using namespace System.Security.AccessControl;
using namespace System.Security.Principal;

$null = New-Module {
    $uacOption = "EnableLUA";
    $systemPolicyPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System";

    $uacSetter = {
        param(
            [bool] $Value
        )

        Set-ItemProperty -Path $systemPolicyPath -Name $uacOption -Value ([int]$Value);
    }

    <#
        .SYNOPSIS
        Determines whether UAC is enabled.
    #>
    function Get-UACStatus {
        [bool](Get-ItemProperty -Path $systemPolicyPath -Name $uacOption);
    }

    <#
        .SYNOPSIS
        Enables UAC.
    #>
    function Enable-UAC {
        & $uacSetter $true;
    }

    <#
        .SYNOPSIS
        Disables UAC.
    #>
    function Disable-UAC {
        & $uacSetter $false;
    }

    <#
        .SYNOPSIS
        Sets read/write permissions for users at the specified path.

        .PARAMETER Path
        The path to allow access to users.
    #>
    function Set-UserPermissions {
        param(
            [string] $Path
        )

        $acl = Get-Acl $Path;

        $acl.AddAccessRule(
            [FileSystemAccessRule]::new(
                [SecurityIdentifier]::new([WellKnownSidType]::BuiltinUsersSid, $null),
                [FileSystemRights]::FullControl,
                (& {
                    if (Test-Path -PathType Container $Path) {
                        [InheritanceFlags]::ObjectInherit -bor [InheritanceFlags]::ContainerInherit
                    } else {
                        0
                    }
                }),
                [PropagationFlags]::InheritOnly,
                [AccessControlType]::Allow));

        Set-Acl $Path $acl;
    }
};