icinga-powershell-framework/lib/core/icingaagent/setters/Set-IcingaAcl.psm1

function Set-IcingaAcl()
{
    param(
        [string]$Directory,
        [string]$IcingaUser = (Get-IcingaServiceUser),
        [switch]$Remove     = $FALSE
    );

    if (-Not (Test-Path $Directory)) {
        Write-IcingaConsoleWarning 'Unable to set ACL for directory "{0}". Directory does not exist' -Objects $Directory;
        return;
    }

    $DirectoryAcl        = (Get-Item -Path $Directory).GetAccessControl('Access');
    $DirectoryAccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule(
        $IcingaUser,
        'Modify',
        'ContainerInherit,ObjectInherit',
        'None',
        'Allow'
    );

    if ($Remove -eq $FALSE) {
        $DirectoryAcl.SetAccessRule($DirectoryAccessRule);
    } else {
        foreach ($entry in $DirectoryAcl.Access) {
            if (([string]($entry.IdentityReference)).ToLower() -like [string]::Format('*\{0}', $IcingaUser.ToLower())) {
                $DirectoryAcl.RemoveAccessRuleSpecific($entry);
            }
        }
    }

    Set-Acl -Path $Directory -AclObject $DirectoryAcl;

    if ($Remove -eq $FALSE) {
        Test-IcingaAcl -Directory $Directory -WriteOutput | Out-Null;
    }
}
Added Icinga Agent management Cmdlets 2019-09-29 12:25:40 -04:00			`function Set-IcingaAcl()`
			`{`
			`param(`
Adds support for JEA profiles 2021-08-06 12:12:27 -04:00			`[string]$Directory,`
			`[string]$IcingaUser = (Get-IcingaServiceUser),`
			`[switch]$Remove = $FALSE`
Added Icinga Agent management Cmdlets 2019-09-29 12:25:40 -04:00			`);`

			`if (-Not (Test-Path $Directory)) {`
Adds support for JEA profiles 2021-08-06 12:12:27 -04:00			`Write-IcingaConsoleWarning 'Unable to set ACL for directory "{0}". Directory does not exist' -Objects $Directory;`
Added Icinga Agent management Cmdlets 2019-09-29 12:25:40 -04:00			`return;`
			`}`

Fixes Set-IcingaAcl errors on older Windows systems Fixes #92 2020-08-03 13:37:19 -04:00			`$DirectoryAcl = (Get-Item -Path $Directory).GetAccessControl('Access');`
Added Icinga Agent management Cmdlets 2019-09-29 12:25:40 -04:00			`$DirectoryAccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule(`
Adds support for JEA profiles 2021-08-06 12:12:27 -04:00			`$IcingaUser,`
Added Icinga Agent management Cmdlets 2019-09-29 12:25:40 -04:00			`'Modify',`
			`'ContainerInherit,ObjectInherit',`
			`'None',`
			`'Allow'`
			`);`

Adds support for JEA profiles 2021-08-06 12:12:27 -04:00			`if ($Remove -eq $FALSE) {`
			`$DirectoryAcl.SetAccessRule($DirectoryAccessRule);`
			`} else {`
			`foreach ($entry in $DirectoryAcl.Access) {`
			`if (([string]($entry.IdentityReference)).ToLower() -like [string]::Format('*\{0}', $IcingaUser.ToLower())) {`
			`$DirectoryAcl.RemoveAccessRuleSpecific($entry);`
			`}`
			`}`
			`}`

Added Icinga Agent management Cmdlets 2019-09-29 12:25:40 -04:00			`Set-Acl -Path $Directory -AclObject $DirectoryAcl;`
Adds support for JEA profiles 2021-08-06 12:12:27 -04:00
			`if ($Remove -eq $FALSE) {`
			`Test-IcingaAcl -Directory $Directory -WriteOutput \| Out-Null;`
			`}`
Added Icinga Agent management Cmdlets 2019-09-29 12:25:40 -04:00			`}`