diff options
author | Hans-Joachim Kliemeck <git@kliemeck.de> | 2015-10-18 17:24:27 +0200 |
---|---|---|
committer | Hans-Joachim Kliemeck <git@kliemeck.de> | 2015-10-18 17:24:27 +0200 |
commit | 95862793d0c00ee946ed891a021b8569cae9feab (patch) | |
tree | 41e288244c663ea6aed58972ff307ecd29a86994 /windows/win_acl_inheritance.ps1 | |
parent | 05f53f2b95975df9b714f7bb42a078f85aec0404 (diff) | |
download | ansible-modules-extras-95862793d0c00ee946ed891a021b8569cae9feab.tar.gz |
added module to disable acl inheritance
Diffstat (limited to 'windows/win_acl_inheritance.ps1')
-rw-r--r-- | windows/win_acl_inheritance.ps1 | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/windows/win_acl_inheritance.ps1 b/windows/win_acl_inheritance.ps1 new file mode 100644 index 00000000..e72570ba --- /dev/null +++ b/windows/win_acl_inheritance.ps1 @@ -0,0 +1,55 @@ +#!powershell +# This file is part of Ansible +# +# Copyright 2015, Hans-Joachim Kliemeck <git@kliemeck.de> +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see <http://www.gnu.org/licenses/>. + +# WANT_JSON +# POWERSHELL_COMMON + + +$params = Parse-Args $args; + +$result = New-Object PSObject; +Set-Attr $result "changed" $false; + +$path = Get-Attr $params "path" -failifempty $true +$copy = Get-Attr $params "copy" "no" -validateSet "no","yes" -resultobj $result + +If (-Not (Test-Path -Path $path)) { + Fail-Json $result "$path file or directory does not exist on the host" +} + +Try { + $objACL = Get-ACL $path + $alreadyDisabled = !$objACL.AreAccessRulesProtected + + If ($copy -eq "yes") { + $objACL.SetAccessRuleProtection($True, $True) + } Else { + $objACL.SetAccessRuleProtection($True, $False) + } + + If ($alreadyDisabled) { + Set-Attr $result "changed" $true; + } + + Set-ACL $path $objACL +} +Catch { + Fail-Json $result "an error occured when attempting to disable inheritance" +} + +Exit-Json $result |