From 81216ee3188c1c3ec3397cb49d0fbc11ee69b5c6 Mon Sep 17 00:00:00 2001 From: "Michael H.G. Schmidt" Date: Tue, 15 Aug 2023 14:17:13 +0200 Subject: [PATCH] added permissions scripts --- tools/setgroup-fullaccess.cmd | 45 +++++++++++++++++++ tools/setgroup-readonly.cmd | 45 +++++++++++++++++++ ...fullaccess.cmd => setusers-fullaccess.cmd} | 3 +- ...ser-noaccess.cmd => setusers-noaccess.cmd} | 1 + ...ser-readonly.cmd => setusers-readonly.cmd} | 3 +- 5 files changed, 95 insertions(+), 2 deletions(-) create mode 100644 tools/setgroup-fullaccess.cmd create mode 100644 tools/setgroup-readonly.cmd rename tools/{setuser-fullaccess.cmd => setusers-fullaccess.cmd} (85%) rename tools/{setuser-noaccess.cmd => setusers-noaccess.cmd} (93%) rename tools/{setuser-readonly.cmd => setusers-readonly.cmd} (90%) diff --git a/tools/setgroup-fullaccess.cmd b/tools/setgroup-fullaccess.cmd new file mode 100644 index 0000000..cda96e1 --- /dev/null +++ b/tools/setgroup-fullaccess.cmd @@ -0,0 +1,45 @@ +@echo off + +IF %1.==. GOTO USAGE +IF %2.==. GOTO USAGE + +if /I %1 == %SystemDrive% goto nosystemdrive +if /I %1 == %SystemDrive%\ goto nosystemdrive + +if NOT EXIST %1 ( + echo ERROR: file or directory not found! + exit /b +) + +echo setting permissions for Group [ %2 ] on [ %1 ] to FULL-ACCESS ... + +if EXIST %1\* ( + + echo *** DIRECTORY mode *** + takeown /F %1 /R /A /D Y 1>nul + icacls %1 /inheritance:r + icacls %1 /grant Administrators:F /t /c /l /q + icacls %1 /grant %2:F /t /c /l /q + +) else ( + + echo *** FILE mode *** + takeown /F %1 /A 1>nul + icacls %1 /inheritance:r + icacls %1 /grant Administrators:F /c /l /q + icacls %1 /grant %2:F /c /l /q + +) +echo. +icacls %1 +GOTO END + +:nosystemdrive +echo ERROR: cannot use the SystemDrive! +GOTO END + +:USAGE +echo "usage: %0 " + +:END + diff --git a/tools/setgroup-readonly.cmd b/tools/setgroup-readonly.cmd new file mode 100644 index 0000000..37e2e2a --- /dev/null +++ b/tools/setgroup-readonly.cmd @@ -0,0 +1,45 @@ +@echo off + +IF %1.==. GOTO USAGE +IF %2.==. GOTO USAGE + +if /I %1 == %SystemDrive% goto nosystemdrive +if /I %1 == %SystemDrive%\ goto nosystemdrive + +if NOT EXIST %1 ( + echo ERROR: file or directory not found! + exit /b +) + +echo setting permissions for Group [ %2 ] on [ %1 ] to READ-ONLY ... + +if EXIST %1\* ( + + echo *** DIRECTORY mode *** + takeown /F %1 /R /A /D Y 1>nul + icacls %1 /inheritance:r + icacls %1 /grant Administrators:F /t /c /l /q + icacls %1 /grant %2:RX /t /c /l /q + +) else ( + + echo *** FILE mode *** + takeown /F %1 /A 1>nul + icacls %1 /inheritance:r + icacls %1 /grant Administrators:F /c /l /q + icacls %1 /grant %2:RX /c /l /q + +) +echo. +icacls %1 +GOTO END + +:nosystemdrive +echo ERROR: cannot use the SystemDrive! +GOTO END + +:USAGE +echo "usage: %0 " + +:END + diff --git a/tools/setuser-fullaccess.cmd b/tools/setusers-fullaccess.cmd similarity index 85% rename from tools/setuser-fullaccess.cmd rename to tools/setusers-fullaccess.cmd index 1ab9586..04c8ff2 100644 --- a/tools/setuser-fullaccess.cmd +++ b/tools/setusers-fullaccess.cmd @@ -10,7 +10,7 @@ if NOT EXIST %1 ( exit /b ) -echo setting permissions for Users on [ %1 ] to FULLA-ACCESS ... +echo setting permissions for Users on [ %1 ] to FULL-ACCESS ... if EXIST %1\* ( @@ -30,6 +30,7 @@ if EXIST %1\* ( ) echo. +icacls %1 GOTO END :nosystemdrive diff --git a/tools/setuser-noaccess.cmd b/tools/setusers-noaccess.cmd similarity index 93% rename from tools/setuser-noaccess.cmd rename to tools/setusers-noaccess.cmd index 410bd94..31d207e 100644 --- a/tools/setuser-noaccess.cmd +++ b/tools/setusers-noaccess.cmd @@ -30,6 +30,7 @@ if EXIST %1\* ( ) echo. +icacls %1 GOTO END :nosystemdrive diff --git a/tools/setuser-readonly.cmd b/tools/setusers-readonly.cmd similarity index 90% rename from tools/setuser-readonly.cmd rename to tools/setusers-readonly.cmd index 298b3e3..61b0d0d 100644 --- a/tools/setuser-readonly.cmd +++ b/tools/setusers-readonly.cmd @@ -23,13 +23,14 @@ if EXIST %1\* ( ) else ( echo *** FILE mode *** - takeown /F %1 /A 1>nul + takeown /F %1 /A 1>nul icacls %1 /inheritance:r icacls %1 /grant Administrators:F /c /l /q icacls %1 /grant Users:RX /c /l /q ) echo. +icacls %1 GOTO END :nosystemdrive