Help with WMI and access rights

Richard Jebb
Richard Jebb used Ask the Experts™
on
Hi

I am developing an HTA to gather diagnostic system information for us so that we can run a series of standard checks on systems running our software and detect a number of common configuraton problems.

One of the things I would like to do is for the HTA to be able to examine a series of files and folders and based on the identity of the user who has run the HTA, check

- does the user have permission to view the folder/file?
- does the user have permission to open the file for reading?
- does the user have permission to write to the file (or create files in the folder)?

Can anyone point me at some boilerplate code that covers this type of operation? I'm not familiar with WMI and have been building the HTA on a cut and paste basis, so I'm looking for some fairly straightforward stuff I can modify if necessary.

Thanks in advance


Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2012
Top Expert 2014
Commented:
Hi, I'm not sure how you are incorporating this into your HTA, but this VBS code should run these tests in the folder specified.

Regards,

Rob.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Const intForReading = 1
strFolder = "C:\Temp"
If Right(strFolder, 1) <> "\" Then strFolder = strFolder & "\"
On Error Resume Next
' Attempt to read the folder
Set objFolder = objFSO.GetFolder(strFolder)
If Err.Number = 0 Then
	' Attempt to open the first file in the folder for reading
	For Each objFile In objFolder.Files
		strFilePath = objFile.Path
		Exit For
	Next
	Set objFile = objFSO.OpenTextFile(strFilePath, intForReading, False)
	If Err.Number = 0 Then
		objFile.Close
		' Attempt to write a dummy file to the folder
		intDummyNumber = 0
		While objFSO.FileExists(strFolder & "DUMMYFILE " & intDummyNumber) = False
			intDummyNumber = intDummyNumber + 1
		Wend
		Set objFile = objFSO.CreateTextFile(strFolder & "DUMMYFILE " & intDummyNumber, False)
		If Err.Number = 0 Then
			objFile.Close
			MsgBox "All tests passed."
		Else
			MsgBox "Unable to create " & strFolder & "DUMMYFILE " & intDummyNumber & " for writing. " & Err.Number & ": " & Err.Description
			Err.Clear
		End If
	Else
		MsgBox "Unable to open " & strFilePath & " for reading. " & Err.Number & ": " & Err.Description
		Err.Clear
	End If
Else
	MsgBox "Unable to access " & strFolder & ". " & Err.Number & ": " & Err.Description
	Err.Clear
End If

Open in new window

Author

Commented:
This code will do the job, but I managed to locate the WMI routines that allow you to check for permssions on files and folders. These allow you to test the relevant access control lists without having to physically attempt to write into a folder or modify a file.

Author

Commented:
The basis of the solution I worked out for myself is shown in the code snippet below
Const FILE_READ_DATA =          &H1    ' Can read from file
Const FILE_WRITE_DATA =         &H2    ' Can write to file

Const FILE_LIST_DIRECTORY =     &H1    ' Can list folder contents
Const FILE_ADD_FILE =           &H2    ' Can create new file in folder


strFldName = "C:\Program Files\PCF Limited\inst_v5_Dev_QEI\temp"
Set oFld = GetObject("winMgmts:CIM_Directory.Name='" & strFldName & "'")
bCanScan = oFld.GetEffectivePermission(FILE_ADD_FILE)
Wscript.Echo "Caption: " & oFld.Caption & " " & CStr(bCanScan)

strFilName = "C:\Program Files\PCF Limited\inst_v5_Dev_QEI\temp\q00003L0.cmd"
Set oFil = GetObject("winMgmts:CIM_DataFile.Name='" & strFilName & "'")
bCanWrite = oFil.GetEffectivePermission(FILE_WRITE_DATA)
Wscript.Echo "Caption: " & oFil.Caption & " " & CStr(bCanWrite)

Open in new window

Most Valuable Expert 2012
Top Expert 2014

Commented:
Nice, that's short and sweet code...well done.

Rob.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial