Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <#
- SVN Access Level Enum Values
- ----------------------------
- No Access = 0
- Read Only = 1
- Read Write = 2
- #>
- $userAccountObj = @"
- public class UserAccount {
- public string SID;
- public int Access;
- public UserAccount(string SID, int Access) {
- this.SID = SID;
- this.Access = Access;
- }
- }
- "@
- Add-Type -TypeDefinition $userAccountObj -Language CSharp
- function GetPermObject {
- param([string]$sid, [int]$access)
- ## Import System.Management assembly and create WMI objects
- Add-Type -Path $($env:systemroot\Microsoft.NET\Framework64\v2.0.50727\System.Management.dll)
- $connOpts = New-Object System.Management.ConnectionOptions
- $connOpts.Impersonation = [System.Management.ImpersonationLevel]::Impersonate;
- $connOpts.EnablePrivileges = $true;
- if ((-not $snv_host -like "localhost") -or (-not $svn_host -like "127.0.0.1")) {
- $connOpts.Username = $cred.UserName;
- $connOpts.SecurePassword = $cred.Password;
- }
- $scope = New-Object System.Management.ManagementScope([string]::Format("\\{0}\{1}", $svn_host, "root\VisualSVN"), $connOpts);
- $scope.Connect();
- $se = New-Object System.Management.ManagementPath -ArgumentList "VisualSVN_PermissionEntry";
- $secEntry = New-Object System.Management.ManagementClass($scope, $se, $null);
- $wa = New-Object System.Management.ManagementPath -ArgumentList "VisualSVN_WindowsAccount";
- $account = New-Object System.Management.ManagementClass($scope, $wa, $null);
- $account.SetPropertyValue("SID", $sid);
- $secEntry.SetPropertyValue("AccessLevel", $access);
- $secEntry.SetPropertyValue("Account", $account);
- $secEntry
- }
- function SetPermissions{
- param($repoObj, [string]$path, [object[]]$permissions)
- Add-Type -Path $($env:systemroot\Microsoft.NET\Framework64\v2.0.50727\System.Management.dll)
- $permsObj = New-Object System.Collections.ArrayList
- $permissions | ForEach-Object -Process { $permsObj.Add($(GetPermObject -sid $_.SID -access $_.Access)) };
- $inParams = $repoObj.GetMethodParameters("SetSecurity");
- $inParams.SetPropertyValue("Path", $path);
- $inParams.ResetChildren = $true
- $inParams.Permissions = $permsObj.ToArray();
- $repoObj.InvokeMethod("SetSecurity", $inParams, $null);
- }
- ## Set security on repository
- Write-Host "Setting security on repository"
- $ad_noaccess_group = Get-ADGroup -Filter {Name -like $noaccess_group}
- $ad_read_group = Get-ADGroup -Filter {Name -like $read_group}
- $ad_write_group = Get-ADGroup -Filter {Name -like $write_group}
- $svn_groups = @()
- $svn_groups += New-Object UserAccount -ArgumentList @($ad_noaccess_group.SID.Value, 0)
- $svn_groups += New-Object UserAccount -ArgumentList @($ad_read_group.SID.Value, 1)
- $svn_groups += New-Object UserAccount -ArgumentList @($ad_write_group.SID.Value, 2)
- $repoObj = Get-WmiObject -ComputerName $svn_host -Namespace root\VisualSVN -Class VisualSVN_Repository | ? {$_.Name -like $repo_name}
- if ($repoObj -ne $null) {
- SetPermissions -repoObj $repoObj -path "/" -permissions $svn_groups
- } else {
- Write-Warning "Cannot find group $repo_name!`nPermissions not set on repository."
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement