Class: Chef::FileContentManagement::Deploy::MvWindows

Inherits:
Object
  • Object
show all
Defined in:
lib/chef/file_content_management/deploy/mv_windows.rb

Constant Summary collapse

Security =
Chef::ReservedNames::Win32::Security
ACL =
Security::ACL

Instance Method Summary collapse

Instance Method Details

#create(file) ⇒ Object

[View source]

37
38
39
40
# File 'lib/chef/file_content_management/deploy/mv_windows.rb', line 37

def create(file)
  Chef::Log.trace("Touching #{file} to create it")
  FileUtils.touch(file)
end

#deploy(src, dst) ⇒ Object

[View source]

42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# File 'lib/chef/file_content_management/deploy/mv_windows.rb', line 42

def deploy(src, dst)
  #
  # At the time of deploy ACLs are correctly configured on the
  # dst. This would be a simple atomic move operations in
  # windows was not converting inherited ACLs of src to
  # non-inherited ACLs in certain cases.See:
  # http://blogs.msdn.com/b/oldnewthing/archive/2006/08/24/717181.aspx
  #

  #
  # First cache the ACLs of dst file
  #

  dst_so = Security::SecurableObject.new(dst)
  begin
    # get the sd with the SACL
    dst_sd = dst_so.security_descriptor(true)
  rescue Chef::Exceptions::Win32APIError
    # Catch and raise if the user is not elevated enough.
    # At this point we can't configure the file as expected so
    # we're failing action on the resource.
    raise Chef::Exceptions::WindowsNotAdmin, "can not get the security information for '#{dst}' due to missing Administrator privileges."
  end

  dacl_present = dst_sd.dacl_present?
  if dacl_present
    if dst_sd.dacl.nil?
      apply_dacl = nil
    else
      apply_dacl = ACL.create(dst_sd.dacl.select { |ace| !ace.inherited? })
    end
  end

  sacl_present = dst_sd.sacl_present?
  if sacl_present
    if dst_sd.sacl.nil?
      apply_sacl = nil
    else
      apply_sacl = ACL.create(dst_sd.sacl.select { |ace| !ace.inherited? })
    end
  end

  #
  # Then deploy the file
  #

  FileUtils.mv(src, dst)

  #
  # Then apply the cached acls to the new dst file
  #

  dst_so = Security::SecurableObject.new(dst)
  dst_so.group = dst_sd.group
  dst_so.owner = dst_sd.owner
  dst_so.set_dacl(apply_dacl, dst_sd.dacl_inherits?) if dacl_present
  dst_so.set_sacl(apply_sacl, dst_sd.sacl_inherits?) if sacl_present
end