TestimoX

API Reference

Class

FileAclControl

Edit on GitHub
Namespace ComputerX.Controls
Assembly ComputerX
Source ComputerX/Controls/FileAclControl.cs:22
Implements
ICxControl
Modifiers sealed

Evaluates file or directory DACL against a set of required ACEs. Desired format is a list of entries "Principal|Rights|Allow|Inheritance" where Principal can be name or SID, Rights is a FileSystemRights token (e.g., FullControl, ReadAndExecute), Allow is optional (defaults to Allow), and Inheritance is optional (e.g., ContainerInherit,ObjectInherit).

Inheritance

  • Object
  • FileAclControl

Constructors

public FileAclControl(String id, String title, String path) #
ComputerX/Controls/FileAclControl.cs:22

Creates a file ACL control for the given target path.

Parameters

id System.String requiredposition: 0
title System.String requiredposition: 1
path System.String requiredposition: 2

Methods

public virtual CxEval Evaluate(String host, CxFacts facts) #
ComputerX/Controls/FileAclControl.cs:55
Returns: CxEval

Evaluates current ACL against desired entries per vendor.

Parameters

host System.String requiredposition: 0
facts ComputerX.Controls.CxFacts requiredposition: 1
public virtual Boolean IsApplicable(CxFacts facts) #
ComputerX/Controls/FileAclControl.cs:42
Returns: Boolean

Checks whether this control applies in the given facts context.

Parameters

facts ComputerX.Controls.CxFacts requiredposition: 0
public virtual Object ReadCurrent(String host, CxFacts facts) #
ComputerX/Controls/FileAclControl.cs:47
Returns: Object

Reads current DACL and returns it as normalized ACL lines.

Parameters

host System.String requiredposition: 0
facts ComputerX.Controls.CxFacts requiredposition: 1
public virtual Boolean TryWrite(String host, Object value, out String error) #
ComputerX/Controls/FileAclControl.cs:72
Returns: Boolean

Attempts to remediate ACL (not currently supported for this control).

Parameters

host System.String requiredposition: 0
value System.Object requiredposition: 1
error System.String@ requiredposition: 2
public FileAclControl WhereIs(CxCondition c) #
ComputerX/Controls/FileAclControl.cs:40
Returns: FileAclControl

Sets an applicability predicate for this control.

Parameters

c ComputerX.Controls.CxCondition requiredposition: 0
public FileAclControl WithDesired(CxVendor vendor, IEnumerable<String> aceEntries, String ruleId = null, String note = null, String description = null, String referenceUrl = null, String severity = null, String category = null, String[] tags = null) #
ComputerX/Controls/FileAclControl.cs:38
Returns: FileAclControl

Adds a vendor desired set of ACE entries with optional metadata.

Parameters

vendor ComputerX.Controls.CxVendor requiredposition: 0
aceEntries System.Collections.Generic.IEnumerable{System.String} requiredposition: 1
ruleId System.String = null optionalposition: 2
note System.String = null optionalposition: 3
description System.String = null optionalposition: 4
referenceUrl System.String = null optionalposition: 5
severity System.String = null optionalposition: 6
category System.String = null optionalposition: 7
tags System.String[] = null optionalposition: 8

Properties

public virtual String Id { get; } #
ComputerX/Controls/FileAclControl.cs:18

Stable identifier of the control.

public virtual String Title { get; } #
ComputerX/Controls/FileAclControl.cs:20

Human-friendly control title.

public virtual CxValueKind ValueKind { get; } #
ComputerX/Controls/FileAclControl.cs:22

Value kind for comparison (list of ACL lines).

public virtual CxComparator Comparator { get; } #
ComputerX/Controls/FileAclControl.cs:24

Comparator used to validate current permissions include desired entries.

public String Path { get; } #
ComputerX/Controls/FileAclControl.cs:26

Absolute path to the file or directory to evaluate.

public CxCondition Where { get; set; } #
ComputerX/Controls/FileAclControl.cs:28

Optional applicability predicate limiting where the control applies.

public virtual IReadOnlyList<CxDesired> Desired { get; } #
ComputerX/Controls/FileAclControl.cs:31

Vendor desired ACL entries (per baseline family).