class Chef::FileContentManagement::Deploy::MvWindows

Constants

ACL
Security

Public Instance Methods

create(file) click to toggle source
# File lib/chef/file_content_management/deploy/mv_windows.rb, line 37
def create(file)
  Chef::Log.trace("Touching #{file} to create it")
  FileUtils.touch(file)
end
deploy(src, dst) click to toggle source
# File lib/chef/file_content_management/deploy/mv_windows.rb, line 42
def deploy(src, dst)
  #
  # At the time of deploy ACLs are correctly configured on the
  # dst. This would be a simple atomic move operations in
  # windows was not converting inherited ACLs of src to
  # non-inherited ACLs in certain cases.See:
  # http://blogs.msdn.com/b/oldnewthing/archive/2006/08/24/717181.aspx
  #

  #
  # First cache the ACLs of dst file
  #

  dst_so = Security::SecurableObject.new(dst)
  begin
    # get the sd with the SACL
    dst_sd = dst_so.security_descriptor(true)
  rescue Chef::Exceptions::Win32APIError
    # Catch and raise if the user is not elevated enough.
    # At this point we can't configure the file as expected so
    # we're failing action on the resource.
    raise Chef::Exceptions::WindowsNotAdmin, "can not get the security information for '#{dst}' due to missing Administrator privileges."
  end

  dacl_present = dst_sd.dacl_present?
  if dacl_present
    if dst_sd.dacl.nil?
      apply_dacl = nil
    else
      apply_dacl = ACL.create(dst_sd.dacl.select { |ace| !ace.inherited? })
    end
  end

  sacl_present = dst_sd.sacl_present?
  if sacl_present
    if dst_sd.sacl.nil?
      apply_sacl = nil
    else
      apply_sacl = ACL.create(dst_sd.sacl.select { |ace| !ace.inherited? })
    end
  end

  #
  # Then deploy the file
  #

  FileUtils.mv(src, dst)

  #
  # Then apply the cached acls to the new dst file
  #

  dst_so = Security::SecurableObject.new(dst)
  dst_so.group = dst_sd.group
  dst_so.owner = dst_sd.owner
  dst_so.set_dacl(apply_dacl, dst_sd.dacl_inherits?) if dacl_present
  dst_so.set_sacl(apply_sacl, dst_sd.sacl_inherits?) if sacl_present
end