0

I am trying to provide read-only permission to folder/sub-folders for particular users in windows NAS server with following scenarios:

  • if user already has some permission remove all of that.

  • provide read permission for both enable/disable inheritance.

I tried below:

rem it's happing only for disable inheritance, how to do it for enable inheritance.
rem Remove access:
icacls NAS-path /remove:g  UserNmae:(OI)(CI) /T
rem Provide read acces:
rem icacls NAS-path /grant UserNmae:(OI)(CI)R /T

How I will get the userName(who is accessing that path) so i can apply for that user ?

HomoTechsual
  • 129
  • 5
Hitesh Kumar
  • 101
  • 2
  • I don't want to apply it for all subfolders e.g. there are two users A, B and folder structure //xyz/A/abc.txt and //xyz/B/abc.txt then A can only access A folder and B can only access B folder and I want to apply read permission to the xyz folder. – Hitesh Kumar Apr 06 '17 at 12:37
  • I am doing it from java and able to get the users now, still have a problem with removing all the permission inheritance enable and disable for folder and files, it's adding read permission but not remove before grant permission. – Hitesh Kumar Apr 11 '17 at 07:44

1 Answers1

0
/**
* Method responsible to get the permissions from provider folder
* @param path
* @return List of users
*/
public Map<String,String> getPermissionsFromProviderFolder(String path){

 try {
  Path files = Paths.get(path);
  AclFileAttributeView aclFileAttributes = Files.getFileAttributeView(
      files, AclFileAttributeView.class);

    for (AclEntry aclEntry : aclFileAttributes.getAcl()) {
        String user = aclEntry.principal().toString();
          users.put(user,path); // users is a map defined
      }
    logger.logLoadOperation("folder security users list for :" + path, Level.INFO, null);
} catch (IOException e) {
    e.printStackTrace();
    }
 return users;
}

/**
* Method responsible to set the permissions to result log folder
* @param path
* @param permission
*/
public void resetPermissionsToResultLogs(String resultLogFolder, String permission, Map<String,String> users) {

String command=null;

for (Map.Entry<String, String> userlist : users.entrySet()) {
    String[] provider = userlist.getKey().split("\\(");
    String user = provider[0].trim();
    System.out.print("------location:-" + resultLogFolder);
    System.out.print("------user:-----" + user);
    System.out.println("");
    if("remove".equalsIgnoreCase(permission)){
        command = ICACLS +" "+ '"'+resultLogFolder+'"' +" /remove:g " + '"'+user+'"'+ ":(OI)(CI) /T";
        System.out.println("remve= "+command);
    }
    if("read".equalsIgnoreCase(permission)){
        command = ICACLS +" "+ '"'+resultLogFolder+'"' +" /grant " +'"'+user+'"'+ ":(OI)(CI)(R) /T";
        System.out.println("grant read ="+command);
    }
  }
}

**I am not able to remove all the permissions other then this every thing is working fine. thank you

Hitesh Kumar
  • 101
  • 2