Categorygithub.com/capnspacehook/go-acl
modulepackage
0.0.0-20191017210724-28a28d1b4c77
Repository: https://github.com/capnspacehook/go-acl.git
Documentation: pkg.go.dev

# README

go-acl

Build status GoDoc MIT License

Manipulating ACLs (Access Control Lists) on Windows is difficult. go-acl wraps the Windows API functions that control access to objects, simplifying the process.

Using the Package

To use the package add the following imports:

import (
    "github.com/hectane/go-acl"
    "golang.org/x/sys/windows"
)

Examples

Probably the most commonly used function in this package is Chmod:

if err := acl.Chmod("C:\\path\\to\\file.txt", 0755); err != nil {
    panic(err)
}

To grant read access to user "Alice" and deny write access to user "Bob":

if err := acl.Apply(
    "C:\\path\\to\\file.txt",
    false,
    false,
    acl.GrantName(windows.GENERIC_READ, "Alice"),
    acl.DenyName(windows.GENERIC_WRITE, "Bob"),
); err != nil {
    panic(err)
}

Using the API Directly

go-acl's api package exposes the individual Windows API functions that are used to manipulate ACLs. For example, to retrieve the current owner of a file:

import (
    "github.com/hectane/go-acl/api"
    "golang.org/x/sys/windows"
)

var (
    owner   *windows.SID
    secDesc windows.Handle
)
err := api.GetNamedSecurityInfo(
    "C:\\path\\to\\file.txt",
    api.SE_FILE_OBJECT,
    api.OWNER_SECURITY_INFORMATION,
    &owner,
    nil,
    nil,
    nil,
    &secDesc,
)
if err != nil {
    panic(err)
}
defer windows.LocalFree(secDesc)

owner will then point to the SID for the owner of the file.

# Packages

Windows API functions for manipulating ACLs.

# Functions

Apply the provided access control entries to a file.
Change the permissions of the specified file.
Create an ExplicitAccess instance denying permissions to the provided name.
Create an ExplicitAccess instance denying permissions to the provided SID.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
Create an ExplicitAccess instance granting permissions to the provided name.
Create an ExplicitAccess instance granting permissions to the provided SID.

# Constants

No description provided by the author
for a directory, the ability to add a subdirectory.
for a directory, the ability to traverse.
No description provided by the author
for a directory, the ability to list contents.
No description provided by the author
No description provided by the author
for a directory, the ability to add a file.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author