PortValhalla/scripts/Windows/Scripts/Security.ps1
2024-10-06 21:25:34 +02:00

71 lines
1.7 KiB
PowerShell

using namespace System.Security.AccessControl;
using namespace System.Security.Principal;
$null = New-Module {
$uacOption = "EnableLUA";
$systemPolicyPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System";
$uacSetter = {
param(
[bool] $Value
)
Set-ItemProperty -Path $systemPolicyPath -Name $uacOption -Value ([int]$Value);
};
<#
.SYNOPSIS
Determines whether UAC is enabled.
#>
function Get-UACStatus {
[bool](Get-ItemProperty -Path $systemPolicyPath -Name $uacOption);
}
<#
.SYNOPSIS
Enables UAC.
#>
function Enable-UAC {
& $uacSetter $true;
}
<#
.SYNOPSIS
Disables UAC.
#>
function Disable-UAC {
& $uacSetter $false;
}
<#
.SYNOPSIS
Sets read/write permissions for users at the specified path.
.PARAMETER Path
The path to allow access to users.
#>
function Set-UserPermissions {
param(
[string] $Path
)
$acl = Get-Acl $Path;
$acl.AddAccessRule(
[FileSystemAccessRule]::new(
[SecurityIdentifier]::new([WellKnownSidType]::BuiltinUsersSid, $null),
[FileSystemRights]::FullControl,
(& {
if (Test-Path -PathType Container $Path) {
[InheritanceFlags]::ObjectInherit -bor [InheritanceFlags]::ContainerInherit
}
else {
0
}
}),
[PropagationFlags]::InheritOnly,
[AccessControlType]::Allow));
Set-Acl $Path $acl;
}
};