Make enforcing of ACL inheritance configurable.

Using an optional element in the configuration XML, defaulting to "true" via the configuration class constructor. Refers to #16

Make enforcing of ACL inheritance configurable.
c486a1da · Niko Ehrenfeuchter · 5c3f1ab8 · c486a1da · c486a1da · c486a1da
Commit c486a1da authored 7 years ago by Niko Ehrenfeuchter
--- a/AutoTx/AutoTx.cs
+++ b/AutoTx/AutoTx.cs
@@ -272,6 +272,7 @@ namespace AutoTx
            writeLogDebug("GracePeriod: " + _config.GracePeriod);
            writeLogDebug("DestinationDirectory: " + _config.DestinationDirectory);
            writeLogDebug("TmpTransferDir: " + _config.TmpTransferDir);
+            writeLogDebug("EnforceInheritedACLs: " + _config.EnforceInheritedACLs);
            writeLogDebug("ServiceTimer: " + _config.ServiceTimer);
            writeLogDebug("InterPacketGap: " + _config.InterPacketGap);
            writeLogDebug("MaxCpuUsage: " + _config.MaxCpuUsage);
@@ -859,11 +860,12 @@ namespace AutoTx
                        target += "_" + CreateTimestamp();
                    writeLogDebug(" - " + subDir.Name + " > " + target);
                    subDir.MoveTo(target);
-                    // force inheritance of ACLs for the moved directories (see
-                    // https://support.microsoft.com/en-us/help/320246 for more details):
-                    var acl = Directory.GetAccessControl(target);
-                    acl.SetAccessRuleProtection(false, false);
-                    Directory.SetAccessControl(target, acl);
+
+                    if (_config.EnforceInheritedACLs) {
+                        var acl = Directory.GetAccessControl(target);
+                        acl.SetAccessRuleProtection(false, false);
+                        Directory.SetAccessControl(target, acl);
+                    }
                }
            }
            catch (Exception ex) {

--- a/AutoTx/Resources/configuration-example.xml
+++ b/AutoTx/Resources/configuration-example.xml
@@ -81,4 +81,14 @@
    <!-- AdminDebugEmailAdress: an email address where to send certain debug
         messages to, e.g. on completed transfers. Can be empty. -->
    <AdminDebugEmailAdress>admin@mydomain.xy</AdminDebugEmailAdress>
+
+
+    <!--  OPTIONAL CONFIGURATION SETTINGS  -->
+
+    <!-- EnforceInheritedACLs: whether to enforce ACL inheritance when moving
+         files and directories, see this page for details (DEFAULT: true)
+         https://support.microsoft.com/en-us/help/320246 -->
+    <EnforceInheritedACLs>false</EnforceInheritedACLs>
+
+    <!--  OPTIONAL CONFIGURATION SETTINGS  -->
 </ServiceConfig>
\ No newline at end of file
--- a/AutoTx/XmlWrapper/ServiceConfig.cs
+++ b/AutoTx/XmlWrapper/ServiceConfig.cs
@@ -12,6 +12,11 @@ namespace AutoTx.XmlWrapper
    [Serializable]
    public class ServiceConfig
    {
+        public ServiceConfig() {
+            // set values for the optional XML elements:
+            EnforceInheritedACLs = true;
+        }
+        
        /// <summary>
        /// A human friendly name for the host, to be used in emails etc.
        /// </summary>
@@ -88,6 +93,19 @@ namespace AutoTx.XmlWrapper
        [XmlArrayItem(ElementName = "ProcessName")]
        public List<string> BlacklistedProcesses { get; set; }

+
+
+        #region optional configuration parameters
+
+        /// <summary>
+        /// EnforceInheritedACLs: whether to enforce ACL inheritance when moving files and
+        /// directories, see https://support.microsoft.com/en-us/help/320246 for more details.
+        /// </summary>
+        public bool EnforceInheritedACLs { get; set; }
+
+        #endregion
+
+
        public static void Serialize(string file, ServiceConfig c) {
            // the config is never meant to be written by us, therefore:
            throw new SettingsPropertyIsReadOnlyException("The config file must not be written by the service!");