public bool ValidateServerFilesHaveRecommendedPermissions()

in Configurator/Core/Server/ServerConfigurationController.cs [1602:1670]

• 62 lines of code
• 15 McCabe index (conditional complexity)

    public bool ValidateServerFilesHaveRecommendedPermissions()
    {
      if (!IsThereServerDataFiles)
      {
        return false;
      }

      var dataDirectory = Path.Combine(DataDirectory, "Data");
      if (DirectoryServicesWrapper.DirectoryPermissionsAreInherited(dataDirectory) == true)
      {
        return false;
      }

      var usersGroupSid = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null);
      var administratorsGroupSid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
      SecurityIdentifier serviceAccountSid = null;
      if (Settings.ConfigureAsService)
      {
        if (string.IsNullOrEmpty(Settings.ServiceAccountUsername))
        {
          return false;
        }

        var serviceAccountUsername = Settings.ServiceAccountUsername.StartsWith(".")
                                       ? Settings.ServiceAccountUsername.Replace(".", Environment.MachineName)
                                       : Settings.ServiceAccountUsername;
        var account = new NTAccount(serviceAccountUsername);
        if (account == null)
        {
          Logger.LogError(Resources.ServerConfigConvertToNTAccountFailed);
          return false;
        }

        try
        {
          serviceAccountSid = account.Translate(typeof(SecurityIdentifier)) as SecurityIdentifier;
        }
        catch (Exception ex)
        {
          Logger.LogException(ex);
        }

        if (serviceAccountSid == null)
        {
          Logger.LogError(string.Format(Resources.ServerConfigCouldNotObtainSid, account.Value));
          return false;
        }
      }

      var serverFilesHaveRecommendedPermissions = !DirectoryServicesWrapper.HasAccessToDirectory(usersGroupSid, dataDirectory, null)
                                                  && DirectoryServicesWrapper.HasAccessToDirectory(administratorsGroupSid, dataDirectory, FileSystemRights.FullControl)
                                                  && Settings.ConfigureAsService
                                                       ? DirectoryServicesWrapper.HasAccessToDirectory(serviceAccountSid, dataDirectory, FileSystemRights.FullControl)
                                                       : OldSettings != null
                                                         && OldSettings.ConfigureAsService
                                                           ? !DirectoryServicesWrapper.HasAccessToDirectory(DirectoryServicesWrapper.GetSecurityIdentifier(OldSettings.ServiceAccountUsername), dataDirectory, FileSystemRights.FullControl)
                                                           : true;
      UpdateDataDirectoryPermissions = !serverFilesHaveRecommendedPermissions;
      if (ConfigurationType == ConfigurationType.Upgrade)
      {
        UpdateUpgradeConfigSteps();
      }
      else
      {
        UpdateConfigurationSteps();
      }

      return serverFilesHaveRecommendedPermissions;
    }