1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
## go-acl
[](https://ci.appveyor.com/project/nathan-osman/go-acl)
[](https://godoc.org/github.com/hectane/go-acl)
[](http://opensource.org/licenses/MIT)
Manipulating ACLs (Access Control Lists) on Windows is difficult. go-acl wraps the Windows API functions that control access to objects, simplifying the process.
### Using the Package
To use the package add the following imports:
import (
"github.com/hectane/go-acl"
"golang.org/x/sys/windows"
)
### Examples
Probably the most commonly used function in this package is `Chmod`:
if err := acl.Chmod("C:\\path\\to\\file.txt", 0755); err != nil {
panic(err)
}
To grant read access to user "Alice" and deny write access to user "Bob":
if err := acl.Apply(
"C:\\path\\to\\file.txt",
false,
false,
acl.GrantName(windows.GENERIC_READ, "Alice"),
acl.DenyName(windows.GENERIC_WRITE, "Bob"),
); err != nil {
panic(err)
}
### Using the API Directly
go-acl's `api` package exposes the individual Windows API functions that are used to manipulate ACLs. For example, to retrieve the current owner of a file:
import (
"github.com/hectane/go-acl/api"
"golang.org/x/sys/windows"
)
var (
owner *windows.SID
secDesc windows.Handle
)
err := api.GetNamedSecurityInfo(
"C:\\path\\to\\file.txt",
api.SE_FILE_OBJECT,
api.OWNER_SECURITY_INFORMATION,
&owner,
nil,
nil,
nil,
&secDesc,
)
if err != nil {
panic(err)
}
defer windows.LocalFree(secDesc)
`owner` will then point to the SID for the owner of the file.
|
