go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers/os/resources/groups/ps1getlocalgroup.go (about) 1 // Copyright (c) Mondoo, Inc. 2 // SPDX-License-Identifier: BUSL-1.1 3 4 package groups 5 6 import ( 7 "encoding/json" 8 "io" 9 10 "go.mondoo.com/cnquery/providers/os/connection/shared" 11 "go.mondoo.com/cnquery/providers/os/resources/powershell" 12 ) 13 14 type WindowsSID struct { 15 BinaryLength int 16 AccountDomainSid *string 17 Value string 18 } 19 20 type WindowsLocalGroup struct { 21 Name string 22 Description string 23 PrincipalSource int 24 SID WindowsSID 25 ObjectClass string 26 } 27 28 func ParseWindowsLocalGroups(r io.Reader) ([]WindowsLocalGroup, error) { 29 data, err := io.ReadAll(r) 30 if err != nil { 31 return nil, err 32 } 33 34 var localGroups []WindowsLocalGroup 35 err = json.Unmarshal(data, &localGroups) 36 if err != nil { 37 return nil, err 38 } 39 40 return localGroups, nil 41 } 42 43 type WindowsGroupManager struct { 44 conn shared.Connection 45 } 46 47 func (s *WindowsGroupManager) Name() string { 48 return "Windows Group Manager" 49 } 50 51 func (s *WindowsGroupManager) Group(id string) (*Group, error) { 52 groups, err := s.List() 53 if err != nil { 54 return nil, err 55 } 56 57 return findGroup(groups, id) 58 } 59 60 func (s *WindowsGroupManager) List() ([]*Group, error) { 61 powershellCmd := "Get-LocalGroup | ConvertTo-Json" 62 c, err := s.conn.RunCommand(powershell.Wrap(powershellCmd)) 63 if err != nil { 64 return nil, err 65 } 66 winUsers, err := ParseWindowsLocalGroups(c.Stdout) 67 if err != nil { 68 return nil, err 69 } 70 71 res := []*Group{} 72 for i := range winUsers { 73 res = append(res, winToGroup(winUsers[i])) 74 } 75 return res, nil 76 } 77 78 func winToGroup(g WindowsLocalGroup) *Group { 79 return &Group{ 80 ID: g.SID.Value, 81 Sid: g.SID.Value, 82 Gid: -1, // TODO: not its suboptimal, but lets make sure to avoid runtime conflicts for now 83 Name: g.Name, 84 Members: []string{}, 85 } 86 }