SetACL_GetInfo

February 21, 2011

I read on several forums where they were having problems parsing the cmd

window output text of SetACL.exe to their programs without writing to disk.

This is my attempt at it. Hope it will be useful to someone.

; Function: SetACL_GetInfo
; Tested: WinXP Pro SP2 - AutoIt v3.3.6.0 - SetACL v2.1.3.0
; February 21, 2011
; Example: Yes
#include <array.au3>; for showing array only
;
$rtn = SetACL_GetInfo('winmgmt', 3, 1); MsgBox - from Tab Format
MsgBox(0, 'SetACL_GetInfo - Computer: ' & @ComputerName, $rtn)
;
$rtn = SetACL_GetInfo('winmgmt', 3); 2d Array - from CSV Format
If @error Then MsgBox(0, 'SetACL_GetInfo - Computer: ' & @ComputerName, $rtn)
If Not @error And IsArray($rtn) Then _ArrayDisplay($rtn)
;
;#=================================================================================#
; SetACL_GetInfo($oName, $oType)
;
; Description: Retrieves owner, trustees and permissions of ACL objects
;
; Requirements: "SetACL.exe" must be in same folder as this script
; Download SetACL here: "http://sourceforge.net/projects/setacl/files/"
;
; * No writes or changes are made to your system with this script *
;
; Example1: SetACL_GetInfo(@TempDir, 1)
; Example2: SetACL_GetInfo('HKEY_LOCAL_MACHINE', 2)
;
; $oName = ObjectName
;
; $oType = ObjectType
; 1 = file (Directory/file)
; 2 = reg (Registry key)
; 3 = srv (Service)
; 4 = prn (Printer)
; 5 = shr (Network share)
;
; Success: Returns a 2d array
; $ma[0][0] = number of items
; $ma[1][0] = owner of object
; $ma[2][0] = trustees
; $ma[2][1] = permissions, $ma[2][2] = allow/deny, $ma[2][3] = inheritance
;
; $mode = 0 Default: Returns array
; $mode = 1 Returns SetACL tabbed output to MsgBox
;
;#=================================================================================#
Func SetACL_GetInfo($oName = '', $oType = 0, $mode = 0)
    If Not FileExists(@ScriptDir & '\SetACL.exe') Then Return SetError(-1, 0, 'Code 47: Missing File - SetACL.exe')
    Local $fv = StringReplace(FileGetVersion(@ScriptDir & '\SetACL.exe'), '.', '')
    If Number($fv) < 2130 Then Return SetError(-1, 0, 'Code 49: SetACL.exe: Invalid File Version')
    If StringInStr($oName, '\\') Or StringInStr($oName, '/') Then Return SetError(-2, 0, 'Code 50: Invalid ObjectName')
    ;
    If Not $oName Then Return SetError(-2, 0, 'Code 52: Invalid ObjectName')
    Switch $oType
        Case 1
            If Not FileExists($oName) Then Return SetError(-2, 0, 'Code 55: Invalid ObjectName')
            If (StringLen($oName) = 2) And (StringRight($oName, 1) = ':') Then $oName &= '\\'
            If (StringLen($oName) = 3) And (StringRight($oName, 1) = '\') Then $oName &= '\'
            $oType = 'file'
        Case 2
            RegRead($oName, '')
            If @error > 0 Then Return SetError(-2, 0, 'Code 61: Invalid ObjectName')
            $oType = 'reg'
        Case 3
            RegRead('HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\' & $oName, '')
            If @error > 0 Then Return SetError(-2, 0, 'Code 65: Invalid ObjectName')
            $oType = 'srv'
        Case 4
            RegRead('HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers\' & $oName, '')
            If @error > 0 Then Return SetError(-2, 0, 'Code 69: Invalid ObjectName')
            $oType = 'prn'
        Case 5
            RegRead('HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\Shares', $oName)
            If @error <> 0 Then Return SetError(-2, 0, 'Code 73: Invalid ObjectName')
            $oType = 'shr'
        Case Else
            Return SetError(-3, 0, 'Code 76: Invalid ObjectType')
    EndSwitch
    ;
    Local $fType = 'csv'
    If $mode = 1 Then $fType = 'tab'
    Local $eMsg = '', $stdout = ''
    Local $cmd = @ScriptDir & '\SetACL.exe -on "' & $oName & '" -ot ' & $oType & ' -actn list -lst "f:' & $fType & ';w:o,d;i:y"'
    Local $pid = Run('cmd.exe /c "' & $cmd & '"', @ScriptDir, @SW_HIDE, 6)
    If Not $pid Then Return SetError(-4, 0, 'Code 83: Failed to run SetACL.exe')
    ;
    While 1
        $eMsg &= StderrRead($pid, 0, 0)
        If @error Then ExitLoop
        Sleep(10)
    WEnd
    If $eMsg Then Return SetError(-5, 0, 'Code 88: ' & $eMsg); <-- fix for "ACCESS DENIED" errors, etc
    ;
    While 1
        $stdout &= StdoutRead($pid, 0, 0)
        If @error Then ExitLoop
        Sleep(10)
    WEnd
    If Not $stdout Then Return SetError(-5, 0, 'Code 90: Failed to read stdout')
    If $mode = 1 Then Return SetError(0, 0, $stdout)
    ;
    Local $owner = StringRegExp($stdout, '(?i);(.*?)"', 3)
    If Not IsArray($owner) Then Return SetError(-6, 0, 'Code 94: Array Failure')
    $owner = StringSplit($owner[0], ':')
    If Not IsArray($owner) Then Return SetError(-7, 0, 'Code 96: Array Failure')
    If Not ($owner[0] > 1) Then Return SetError(-8, 0, 'Code 97: Failed to get owner')
    $stdout = StringLeft($stdout, StringInStr($stdout, ';', 0, -1) - 1)
    If $oType = 'file' Then $stdout = StringReplace($stdout, ':\', '\')
    Local $ta = StringSplit($stdout, ':')
    If Not IsArray($ta) Then Return SetError(-9, 0, 'Code 101: Array Failure')
    If Not ($ta[0] > 1) Then Return SetError(-10, 0, 'Code 102: Failed to read data')
    ;
    Local $sa, $ma[2][4]
    $ma[1][0] = $owner[2]
    $ma[1][1] = $owner[1]
    For $i = 2 To $ta[0]
        $sa = StringSplit($ta[$i], ',')
        If Not ($sa[0] > 3) Then ContinueLoop; <-- fix for "[NULL]" entries
        ReDim $ma[$i + 1][4]
        $ma[0][0] = $i
        $ma[$i][0] = $sa[1]
        $ma[$i][1] = $sa[2]
        $ma[$i][2] = $sa[3]
        $ma[$i][3] = $sa[4]
    Next
    Return SetError(0, 0, $ma)
EndFunc
;

-Edit-

March, 8, 2011 - fixed a few issues

1) Access Denied errors

2) [NULL] entries

Edited March 8, 2011 by ripdad

Sign In

SetACL_GetInfo

1 post in this topic

Share this post

Link to post

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Browse

AutoIt Resources

Release

Beta