param(
    $out = "runtime\acl.csv",
    $base = "\\fserver.annax.local\newroot",
    [Switch]
    $verbose = $false,
    $erroraction = "Continue"
)

# $ErrorActionPreference = "Stop"
$ErrorActionPreference = $erroraction

Get-ChildItem $base -Recurse | % {
    $dir = $_
    try {

        # $dir.FullName | out-host
        $acl = Get-Acl $dir.FullName
        # $acl | Out-Host
        $acl.Access | Where-Object { $_.IsInherited -eq $false } | % {
            $axacl = $_.IdentityReference.Value
            if ($_.IdentityReference.Value -like "ANNAX\*") {
                if ($verbose) {
                    $axacl | Out-Host
                }
                $wtacl = $null
                $acl.Access | Where-Object { $_.IsInherited -eq $false -and (($_.IdentityReference.Value -replace "WABTEC\\ANG_") -eq ($axacl -replace "ANNAX\\")) } | % {
                    $wtacl = $_.IdentityReference.Value
                }
                if ($null -eq $wtacl) {
                    $dir.FullName | Out-Host
                    $axacl | Out-Host
                    [PSCustomObject]@{
                        dir = $dir.FullName
                        acl = $axacl
                        err = ""
                    } | Export-Csv -Append $out
                }
                else {
                    if ($verbose) {
                        "MATCH" | Out-Host
                        $wtacl  | Out-Host
                    }
                }
            }
        }
    }
    catch {
        [PSCustomObject]@{
            dir = $dir.FullName
            acl = ""
            err = $PSItem.ToString()
        } | Export-Csv -Append $out
    }
}