Is there a way to change windows file permissions within servoy via javascript,plugin or function. I need the ability to elevate and drop a clients permissions on network files via Servoy.
Is it possible to have servoy execute a command as an administrator on a clients machine. I am running a ubuntu linux app server with windows xp and 7 clients. I need servoy to perform an administrative task on a client’s machine that is running as a user.
var temp = plugins.file.createTempFile('set','.bat');
plugins.file.writeTXTFile(temp,'runas -u domain\\ADMIN -p password "program.exe")
application.executeProgram(temp);
The code above does not work and is just an example of what I am trying to accomplish. I am open to options via linux, ssh, etc…
Look at the sample code for application.executeProgram() for examples. No spaces are allowed – convert to comma separated parameters.
executeProgram works on the client machine if they are running smart client. Web client it is executed on the server.
Some more advanced sample code running curl to give you an idea of the formatting:
// initial page
var results = application.executeProgram(
"curl",
"-b cookies",
"-c cookies",
"http://www.xxx.com")
// grab sid
var sid = utils.stringMiddle(results, results.search(/sid/) + 5, 32)
// login
var results = application.executeProgram(
"curl",
"-b cookies",
"-c cookies",
"-d username=xxx",
"-d password=xxx",
"-d autologin=0",
"-d redirect=index.php",
"-d login=Login",
"-d sid=" + sid,
"http://www.xxx.com")
I realize the code I posted above is not valid. It was just to give users an idea what I was trying to accomplish. Below is a set of commands that allows servoy to modify windows permissions from win7 clients.
I use ‘CPAU’ (‘run as’ substitute) a command that supports encryption for commands and allow user and pass. Download CPAU here.CPAU
attrib Attrib | Microsoft Learn
icacls Icacls | Microsoft Learn
var file = 'Z:\\Test\\change.txt'; //network file path
//Sets change.txt attribute to Read Only
application.executeProgram('Z:\\CPAU.exe','-u','DOMAIN\\USER','-p','PASS','-ex','"C:\\Windows\\System32\\attrib.exe +R '+file+'"','-file','"C:\\run.job"','-enc');//encrypt file
application.executeProgram('Z:\\CPAU.exe','-file','C:\\run.job','-dec','-lwop','-hide','-cwd','"C:\\"'); // execute encrypted job file
plugins.file.deleteFile('C:\\run.job'); //delete encrypted job file
//Breaks inheritance and copies permissions, Denies specific user permissions to change.txt
application.executeProgram('Z:\\CPAU.exe','-u','DOMAIN\\USER','-p','PASS','-ex','"C:\\Windows\\System32\\icacls.exe '+file+' /inheritance:d /deny DOMAIN\\USER:(D,WD,AD,WA,WEA,WO,WDAC,AS) /q"','-file','"C:\\run.job"','-enc');
application.executeProgram('Z:\\CPAU.exe','-file','C:\\run.job','-dec','-lwop','-hide','-cwd','"C:\\"');
plugins.file.deleteFile('C:\\run.job');
//Set owner of change.txt
application.executeProgram('Z:\\CPAU.exe','-u','DOMAIN\\USER','-p','PASS','-ex','"C:\\Windows\\System32\\icacls.exe '+file+' /setowner DOMAIN\\USER /q"','-file','"C:\\run.job"','-enc');
application.executeProgram('Z:\\CPAU.exe','-file','C:\\run.job','-dec','-lwop','-hide','-cwd','"C:\\"');
plugins.file.deleteFile('C:\\run.job');
This works very well. There are several variations of the above commands and all should be executed as admin of the network location.