1
0
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git synced 2025-01-01 00:57:32 +01:00
dnscrypt-proxy/vendor/github.com/hectane/go-acl/apply.go
William Elwood 4324a09fc9 Fix failing tests on Windows
To simulate failures opening a cache file, fixtures are written without the read permission bits.
Since Unix permission bits have no meaning on Windows, a slightly more complicated solution is required to achieve the same permissions.
Thankfully, there's a library to abstract that already.
2019-11-08 10:17:12 +01:00

56 lines
1.1 KiB
Go

//+build windows
package acl
import (
"github.com/hectane/go-acl/api"
"golang.org/x/sys/windows"
"unsafe"
)
// Apply the provided access control entries to a file. If the replace
// parameter is true, existing entries will be overwritten. If the inherit
// parameter is true, the file will inherit ACEs from its parent.
func Apply(name string, replace, inherit bool, entries ...api.ExplicitAccess) error {
var oldAcl windows.Handle
if !replace {
var secDesc windows.Handle
api.GetNamedSecurityInfo(
name,
api.SE_FILE_OBJECT,
api.DACL_SECURITY_INFORMATION,
nil,
nil,
&oldAcl,
nil,
&secDesc,
)
defer windows.LocalFree(secDesc)
}
var acl windows.Handle
if err := api.SetEntriesInAcl(
entries,
oldAcl,
&acl,
); err != nil {
return err
}
defer windows.LocalFree((windows.Handle)(unsafe.Pointer(acl)))
var secInfo uint32
if !inherit {
secInfo = api.PROTECTED_DACL_SECURITY_INFORMATION
} else {
secInfo = api.UNPROTECTED_DACL_SECURITY_INFORMATION
}
return api.SetNamedSecurityInfo(
name,
api.SE_FILE_OBJECT,
api.DACL_SECURITY_INFORMATION|secInfo,
nil,
nil,
acl,
0,
)
}