Gate NTFS share ensure behind config

2026-03-29 23:16:56 +02:00
parent ae65f8e758
commit 17bcf9d4fb
2 changed files with 15 additions and 3 deletions
--- a/LiamNtfs/C4IT.LIAM.Ntfs.cs
+++ b/LiamNtfs/C4IT.LIAM.Ntfs.cs
@@ -893,16 +893,24 @@ namespace C4IT.LIAM
            IEnumerable<string> ownerSids,
            IEnumerable<string> readerSids,
            IEnumerable<string> writerSids,
+            bool allowSharePathEnsure = false,
            bool ensureTraverseGroups = false,
            bool whatIf = false)
        {
            var classification = ClassifyPath(folderPath);
-            if (!IsSupportedPermissionManagedPathKind(classification, eNtfsPathKind.Folder, eNtfsPathKind.ClassicShare, eNtfsPathKind.DfsLink))
+            var allowShareKinds = allowSharePathEnsure;
+            if (!IsSupportedPermissionManagedPathKind(
+                classification,
+                allowShareKinds
+                    ? new[] { eNtfsPathKind.Folder, eNtfsPathKind.ClassicShare, eNtfsPathKind.DfsLink }
+                    : new[] { eNtfsPathKind.Folder }))
            {
                return Task.FromResult(new ResultToken(System.Reflection.MethodBase.GetCurrentMethod().ToString())
                {
                    resultErrorId = 30008,
-                    resultMessage = $"NTFS permission ensure is only supported for folder and share paths. DFS namespaces and server roots are skipped: {folderPath}"
+                    resultMessage = allowShareKinds
+                        ? $"NTFS permission ensure is only supported for folder and share paths. DFS namespaces and server roots are skipped: {folderPath}"
+                        : $"NTFS permission ensure is only supported for folder paths unless share support is explicitly enabled. Shares, DFS namespaces and server roots are skipped: {folderPath}"
                });
            }

--- a/LiamWorkflowActivities/LiamWorkflowRuntime.cs
+++ b/LiamWorkflowActivities/LiamWorkflowRuntime.cs
@@ -198,12 +198,14 @@ namespace LiamWorkflowActivities
                return result;
            }

+            var allowSharePathEnsure = IsAdditionalConfigurationEnabled(provider, "EnsureNtfsPermissionGroupsForShares");
            var token = await ntfsProvider.EnsureMissingPermissionGroupsAsync(
                folderPath,
                customTags,
                NormalizeIdentifierList(ownerSids),
                NormalizeIdentifierList(readerSids),
                NormalizeIdentifierList(writerSids),
+                allowSharePathEnsure,
                ensureTraverseGroups,
                IsWorkflowWhatIfEnabled(provider));
            if (token == null)
@@ -420,8 +422,9 @@ namespace LiamWorkflowActivities
            if (!IsAdditionalConfigurationEnabled(provider, "EnsureNtfsPermissionGroups"))
                return true;

+            var allowSharePathEnsure = IsAdditionalConfigurationEnabled(provider, "EnsureNtfsPermissionGroupsForShares");
            foreach (var ntfsArea in dataAreas
-                .Where(dataArea => dataArea is cLiamNtfsFolder || dataArea is cLiamNtfsShare)
+                .Where(dataArea => dataArea is cLiamNtfsFolder || allowSharePathEnsure && dataArea is cLiamNtfsShare)
                .Cast<cLiamNtfsPermissionDataAreaBase>())
            {
                var folderPath = ntfsArea.TechnicalName;
@@ -440,6 +443,7 @@ namespace LiamWorkflowActivities
                    null,
                    null,
                    null,
+                    allowSharePathEnsure,
                    false,
                    simulateOnly);
                if (ensureResult == null)