From 505ee2ad34d8db65b0637156cda921a9e74d07a7 Mon Sep 17 00:00:00 2001 From: Manuel Thalmann Date: Fri, 9 Aug 2024 15:56:16 +0200 Subject: [PATCH] Add a function for allowing user access --- scripts/Windows/Scripts/Security.ps1 | 28 +++++++++++++++++++++++++ scripts/Windows/Software/NVS/Manage.ps1 | 13 ++---------- 2 files changed, 30 insertions(+), 11 deletions(-) diff --git a/scripts/Windows/Scripts/Security.ps1 b/scripts/Windows/Scripts/Security.ps1 index c23c7f0c..0256c28b 100644 --- a/scripts/Windows/Scripts/Security.ps1 +++ b/scripts/Windows/Scripts/Security.ps1 @@ -1,3 +1,6 @@ +using namespace System.Security.AccessControl; +using namespace System.Security.Principal; + $null = New-Module { $uacOption = "EnableLUA"; $systemPolicyPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System"; @@ -33,4 +36,29 @@ $null = New-Module { function Disable-UAC { & $uacSetter $false; } + + <# + .SYNOPSIS + Sets read/write permissions for users at the specified path. + + .PARAMETER Path + The path to allow access to users. + #> + function Set-UserPermissions { + param( + [string] $Path + ) + + $acl = Get-Acl $Path; + + $acl.AddAccessRule( + [FileSystemAccessRule]::new( + [SecurityIdentifier]::new([WellKnownSidType]::BuiltinUsersSid, $null), + [FileSystemRights]::FullControl, + [InheritanceFlags]::ObjectInherit -bor [InheritanceFlags]::ContainerInherit, + [PropagationFlags]::InheritOnly, + [AccessControlType]::Allow)); + + Set-Acl $Path $acl; + } }; \ No newline at end of file diff --git a/scripts/Windows/Software/NVS/Manage.ps1 b/scripts/Windows/Software/NVS/Manage.ps1 index f3356e3e..b420edb2 100644 --- a/scripts/Windows/Software/NVS/Manage.ps1 +++ b/scripts/Windows/Software/NVS/Manage.ps1 @@ -6,6 +6,7 @@ param( [hashtable] $Arguments ) +. "$PSScriptRoot/../../Scripts/Security.ps1"; . "$PSScriptRoot/../../../Common/Scripts/Software.ps1"; . "$PSScriptRoot/../../../Common/Types/InstallerAction.ps1"; @@ -19,18 +20,8 @@ Start-SoftwareInstaller @PSBoundParameters ` git clone "https://github.com/jasongin/nvs.git" $env:NVS_HOME; & "$env:NVS_HOME\nvs.cmd" install; - $acl = Get-Acl $env:NVS_HOME; - - $acl.AddAccessRule( - [FileSystemAccessRule]::new( - [SecurityIdentifier]::new([WellKnownSidType]::BuiltinUsersSid, $null), - [FileSystemRights]::FullControl, - [InheritanceFlags]::ObjectInherit -bor [InheritanceFlags]::ContainerInherit, - [PropagationFlags]::InheritOnly, - [AccessControlType]::Allow)); - - Set-Acl $env:NVS_HOME $acl; refreshenv; + Set-UserPermissions $env:NVS_HOME; & $Installer -Action ([InstallerAction]::Configure); } ` -Configurator {