mirror of
https://github.com/DNSCrypt/dnscrypt-proxy.git
synced 2024-12-29 00:30:30 +01:00
4324a09fc9
To simulate failures opening a cache file, fixtures are written without the read permission bits. Since Unix permission bits have no meaning on Windows, a slightly more complicated solution is required to achieve the same permissions. Thankfully, there's a library to abstract that already. |
||
---|---|---|
.. | ||
api | ||
apply.go | ||
appveyor.yml | ||
chmod.go | ||
go.mod | ||
go.sum | ||
LICENSE.txt | ||
posix.go | ||
README.md | ||
util.go |
go-acl
Manipulating ACLs (Access Control Lists) on Windows is difficult. go-acl wraps the Windows API functions that control access to objects, simplifying the process.
Using the Package
To use the package add the following imports:
import (
"github.com/hectane/go-acl"
"golang.org/x/sys/windows"
)
Examples
Probably the most commonly used function in this package is Chmod
:
if err := acl.Chmod("C:\\path\\to\\file.txt", 0755); err != nil {
panic(err)
}
To grant read access to user "Alice" and deny write access to user "Bob":
if err := acl.Apply(
"C:\\path\\to\\file.txt",
false,
false,
acl.GrantName(windows.GENERIC_READ, "Alice"),
acl.DenyName(windows.GENERIC_WRITE, "Bob"),
); err != nil {
panic(err)
}
Using the API Directly
go-acl's api
package exposes the individual Windows API functions that are used to manipulate ACLs. For example, to retrieve the current owner of a file:
import (
"github.com/hectane/go-acl/api"
"golang.org/x/sys/windows"
)
var (
owner *windows.SID
secDesc windows.Handle
)
err := api.GetNamedSecurityInfo(
"C:\\path\\to\\file.txt",
api.SE_FILE_OBJECT,
api.OWNER_SECURITY_INFORMATION,
&owner,
nil,
nil,
nil,
&secDesc,
)
if err != nil {
panic(err)
}
defer windows.LocalFree(secDesc)
owner
will then point to the SID for the owner of the file.