问题
I'm reading some code and I can't figure out where a certain property, access, is being retrieved from.
Here is a snippet of the code I am looking at. I've removed some of the code. This code is part of a function, hence the return statements, but the rest of the func code isn't relevant to this post.
if ($targetObjType -eq "DirectoryInfo") {
$fileFolderObjs = @(Get-ChildItem $target -force -recurse -Directory -ErrorAction SilentlyContinue)
}
$fileFolderObjs | ForEach-Object {
$fileFolderObj = $_
try {
$ACL = $fileFolderObj.GetAccessControl()
}
catch {
write-host "error"
return
}
if (!$ACL) {
return
}
$access = $ACL | Select-Object -ExpandProperty Access #ACLs. Not seeing this property as existing in DirectorySecurity class documentation.
}
So I should be retrieving DirectoryInfo objects, calling GetAccessControl() on them, and getting a DirectorySecurity object back in return. The code runs properly and access property does return data, but I can't find any information in Microsoft docs for where this Access property comes from. It's not listed as a property on the DirectorySecurity object. Am I missing some object that DirectorySecurity inherits from?
Any help would be appreciated. Thanks
回答1:
PowerShell's type system, sometimes known as the Extended Type System (or ETS) works by transparently wrapping native .NET objects in a PSObject, which in turns allow us to extend types without actually modifying the type and identity of the underlying object.
In your specific case, the Access
property comes from a set of dynamic properties added to instances of System.Security.AccessControl.ObjectSecurity
.
Digging into the type data exposed by Get-TypeData
, we can even see it maps to a static method exposed by the class from which Get-Acl
derives:
$objectSecurityExtendedMembers = Get-TypeData -TypeName System.Security.AccessControl.ObjectSecurity|% Members
$objectSecurityExtendedMembers['Access']
Although it won't necessarily tell you from where it came, Get-Member
would have revealed Access
to be an ETS (and not a native .NET) property:
PS C:\> Get-Acl |Get-Member
TypeName: System.Security.AccessControl.DirectorySecurity
Name MemberType Definition
---- ---------- ----------
Access CodeProperty System.Security.AccessControl.AuthorizationRuleCollection Access{get=GetAccess;}
CentralAccessPolicyId CodeProperty System.Security.Principal.SecurityIdentifier CentralAccessPolicyId{get=GetCentra...
CentralAccessPolicyName CodeProperty System.String CentralAccessPolicyName{get=GetCentralAccessPolicyName;}
Group CodeProperty System.String Group{get=GetGroup;}
Owner CodeProperty System.String Owner{get=GetOwner;}
Path CodeProperty System.String Path{get=GetPath;}
Sddl CodeProperty System.String Sddl{get=GetSddl;}
AccessRuleFactory Method System.Security.AccessControl.AccessRule AccessRuleFactory(System.Security.Princ...
AddAccessRule Method void
Notice how it says it's a CodeProperty
and not a regular Property
. Anything that isn't listed as Method
, Property
or Event
is a PowerShell-specific member.
来源:https://stackoverflow.com/questions/61062261/where-is-this-access-property-coming-from-on-my-directorysecurity-object