
  set_group!
  set_dacl
end