Access Controls Not Processing Correctly

I’ve got PSU 2.10.0 using Windows Authentication. Created a new role ‘ScriptCreator’ -

New-PSURole -Name 'ScriptCreator' -Description "Can create new scripts" -Policy {
    if ( $User.HasClaim("", 'S-1-5-21-1517553028-2257492215-940012151-49037') ) {
        return $true

I created a new Global access control ViewCreate that I assigned to this role

$ViewCreate = ([PowerShellUniversal.AccessControlType]::Create -bor [PowerShellUniversal.AccessControlType]::View)
New-PSUAccessControl -Role 'ScriptCreator' -ObjectType 'Script' -Type $ViewCreate

My test user can log in to the admin console and view scripts, but the option to create doesn’t seem to be present. Did I screw something up?

Product: PowerShell Universal
Version 2.10.0

You’re access control looks correct. I just check the UI code and that looks correct. I’ll have to setup a test and open an issue for this. If it’s broken, I’ll make sure it’s fixed in 2.10.1.

Thanks! This was the case in 2.9.2 as well. I updated to 2.10.0 to see if that helped anything when it didn’t work initially. Not sure if that’s helpful info at all, but there you go

1 Like