diff options
Diffstat (limited to 'lib/chef/win32/file.rb')
-rw-r--r-- | lib/chef/win32/file.rb | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/lib/chef/win32/file.rb b/lib/chef/win32/file.rb index d489c9ce8a..e6640caa3c 100644 --- a/lib/chef/win32/file.rb +++ b/lib/chef/win32/file.rb @@ -155,6 +155,27 @@ class Chef end end + def self.file_access_check(path, desired_access) + security_descriptor = Chef::ReservedNames::Win32::Security.get_file_security(path) + token_rights = Chef::ReservedNames::Win32::Security::TOKEN_IMPERSONATE | + Chef::ReservedNames::Win32::Security::TOKEN_QUERY | + Chef::ReservedNames::Win32::Security::TOKEN_DUPLICATE | + Chef::ReservedNames::Win32::Security::STANDARD_RIGHTS_READ + token = Chef::ReservedNames::Win32::Security.open_process_token( + Chef::ReservedNames::Win32::Process.get_current_process, + token_rights) + duplicate_token = token.duplicate_token(:SecurityImpersonation) + + mapping = Chef::ReservedNames::Win32::Security::GENERIC_MAPPING.new + mapping[:GenericRead] = Chef::ReservedNames::Win32::Security::FILE_GENERIC_READ + mapping[:GenericWrite] = Chef::ReservedNames::Win32::Security::FILE_GENERIC_WRITE + mapping[:GenericExecute] = Chef::ReservedNames::Win32::Security::FILE_GENERIC_EXECUTE + mapping[:GenericAll] = Chef::ReservedNames::Win32::Security::FILE_ALL_ACCESS + + Chef::ReservedNames::Win32::Security.access_check(security_descriptor, duplicate_token, + desired_access, mapping) + end + # ::File compat class << self alias :stat :info |