From c486a1da077ed76dd5989f107d26bbeb724bc004 Mon Sep 17 00:00:00 2001
From: Niko Ehrenfeuchter <nikolaus.ehrenfeuchter@unibas.ch>
Date: Fri, 15 Dec 2017 11:52:20 +0100
Subject: [PATCH] Make enforcing of ACL inheritance configurable.
Using an optional element in the configuration XML, defaulting to "true"
via the configuration class constructor.
Refers to #16
---
AutoTx/AutoTx.cs | 12 +++++++-----
AutoTx/Resources/configuration-example.xml | 10 ++++++++++
AutoTx/XmlWrapper/ServiceConfig.cs | 18 ++++++++++++++++++
3 files changed, 35 insertions(+), 5 deletions(-)
diff --git a/AutoTx/AutoTx.cs b/AutoTx/AutoTx.cs
index 48738c7..fe4c5b5 100644
--- a/AutoTx/AutoTx.cs
+++ b/AutoTx/AutoTx.cs
@@ -272,6 +272,7 @@ namespace AutoTx
writeLogDebug("GracePeriod: " + _config.GracePeriod);
writeLogDebug("DestinationDirectory: " + _config.DestinationDirectory);
writeLogDebug("TmpTransferDir: " + _config.TmpTransferDir);
+ writeLogDebug("EnforceInheritedACLs: " + _config.EnforceInheritedACLs);
writeLogDebug("ServiceTimer: " + _config.ServiceTimer);
writeLogDebug("InterPacketGap: " + _config.InterPacketGap);
writeLogDebug("MaxCpuUsage: " + _config.MaxCpuUsage);
@@ -859,11 +860,12 @@ namespace AutoTx
target += "_" + CreateTimestamp();
writeLogDebug(" - " + subDir.Name + " > " + target);
subDir.MoveTo(target);
- // force inheritance of ACLs for the moved directories (see
- // https://support.microsoft.com/en-us/help/320246 for more details):
- var acl = Directory.GetAccessControl(target);
- acl.SetAccessRuleProtection(false, false);
- Directory.SetAccessControl(target, acl);
+
+ if (_config.EnforceInheritedACLs) {
+ var acl = Directory.GetAccessControl(target);
+ acl.SetAccessRuleProtection(false, false);
+ Directory.SetAccessControl(target, acl);
+ }
}
}
catch (Exception ex) {
diff --git a/AutoTx/Resources/configuration-example.xml b/AutoTx/Resources/configuration-example.xml
index 613981c..3b43030 100644
--- a/AutoTx/Resources/configuration-example.xml
+++ b/AutoTx/Resources/configuration-example.xml
@@ -81,4 +81,14 @@
<!-- AdminDebugEmailAdress: an email address where to send certain debug
messages to, e.g. on completed transfers. Can be empty. -->
<AdminDebugEmailAdress>admin@mydomain.xy</AdminDebugEmailAdress>
+
+
+ <!-- OPTIONAL CONFIGURATION SETTINGS -->
+
+ <!-- EnforceInheritedACLs: whether to enforce ACL inheritance when moving
+ files and directories, see this page for details (DEFAULT: true)
+ https://support.microsoft.com/en-us/help/320246 -->
+ <EnforceInheritedACLs>false</EnforceInheritedACLs>
+
+ <!-- OPTIONAL CONFIGURATION SETTINGS -->
</ServiceConfig>
\ No newline at end of file
diff --git a/AutoTx/XmlWrapper/ServiceConfig.cs b/AutoTx/XmlWrapper/ServiceConfig.cs
index a160e7f..129b874 100644
--- a/AutoTx/XmlWrapper/ServiceConfig.cs
+++ b/AutoTx/XmlWrapper/ServiceConfig.cs
@@ -12,6 +12,11 @@ namespace AutoTx.XmlWrapper
[Serializable]
public class ServiceConfig
{
+ public ServiceConfig() {
+ // set values for the optional XML elements:
+ EnforceInheritedACLs = true;
+ }
+
/// <summary>
/// A human friendly name for the host, to be used in emails etc.
/// </summary>
@@ -88,6 +93,19 @@ namespace AutoTx.XmlWrapper
[XmlArrayItem(ElementName = "ProcessName")]
public List<string> BlacklistedProcesses { get; set; }
+
+
+ #region optional configuration parameters
+
+ /// <summary>
+ /// EnforceInheritedACLs: whether to enforce ACL inheritance when moving files and
+ /// directories, see https://support.microsoft.com/en-us/help/320246 for more details.
+ /// </summary>
+ public bool EnforceInheritedACLs { get; set; }
+
+ #endregion
+
+
public static void Serialize(string file, ServiceConfig c) {
// the config is never meant to be written by us, therefore:
throw new SettingsPropertyIsReadOnlyException("The config file must not be written by the service!");
--
GitLab