few more improvements

santisq · santisq · commit 0264341062f5 · 2025-10-18T13:41:26.000-03:00
diff --git a/src/ADEffectiveAccess/GetADEffectiveAccessComand.cs b/src/ADEffectiveAccess/GetADEffectiveAccessComand.cs
@@ -1,4 +1,6 @@
 ﻿using System;
+using System.Diagnostics;
+using System.Diagnostics.CodeAnalysis;
 using System.DirectoryServices;
 using System.Management.Automation;
 using System.Security.Principal;
@@ -16,8 +18,7 @@ public sealed class GetADEffectiveAccessComand : PSCmdlet, IDisposable
 
     private const string IdentitySet = "Identity";
 
-    private static SecurityMasks Masks = SecurityMasks.Group
-        | SecurityMasks.Dacl | SecurityMasks.Owner;
+    private SecurityMasks _masks = SecurityMasks.Group | SecurityMasks.Dacl | SecurityMasks.Owner;
 
     private DirectoryEntryBuilder? _entryBuilder;
 
@@ -71,7 +72,7 @@ protected override void BeginProcessing()
     {
         if (Audit)
         {
-            Masks |= SecurityMasks.Sacl;
+            _masks |= SecurityMasks.Sacl;
         }
 
         try
@@ -82,7 +83,7 @@ protected override void BeginProcessing()
                 server: Server,
                 searchBase: SearchBase);
 
-            _map ??= GuidResolver.GetFromTLS();
+            _map = GuidResolver.GetFromTLS();
             _map.SetContext(Server, _entryBuilder);
         }
         catch (Exception exception)
@@ -93,7 +94,8 @@ protected override void BeginProcessing()
 
     protected override void ProcessRecord()
     {
-        if (_entryBuilder is null) return;
+        Assert(_entryBuilder is not null);
+        Assert(_map is not null);
 
         try
         {
@@ -112,12 +114,12 @@ protected override void ProcessRecord()
                 Tombstone = IncludeDeletedObjects,
                 SearchScope = SearchScope,
                 PageSize = PageSize,
-                SecurityMasks = Masks
+                SecurityMasks = _masks
             };
 
-            foreach (SearchResult obj in searcher.FindAll())
+            foreach (SearchResult result in searcher.FindAll())
             {
-                WriteRules(obj);
+                WriteRules(result);
             }
         }
         catch (Exception _) when (_ is PipelineStoppedException or FlowControlException)
@@ -134,17 +136,19 @@ protected override void ProcessRecord()
         }
     }
 
-    private void WriteRules(SearchResult obj)
+    private void WriteRules(SearchResult searchResult)
     {
-        if (!obj.TryGetProperty(SecurityDescriptor, out byte[]? descriptor))
+        Assert(_map is not null);
+
+        if (!searchResult.TryGetProperty(SecurityDescriptor, out byte[]? descriptor))
         {
-            obj.WriteInvalidSecurityDescriptorError(this);
+            searchResult.WriteInvalidSecurityDescriptorError(this);
             return;
         }
 
-        AclBuilder builder = new(obj.Path, descriptor);
+        AclBuilder builder = new(searchResult.Path, descriptor);
         WriteObject(
-            builder.EnumerateRules(_map!, includeAudit: Audit),
+            builder.EnumerateRules(_map, includeAudit: Audit),
             enumerateCollection: true);
     }
 
@@ -162,7 +166,7 @@ _ when LanguagePrimitives.TryConvertTo(identity, out SecurityIdentifier sid) =>
             filter: ldapFilter,
             propertiesToLoad: [SecurityDescriptor])
         {
-            SecurityMasks = Masks,
+            SecurityMasks = _masks,
             Tombstone = IncludeDeletedObjects
         };
 
@@ -172,6 +176,10 @@ _ when LanguagePrimitives.TryConvertTo(identity, out SecurityIdentifier sid) =>
         WriteRules(result);
     }
 
+    [Conditional("DEBUG")]
+    private static void Assert([DoesNotReturnIf(false)] bool condition, string? message = null)
+        => Debug.Assert(condition, message);
+
     public void Dispose()
     {
         _entryBuilder?.Dispose();

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,6 @@`
`1`	`1`	`using System;`
	`2`	`+using System.Diagnostics;`
	`3`	`+using System.Diagnostics.CodeAnalysis;`
`2`	`4`	`using System.DirectoryServices;`
`3`	`5`	`using System.Management.Automation;`
`4`	`6`	`using System.Security.Principal;`
`@@ -16,8 +18,7 @@ public sealed class GetADEffectiveAccessComand : PSCmdlet, IDisposable`
`16`	`18`
`17`	`19`	`private const string IdentitySet = "Identity";`
`18`	`20`
`19`		`- private static SecurityMasks Masks = SecurityMasks.Group`
`20`		`- \| SecurityMasks.Dacl \| SecurityMasks.Owner;`
	`21`	`+ private SecurityMasks _masks = SecurityMasks.Group \| SecurityMasks.Dacl \| SecurityMasks.Owner;`
`21`	`22`
`22`	`23`	`private DirectoryEntryBuilder? _entryBuilder;`
`23`	`24`
`@@ -71,7 +72,7 @@ protected override void BeginProcessing()`
`71`	`72`	`{`
`72`	`73`	`if (Audit)`
`73`	`74`	`{`
`74`		`- Masks \|= SecurityMasks.Sacl;`
	`75`	`+ _masks \|= SecurityMasks.Sacl;`
`75`	`76`	`}`
`76`	`77`
`77`	`78`	`try`
`@@ -82,7 +83,7 @@ protected override void BeginProcessing()`
`82`	`83`	`server: Server,`
`83`	`84`	`searchBase: SearchBase);`
`84`	`85`
`85`		`- _map ??= GuidResolver.GetFromTLS();`
	`86`	`+ _map = GuidResolver.GetFromTLS();`
`86`	`87`	`_map.SetContext(Server, _entryBuilder);`
`87`	`88`	`}`
`88`	`89`	`catch (Exception exception)`
`@@ -93,7 +94,8 @@ protected override void BeginProcessing()`
`93`	`94`
`94`	`95`	`protected override void ProcessRecord()`
`95`	`96`	`{`
`96`		`- if (_entryBuilder is null) return;`
	`97`	`+ Assert(_entryBuilder is not null);`
	`98`	`+ Assert(_map is not null);`
`97`	`99`
`98`	`100`	`try`
`99`	`101`	`{`
`@@ -112,12 +114,12 @@ protected override void ProcessRecord()`
`112`	`114`	`Tombstone = IncludeDeletedObjects,`
`113`	`115`	`SearchScope = SearchScope,`
`114`	`116`	`PageSize = PageSize,`
`115`		`- SecurityMasks = Masks`
	`117`	`+ SecurityMasks = _masks`
`116`	`118`	`};`
`117`	`119`
`118`		`- foreach (SearchResult obj in searcher.FindAll())`
	`120`	`+ foreach (SearchResult result in searcher.FindAll())`
`119`	`121`	`{`
`120`		`- WriteRules(obj);`
	`122`	`+ WriteRules(result);`
`121`	`123`	`}`
`122`	`124`	`}`
`123`	`125`	`catch (Exception _) when (_ is PipelineStoppedException or FlowControlException)`
`@@ -134,17 +136,19 @@ protected override void ProcessRecord()`
`134`	`136`	`}`
`135`	`137`	`}`
`136`	`138`
`137`		`- private void WriteRules(SearchResult obj)`
	`139`	`+ private void WriteRules(SearchResult searchResult)`
`138`	`140`	`{`
`139`		`- if (!obj.TryGetProperty(SecurityDescriptor, out byte[]? descriptor))`
	`141`	`+ Assert(_map is not null);`
	`142`	`+`
	`143`	`+ if (!searchResult.TryGetProperty(SecurityDescriptor, out byte[]? descriptor))`
`140`	`144`	`{`
`141`		`- obj.WriteInvalidSecurityDescriptorError(this);`
	`145`	`+ searchResult.WriteInvalidSecurityDescriptorError(this);`
`142`	`146`	`return;`
`143`	`147`	`}`
`144`	`148`
`145`		`- AclBuilder builder = new(obj.Path, descriptor);`
	`149`	`+ AclBuilder builder = new(searchResult.Path, descriptor);`
`146`	`150`	`WriteObject(`
`147`		`- builder.EnumerateRules(_map!, includeAudit: Audit),`
	`151`	`+ builder.EnumerateRules(_map, includeAudit: Audit),`
`148`	`152`	`enumerateCollection: true);`
`149`	`153`	`}`
`150`	`154`
`@@ -162,7 +166,7 @@ _ when LanguagePrimitives.TryConvertTo(identity, out SecurityIdentifier sid) =>`
`162`	`166`	`filter: ldapFilter,`
`163`	`167`	`propertiesToLoad: [SecurityDescriptor])`
`164`	`168`	`{`
`165`		`- SecurityMasks = Masks,`
	`169`	`+ SecurityMasks = _masks,`
`166`	`170`	`Tombstone = IncludeDeletedObjects`
`167`	`171`	`};`
`168`	`172`
`@@ -172,6 +176,10 @@ _ when LanguagePrimitives.TryConvertTo(identity, out SecurityIdentifier sid) =>`
`172`	`176`	`WriteRules(result);`
`173`	`177`	`}`
`174`	`178`
	`179`	`+ [Conditional("DEBUG")]`
	`180`	`+ private static void Assert([DoesNotReturnIf(false)] bool condition, string? message = null)`
	`181`	`+ => Debug.Assert(condition, message);`
	`182`	`+`
`175`	`183`	`public void Dispose()`
`176`	`184`	`{`
`177`	`185`	`_entryBuilder?.Dispose();`