/// <summary> /// Add the tag (<identity impersonate="true"/>) in your web.config file. /// </summary> internal static void SetFullControlForEveryOne(string path) { try { System.Security.AccessControl.DirectorySecurity directorySecurity = System.IO.Directory.GetAccessControl(path); // Using this instead of the "Everyone" // string means we work on non-English systems. System.Security.Principal.SecurityIdentifier everyone = new System.Security.Principal.SecurityIdentifier (System.Security.Principal.WellKnownSidType.WorldSid, null); System.Security.AccessControl.FileSystemAccessRule fileSystemAccessRule = new System.Security.AccessControl.FileSystemAccessRule (identity: everyone, fileSystemRights: System.Security.AccessControl.FileSystemRights.FullControl | System.Security.AccessControl.FileSystemRights.Synchronize, inheritanceFlags: System.Security.AccessControl.InheritanceFlags.ContainerInherit | System.Security.AccessControl.InheritanceFlags.ObjectInherit, propagationFlags: System.Security.AccessControl.PropagationFlags.None, type: System.Security.AccessControl.AccessControlType.Allow); directorySecurity.AddAccessRule(fileSystemAccessRule); System.IO.Directory.SetAccessControl (path: path, directorySecurity: directorySecurity); } catch (System.Exception ex) { string errorMessage = ex.Message; } }
private void Directory_Copy_CatchUnauthorizedAccessException_UserExplicitDeny(bool isNetwork) { UnitTestConstants.PrintUnitTestHeader(isNetwork); var tempPath = System.IO.Path.GetTempPath(); if (isNetwork) { tempPath = Alphaleonis.Win32.Filesystem.Path.LocalToUnc(tempPath); } using (var rootDir = new TemporaryDirectory(tempPath, "Directory.Copy")) { var folderSrc = rootDir.RandomFileFullPath; Console.WriteLine("\nSrc Directory Path: [{0}]", folderSrc); // ╔═════════════╦═════════════╦═══════════════════════════════╦════════════════════════╦══════════════════╦═══════════════════════╦═════════════╦═════════════╗ // ║ ║ folder only ║ folder, sub-folders and files ║ folder and sub-folders ║ folder and files ║ sub-folders and files ║ sub-folders ║ files ║ // ╠═════════════╬═════════════╬═══════════════════════════════╬════════════════════════╬══════════════════╬═══════════════════════╬═════════════╬═════════════╣ // ║ Propagation ║ none ║ none ║ none ║ none ║ InheritOnly ║ InheritOnly ║ InheritOnly ║ // ║ Inheritance ║ none ║ Container|Object ║ Container ║ Object ║ Container|Object ║ Container ║ Object ║ // ╚═════════════╩═════════════╩═══════════════════════════════╩════════════════════════╩══════════════════╩═══════════════════════╩═════════════╩═════════════╝ var user = (Environment.UserDomainName + @"\" + Environment.UserName).TrimStart('\\'); var rule = new System.Security.AccessControl.FileSystemAccessRule(user, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.InheritanceFlags.ContainerInherit | System.Security.AccessControl.InheritanceFlags.ObjectInherit, System.Security.AccessControl.PropagationFlags.None, System.Security.AccessControl.AccessControlType.Deny); var dirInfo = System.IO.Directory.CreateDirectory(folderSrc); // Set DENY for current user. var dirSecurity = dirInfo.GetAccessControl(); dirSecurity.AddAccessRule(rule); dirInfo.SetAccessControl(dirSecurity); var gotException = false; try { Alphaleonis.Win32.Filesystem.Directory.Copy(UnitTestConstants.SysRoot, dirInfo.FullName); } catch (Exception ex) { var exName = ex.GetType().Name; gotException = exName.Equals("UnauthorizedAccessException", StringComparison.OrdinalIgnoreCase); Console.WriteLine("\n\tCaught Exception: [{0}] Message: [{1}]", exName, ex.Message); } Assert.IsTrue(gotException, "The exception is not caught, but is expected to."); // Remove DENY for current user. dirSecurity = dirInfo.GetAccessControl(); dirSecurity.RemoveAccessRule(rule); dirInfo.SetAccessControl(dirSecurity); } Console.WriteLine(); }
public static void SetAccessFolderRule(string directoryPath) { System.Security.AccessControl.DirectorySecurity sec = System.IO.Directory.GetAccessControl(directoryPath); //string owner = sec.GetOwner(typeof(System.Security.Principal.NTAccount)).ToString(); System.Security.AccessControl.FileSystemAccessRule accRule = new System.Security.AccessControl.FileSystemAccessRule( OwnerOrUser, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow); sec.AddAccessRule(accRule); }
public static void DirectoryCopy(string sourceDirName, string destDirName, bool copySubDirs) { DirectoryInfo sourcedir = new DirectoryInfo(sourceDirName); // If the source directory does not exist, throw an exception. if (!sourcedir.Exists) { throw new DirectoryNotFoundException("Source directory does not exist or could not be found: " + sourceDirName); } // If the destination directory does not exist, create it. DirectoryInfo destDir = new DirectoryInfo(destDirName); if (destDir.Exists) { System.Security.AccessControl.DirectorySecurity sec3 = destDir.GetAccessControl(); System.Security.AccessControl.FileSystemAccessRule accRule3 = new System.Security.AccessControl.FileSystemAccessRule(Environment.UserDomainName + "\\" + Environment.UserName, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow); sec3.AddAccessRule(accRule3); destDir.Delete(true); destDir.Refresh(); } destDir.Create(); destDir.Refresh(); // Get the file contents of the directory to copy. FileInfo[] files = sourcedir.GetFiles(); foreach (FileInfo file in files) { // Create the path to the new copy of the file. string temppath = Path.Combine(destDirName, file.Name); // Copy the file. file.CopyTo(temppath, false); } // If copySubDirs is true, copy the subdirectories. if (copySubDirs) { DirectoryInfo[] dirs = sourcedir.GetDirectories(); foreach (DirectoryInfo subdir in dirs) { // Create the subdirectory. string temppath = Path.Combine(destDirName, subdir.Name); // Copy the subdirectories. DirectoryCopy(subdir.FullName, temppath, copySubDirs); } } }
/// <summary> /// 从指定的文件或目录移除访问权限。 /// </summary> /// <param name="path">文件或目录路径。</param> /// <param name="identity">Windows 用户或组名称。</param> /// <param name="fileSystemRights"></param> /// <param name="accessControlType">指定允许还是拒绝该操作。</param> public static void RemovePermission(string path, string identity, System.Security.AccessControl.FileSystemRights fileSystemRights, System.Security.AccessControl.AccessControlType accessControlType) { System.Security.AccessControl.FileSystemAccessRule ar1 = new System.Security.AccessControl.FileSystemAccessRule(identity, fileSystemRights, accessControlType); if (System.IO.Directory.Exists(path)) { System.Security.AccessControl.DirectorySecurity ds = System.IO.Directory.GetAccessControl(path); ds.RemoveAccessRuleAll(ar1); System.IO.Directory.SetAccessControl(path, ds); } else if (System.IO.File.Exists(path)) { System.Security.AccessControl.FileSecurity ds = System.IO.File.GetAccessControl(path); ds.RemoveAccessRuleAll(ar1); System.IO.File.SetAccessControl(path, ds); } }
private void Directory_Move_ThrowUnauthorizedAccessException_UserExplicitDenyOnDestinationFolder(bool isNetwork) { using (var tempRoot = new TemporaryDirectory(isNetwork)) { var srcFolder = tempRoot.CreateTree(); var dstFolder = tempRoot.CreateDirectory(); Console.WriteLine("Src Directory Path: [{0}]", srcFolder.FullName); Console.WriteLine("Dst Directory Path: [{0}]", dstFolder.FullName); var user = (Environment.UserDomainName + @"\" + Environment.UserName).TrimStart('\\'); var rule = new System.Security.AccessControl.FileSystemAccessRule(user, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.InheritanceFlags.ContainerInherit | System.Security.AccessControl.InheritanceFlags.ObjectInherit, System.Security.AccessControl.PropagationFlags.None, System.Security.AccessControl.AccessControlType.Deny); // Set DENY for current user. var dirSecurity = dstFolder.GetAccessControl(); dirSecurity.AddAccessRule(rule); dstFolder.SetAccessControl(dirSecurity); try { ExceptionAssert.UnauthorizedAccessException(() => Alphaleonis.Win32.Filesystem.Directory.Move(srcFolder.FullName, dstFolder.FullName, Alphaleonis.Win32.Filesystem.MoveOptions.ReplaceExisting)); } finally { // Remove DENY for current user. dirSecurity = dstFolder.GetAccessControl(); dirSecurity.RemoveAccessRule(rule); dstFolder.SetAccessControl(dirSecurity); } } Console.WriteLine(); }
/// <summary> /// 向指定的文件或目录追加访问权限。 /// </summary> /// <param name="path">文件或目录路径。</param> /// <param name="identity">Windows 用户或组名称。</param> /// <param name="fileSystemRights">访问权限。</param> /// <param name="accessControlType">指定允许还是拒绝该操作。</param> public static void AppendPermission(string path, string identity, System.Security.AccessControl.FileSystemRights fileSystemRights, System.Security.AccessControl.AccessControlType accessControlType) { System.Security.AccessControl.FileSystemAccessRule ar1 = new System.Security.AccessControl.FileSystemAccessRule(identity, fileSystemRights, accessControlType); if (System.IO.Directory.Exists(path)) { System.Security.AccessControl.FileSystemAccessRule ar2 = new System.Security.AccessControl.FileSystemAccessRule(identity, fileSystemRights, System.Security.AccessControl.InheritanceFlags.ContainerInherit | System.Security.AccessControl.InheritanceFlags.ObjectInherit, System.Security.AccessControl.PropagationFlags.InheritOnly, accessControlType); System.Security.AccessControl.DirectorySecurity ds = System.IO.Directory.GetAccessControl(path); ds.AddAccessRule(ar1); ds.AddAccessRule(ar2); System.IO.Directory.SetAccessControl(path, ds); } else if (System.IO.File.Exists(path)) { System.Security.AccessControl.FileSecurity ds = System.IO.File.GetAccessControl(path); ds.AddAccessRule(ar1); System.IO.File.SetAccessControl(path, ds); } }
public static bool SetAccessRule(string directory, bool IsMapPath = true) { var Rights = (System.Security.AccessControl.FileSystemRights) 0; Rights = System.Security.AccessControl.FileSystemRights.FullControl; // *** Add Access Rule to the actual directory itself var AccessRule = new System.Security.AccessControl.FileSystemAccessRule("Users", Rights, System.Security.AccessControl.InheritanceFlags.None, System.Security.AccessControl.PropagationFlags.NoPropagateInherit, System.Security.AccessControl.AccessControlType.Allow); directory = IsMapPath ? MapPath(directory) : directory; DirectoryInfo Info = new DirectoryInfo(directory); var Security = Info.GetAccessControl(System.Security.AccessControl.AccessControlSections.Access); bool Result = false; Security.ModifyAccessRule(System.Security.AccessControl.AccessControlModification.Set, AccessRule, out Result); if (!Result) { return(false); } // *** Always allow objects to inherit on a directory var iFlags = System.Security.AccessControl.InheritanceFlags.ObjectInherit; iFlags = System.Security.AccessControl.InheritanceFlags.ContainerInherit | System.Security.AccessControl.InheritanceFlags.ObjectInherit; // *** Add Access rule for the inheritance AccessRule = new System.Security.AccessControl.FileSystemAccessRule("Users", Rights, iFlags, System.Security.AccessControl.PropagationFlags.InheritOnly, System.Security.AccessControl.AccessControlType.Allow); Result = false; Security.ModifyAccessRule(System.Security.AccessControl.AccessControlModification.Add, AccessRule, out Result); if (!Result) { return(false); } Info.SetAccessControl(Security); return(true); }
public static void FolderDenyPermission(bool create, string tempPath) { var user = (Environment.UserDomainName + @"\" + Environment.UserName).TrimStart('\\'); var dirInfo = new System.IO.DirectoryInfo(tempPath); System.Security.AccessControl.DirectorySecurity dirSecurity; // ╔═════════════╦═════════════╦═══════════════════════════════╦════════════════════════╦══════════════════╦═══════════════════════╦═════════════╦═════════════╗ // ║ ║ folder only ║ folder, sub-folders and files ║ folder and sub-folders ║ folder and files ║ sub-folders and files ║ sub-folders ║ files ║ // ╠═════════════╬═════════════╬═══════════════════════════════╬════════════════════════╬══════════════════╬═══════════════════════╬═════════════╬═════════════╣ // ║ Propagation ║ none ║ none ║ none ║ none ║ InheritOnly ║ InheritOnly ║ InheritOnly ║ // ║ Inheritance ║ none ║ Container|Object ║ Container ║ Object ║ Container|Object ║ Container ║ Object ║ // ╚═════════════╩═════════════╩═══════════════════════════════╩════════════════════════╩══════════════════╩═══════════════════════╩═════════════╩═════════════╝ var rule = new System.Security.AccessControl.FileSystemAccessRule(user, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.InheritanceFlags.ContainerInherit | System.Security.AccessControl.InheritanceFlags.ObjectInherit, System.Security.AccessControl.PropagationFlags.None, System.Security.AccessControl.AccessControlType.Deny); if (create) { dirInfo.Create(); // Set DENY for current user. dirSecurity = dirInfo.GetAccessControl(); dirSecurity.AddAccessRule(rule); dirInfo.SetAccessControl(dirSecurity); } else { // Remove DENY for current user. dirSecurity = dirInfo.GetAccessControl(); dirSecurity.RemoveAccessRule(rule); dirInfo.SetAccessControl(dirSecurity); } }
static void _DfsGetPartsNoWildcard(string[] args, int startparts, int lastparts) { if (!dfs.DfsConfigExists(DFSXMLPATH)) { Console.Error.WriteLine("DFS not setup; use: {0} format", appname); SetFailure(); return; } if (args.Length < 2) { Console.Error.WriteLine("dfs get error: {0} dfs get <dfspath> <localpath>", appname); SetFailure(); return; } string dfspath = args[0]; if (dfspath.StartsWith("dfs://", StringComparison.OrdinalIgnoreCase)) { dfspath = dfspath.Substring(6); } if (dfspath.Length == 0) { Console.Error.WriteLine("Invalid dfspath"); SetFailure(); return; } string localpath = args[1]; //System.Threading.Thread.Sleep(8000); string localstartname = localpath; string localendname = ""; { // Remove ext... int ildot = localstartname.LastIndexOf('.'); if (-1 != ildot) { bool anotherdotcheck = (localstartname.Length - ildot <= 4); localstartname = localstartname.Substring(0, ildot); if (anotherdotcheck) { ildot = localstartname.LastIndexOf('.'); if (-1 != ildot) { if (localstartname.Length - ildot <= 4) { localstartname = localstartname.Substring(0, ildot); } } } } } localendname = localpath.Substring(localstartname.Length); // e.g. ".txt.gz" if (!localendname.EndsWith(".gz", StringComparison.OrdinalIgnoreCase)) { localendname += ".gz"; } localstartname += ".part"; { string edir = "."; string efile = localstartname + "*" + localendname; { int ilslash = efile.LastIndexOfAny(new char[] { '/', '\\' }); if (-1 != ilslash) { edir = efile.Substring(0, ilslash); efile = efile.Substring(ilslash + 1); } } string[] existparts = System.IO.Directory.GetFiles(edir, efile); if (existparts.Length != 0) { /* Console.Error.WriteLine("Abort: output files already exist"); SetFailure(); return; * */ if (QuietMode || !InteractiveMode) { Console.Error.WriteLine("The specified file(s) already exists locally: {0}", localstartname + "*" + localendname); SetFailure(); return; } Console.Write("The specified file(s) already exists locally; overwrite? "); ConsoleFlush(); for (; ; ) { string s = Console.ReadLine(); char ch = '\0'; if (0 != s.Length) { ch = char.ToUpper(s[0]); } if ('N' == ch) { Console.WriteLine(" Aborted by user"); return; } else if ('Y' == ch) { break; // ! } else { Console.Write("Overwrite, yes or no? "); ConsoleFlush(); } } // Delete them before writing; new output might have less part count. for (int i = 0; i < existparts.Length; i++) { System.IO.File.Delete(existparts[i]); } } } int ncpus = Surrogate.NumberOfProcessors; dfs dc = LoadDfsConfig(); dfs.DfsFile df = DfsFind(dc, dfspath); if (null == df) { Console.Error.WriteLine("Error: File not found in DFS: {0}", dfspath); SetFailure(); return; } Console.WriteLine("Getting GZip parts of DFS file '{1}'...", df.Nodes.Count, df.Name); List<System.Threading.Thread> threads = new List<System.Threading.Thread>(ncpus); GettingParts gp = new GettingParts(); gp.dc = dc; //gp.parts = df.Nodes; gp.parts = new List<dfs.DfsFile.FileNode>(); bool hitlimit = false; for (int dn = 0; dn < df.Nodes.Count; dn++) { if (dn > lastparts) { hitlimit = true; break; } gp.parts.Add(df.Nodes[dn]); } gp.nextpart = startparts; gp.localendname = localendname; gp.localstartname = localstartname; { System.Security.Principal.NTAccount nt = new System.Security.Principal.NTAccount(userdomain, dousername); System.Security.Principal.SecurityIdentifier secID = (System.Security.Principal.SecurityIdentifier)nt.Translate(typeof(System.Security.Principal.SecurityIdentifier)); System.Security.AccessControl.FileSystemAccessRule rule = new System.Security.AccessControl.FileSystemAccessRule(secID, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow); gp.rule = rule; } for (int i = 0; i < ncpus; i++) { System.Threading.Thread thd = new System.Threading.Thread(new System.Threading.ThreadStart(gp.threadproc)); thd.Start(); threads.Add(thd); } for (int i = 0; i < threads.Count; i++) { threads[i].Join(); } //if (verbose) { if (hitlimit) { Console.WriteLine("Done with partial get {0}-{1}", startparts, lastparts); } else { Console.WriteLine("Done"); } } Console.WriteLine("Files written to '{0}N{1}'", localstartname, localendname); }
public RootApplication(frmMenu frm) { #if DEBUG IsDebug = true; #endif Menu = frm; m_Documents.Add(null); // because the editor will just assign the current document into the current index // folders... EXEFolder = System.IO.Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location); InternalFolder = EXEFolder; SharedFolder = System.IO.Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData), AppName); ConfigFolder = SharedFolder; bool sharedCreated = false; // create shared folder and set permissions try { if (!System.IO.Directory.Exists(SharedFolder)) { System.IO.Directory.CreateDirectory(SharedFolder); System.Security.AccessControl.DirectorySecurity dirSecurity = System.IO.Directory.GetAccessControl(SharedFolder); System.Security.Principal.SecurityIdentifier user = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.BuiltinUsersSid, null); System.Security.AccessControl.FileSystemAccessRule newRule = new System.Security.AccessControl.FileSystemAccessRule(user, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.InheritanceFlags.ContainerInherit | System.Security.AccessControl.InheritanceFlags.ObjectInherit, System.Security.AccessControl.PropagationFlags.None, System.Security.AccessControl.AccessControlType.Allow); dirSecurity.AddAccessRule(newRule); System.IO.Directory.SetAccessControl(SharedFolder, dirSecurity); sharedCreated = true; } } catch (Exception ex) { MessageBox.Show("Cannot create required folder: " + SharedFolder + "\r\n" + "Error: " + ex); Application.Exit(); } #if DEBUG EXEFolder = "d:\\data\\ace\\SAW\\Installer\\installer files"; InternalFolder = EXEFolder; // config certainly needs to write back to the installation folder ConfigFolder = "d:\\data\\ace\\SAW\\test data"; SharedFolder = "d:\\data\\ace\\SAW\\test data"; #else // Temporary version using folder location for everything //SharedFolder = EXEFolder + System.IO.Path.DirectorySeparatorChar + "Data"; //ConfigFolder = SharedFolder; #endif Globals.Root = this; try { Log = new CLogFile(SharedFolder + System.IO.Path.DirectorySeparatorChar + "log.txt"); LogPermanent = new CLogFile(SharedFolder + System.IO.Path.DirectorySeparatorChar + "permanent.txt", 100000); LogPermanent.TimeStampEx = TimeStamps.Date; } catch (Exception ex) { MessageBox.Show("Could not create log files: " + ex.Message); } Log.WriteLine("Starting, version = " + SoftwareVersion.VersionString); Log.WriteLine("EXEFolder = " + EXEFolder); Log.WriteLine("SharedFolder = " + SharedFolder); Log.WriteLine("InternalFolder = " + InternalFolder); Log.WriteLine("OS = " + Environment.OSVersion); Log.WriteLine("64-bit = " + Environment.Is64BitOperatingSystem); Log.WriteLine("CLR = " + Environment.Version); Globals.CheckThemeOnStartup(); if (sharedCreated) { // need to copy across from Splash 1 if applicable LogPermanent.WriteLine("Shared folder created"); } Strings.Load(); Log.WriteLine("SystemDPI = " + GUIUtilities.SystemDPI); Functions.Verb.CreateList(); // must before any configs loaded Functions.SAWVerbs.RegisterVerbs(); // load configurations... Config.SystemConfig = LoadConfig("system" + Config.Extension, Config.Levels.System); Config.UserUser = LoadConfig("User" + Config.Extension, Config.Levels.User, "user_Default" + Config.Extension); Config.UserUser.EnsureUserResources(); if (!System.IO.Directory.Exists(Activities.ActivityConfigFolder)) { System.IO.Directory.CreateDirectory(Activities.ActivityConfigFolder); } // activities are now loaded as needed #if !DEBUG AppDomain.CurrentDomain.UnhandledException += frmErrorReport.UnhandledException; Application.ThreadException += frmErrorReport.ThreadException; #else Config.Delta.ApplyV8Changes(); #endif CurrentConfig = new AppliedConfig(); CurrentConfig.AddConfigAtEnd(Config.SystemConfig); CurrentConfig.AddConfigWithPriority(Config.UserUser); }
public UserAccessRights(string path, string UserId) { if ((!String.IsNullOrEmpty(UserId)) && !String.IsNullOrEmpty(path)) { NTAccount n = new NTAccount(UserId); _principalSid = (SecurityIdentifier)n.Translate(typeof(SecurityIdentifier)); this._path = path; System.IO.FileInfo fi = new System.IO.FileInfo(_path); AuthorizationRuleCollection acl = fi.GetAccessControl().GetAccessRules(true, true, typeof(SecurityIdentifier)); for (int i = 0; i < acl.Count; i++) { System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i]; if (_principalSid.Equals(rule.IdentityReference)) { if (System.Security.AccessControl.AccessControlType.Deny.Equals(rule.AccessControlType)) { if (Contains(FileSystemRights.AppendData, rule)) { _denyAppendData = true; } if (Contains(FileSystemRights.ChangePermissions, rule)) { _denyChangePermissions = true; } if (Contains(FileSystemRights.CreateDirectories, rule)) { _denyCreateDirectories = true; } if (Contains(FileSystemRights.CreateFiles, rule)) { _denyCreateFiles = true; } if (Contains(FileSystemRights.Delete, rule)) { _denyDelete = true; } if (Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) { _denyDeleteSubdirectoriesAndFiles = true; } if (Contains(FileSystemRights.ExecuteFile, rule)) { _denyExecuteFile = true; } if (Contains(FileSystemRights.FullControl, rule)) { _denyFullControl = true; } if (Contains(FileSystemRights.ListDirectory, rule)) { _denyListDirectory = true; } if (Contains(FileSystemRights.Modify, rule)) { _denyModify = true; } if (Contains(FileSystemRights.Read, rule)) { _denyRead = true; } if (Contains(FileSystemRights.ReadAndExecute, rule)) { _denyReadAndExecute = true; } if (Contains(FileSystemRights.ReadAttributes, rule)) { _denyReadAttributes = true; } if (Contains(FileSystemRights.ReadData, rule)) { _denyReadData = true; } if (Contains(FileSystemRights.ReadExtendedAttributes, rule)) { _denyReadExtendedAttributes = true; } if (Contains(FileSystemRights.ReadPermissions, rule)) { _denyReadPermissions = true; } if (Contains(FileSystemRights.Synchronize, rule)) { _denySynchronize = true; } if (Contains(FileSystemRights.TakeOwnership, rule)) { _denyTakeOwnership = true; } if (Contains(FileSystemRights.Traverse, rule)) { _denyTraverse = true; } if (Contains(FileSystemRights.Write, rule)) { _denyWrite = true; } if (Contains(FileSystemRights.WriteAttributes, rule)) { _denyWriteAttributes = true; } if (Contains(FileSystemRights.WriteData, rule)) { _denyWriteData = true; } if (Contains(FileSystemRights.WriteExtendedAttributes, rule)) { _denyWriteExtendedAttributes = true; } } else if (System.Security.AccessControl.AccessControlType.Allow.Equals(rule.AccessControlType)) { if (Contains(FileSystemRights.AppendData, rule)) { _allowAppendData = true; } if (Contains(FileSystemRights.ChangePermissions, rule)) { _allowChangePermissions = true; } if (Contains(FileSystemRights.CreateDirectories, rule)) { _allowCreateDirectories = true; } if (Contains(FileSystemRights.CreateFiles, rule)) { _allowCreateFiles = true; } if (Contains(FileSystemRights.Delete, rule)) { _allowDelete = true; } if (Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) { _allowDeleteSubdirectoriesAndFiles = true; } if (Contains(FileSystemRights.ExecuteFile, rule)) { _allowExecuteFile = true; } if (Contains(FileSystemRights.FullControl, rule)) { _allowFullControl = true; } if (Contains(FileSystemRights.ListDirectory, rule)) { _allowListDirectory = true; } if (Contains(FileSystemRights.Modify, rule)) { _allowModify = true; } if (Contains(FileSystemRights.Read, rule)) { _allowRead = true; } if (Contains(FileSystemRights.ReadAndExecute, rule)) { _allowReadAndExecute = true; } if (Contains(FileSystemRights.ReadAttributes, rule)) { _allowReadAttributes = true; } if (Contains(FileSystemRights.ReadData, rule)) { _allowReadData = true; } if (Contains(FileSystemRights.ReadExtendedAttributes, rule)) { _allowReadExtendedAttributes = true; } if (Contains(FileSystemRights.ReadPermissions, rule)) { _allowReadPermissions = true; } if (Contains(FileSystemRights.Synchronize, rule)) { _allowSynchronize = true; } if (Contains(FileSystemRights.TakeOwnership, rule)) { _allowTakeOwnership = true; } if (Contains(FileSystemRights.Traverse, rule)) { _allowTraverse = true; } if (Contains(FileSystemRights.Write, rule)) { _allowWrite = true; } if (Contains(FileSystemRights.WriteAttributes, rule)) { _allowWriteAttributes = true; } if (Contains(FileSystemRights.WriteData, rule)) { _allowWriteData = true; } if (Contains(FileSystemRights.WriteExtendedAttributes, rule)) { _allowWriteExtendedAttributes = true; } } } } /* * IdentityReferenceCollection groups = _principal.Groups; * for (int j = 0; j < groups.Count; j++) * { * for (int i = 0; i < acl.Count; i++) * { * System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i]; * if (groups[j].Equals(rule.IdentityReference)) * { * if (System.Security.AccessControl.AccessControlType.Deny.Equals(rule.AccessControlType)) * { * if (Contains(FileSystemRights.AppendData, rule)) _denyAppendData = true; * if (Contains(FileSystemRights.ChangePermissions, rule)) _denyChangePermissions = true; * if (Contains(FileSystemRights.CreateDirectories, rule)) _denyCreateDirectories = true; * if (Contains(FileSystemRights.CreateFiles, rule)) _denyCreateFiles = true; * if (Contains(FileSystemRights.Delete, rule)) _denyDelete = true; * if (Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) _denyDeleteSubdirectoriesAndFiles = true; * if (Contains(FileSystemRights.ExecuteFile, rule)) _denyExecuteFile = true; * if (Contains(FileSystemRights.FullControl, rule)) _denyFullControl = true; * if (Contains(FileSystemRights.ListDirectory, rule)) _denyListDirectory = true; * if (Contains(FileSystemRights.Modify, rule)) _denyModify = true; * if (Contains(FileSystemRights.Read, rule)) _denyRead = true; * if (Contains(FileSystemRights.ReadAndExecute, rule)) _denyReadAndExecute = true; * if (Contains(FileSystemRights.ReadAttributes, rule)) _denyReadAttributes = true; * if (Contains(FileSystemRights.ReadData, rule)) _denyReadData = true; * if (Contains(FileSystemRights.ReadExtendedAttributes, rule)) _denyReadExtendedAttributes = true; * if (Contains(FileSystemRights.ReadPermissions, rule)) _denyReadPermissions = true; * if (Contains(FileSystemRights.Synchronize, rule)) _denySynchronize = true; * if (Contains(FileSystemRights.TakeOwnership, rule)) _denyTakeOwnership = true; * if (Contains(FileSystemRights.Traverse, rule)) _denyTraverse = true; * if (Contains(FileSystemRights.Write, rule)) _denyWrite = true; * if (Contains(FileSystemRights.WriteAttributes, rule)) _denyWriteAttributes = true; * if (Contains(FileSystemRights.WriteData, rule)) _denyWriteData = true; * if (Contains(FileSystemRights.WriteExtendedAttributes, rule)) _denyWriteExtendedAttributes = true; * } * else if (System.Security.AccessControl.AccessControlType.Allow.Equals(rule.AccessControlType)) * { * if (Contains(FileSystemRights.AppendData, rule)) _allowAppendData = true; * if (Contains(FileSystemRights.ChangePermissions, rule)) _allowChangePermissions = true; * if (Contains(FileSystemRights.CreateDirectories, rule)) _allowCreateDirectories = true; * if (Contains(FileSystemRights.CreateFiles, rule)) _allowCreateFiles = true; * if (Contains(FileSystemRights.Delete, rule)) _allowDelete = true; * if (Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) _allowDeleteSubdirectoriesAndFiles = true; * if (Contains(FileSystemRights.ExecuteFile, rule)) _allowExecuteFile = true; * if (Contains(FileSystemRights.FullControl, rule)) _allowFullControl = true; * if (Contains(FileSystemRights.ListDirectory, rule)) _allowListDirectory = true; * if (Contains(FileSystemRights.Modify, rule)) _allowModify = true; * if (Contains(FileSystemRights.Read, rule)) _allowRead = true; * if (Contains(FileSystemRights.ReadAndExecute, rule)) _allowReadAndExecute = true; * if (Contains(FileSystemRights.ReadAttributes, rule)) _allowReadAttributes = true; * if (Contains(FileSystemRights.ReadData, rule)) _allowReadData = true; * if (Contains(FileSystemRights.ReadExtendedAttributes, rule)) _allowReadExtendedAttributes = true; * if (Contains(FileSystemRights.ReadPermissions, rule)) _allowReadPermissions = true; * if (Contains(FileSystemRights.Synchronize, rule)) _allowSynchronize = true; * if (Contains(FileSystemRights.TakeOwnership, rule)) _allowTakeOwnership = true; * if (Contains(FileSystemRights.Traverse, rule)) _allowTraverse = true; * if (Contains(FileSystemRights.Write, rule)) _allowWrite = true; * if (Contains(FileSystemRights.WriteAttributes, rule)) _allowWriteAttributes = true; * if (Contains(FileSystemRights.WriteData, rule)) _allowWriteData = true; * if (Contains(FileSystemRights.WriteExtendedAttributes, rule)) _allowWriteExtendedAttributes = true; * } * } * } * } */ } }
public void SetAccessRule(System.Security.AccessControl.FileSystemAccessRule rule) { }
public void RemoveAccessRuleSpecific(System.Security.AccessControl.FileSystemAccessRule rule) { }
public bool RemoveAccessRule(System.Security.AccessControl.FileSystemAccessRule rule) { throw null; }
public bool RemoveAccessRule(System.Security.AccessControl.FileSystemAccessRule rule) { return(default(bool)); }
static int _DfsGetBinaryNoWildCard(string dfspath, string targetFolder) { if (!targetFolder.EndsWith(@"\")) { targetFolder += @"\"; } if (!dfs.DfsConfigExists(DFSXMLPATH)) { Console.Error.WriteLine("DFS not setup; use: {0} format", appname); SetFailure(); return 0; } if (dfspath.StartsWith("dfs://", StringComparison.OrdinalIgnoreCase)) { dfspath = dfspath.Substring(6); } if (dfspath.Length == 0) { Console.Error.WriteLine("Invalid dfspath"); SetFailure(); return 0; } EnsureNetworkPath(targetFolder); if (!System.IO.Directory.Exists(targetFolder)) { Console.Error.WriteLine("Target folder is not found: {0}", targetFolder); return 0; } dfs dc = LoadDfsConfig(); dfs.DfsFile dfsf = DfsFind(dc, dfspath); if (null == dfsf) { Console.Error.WriteLine("Error: The specified file '{0}' does not exist in DFS", dfspath); SetFailure(); return 0; } int blobPadSize = MySpace.DataMining.DistributedObjects.Blob.padSize; const int MAX_SIZE_PER_RECEIVE = 0x400 * 16 * 4; int filesCount = 0; byte[] fbuf = new byte[MAX_SIZE_PER_RECEIVE]; System.Security.Principal.NTAccount nt = new System.Security.Principal.NTAccount(userdomain, dousername); System.Security.Principal.SecurityIdentifier secID = (System.Security.Principal.SecurityIdentifier)nt.Translate(typeof(System.Security.Principal.SecurityIdentifier)); System.Security.AccessControl.FileSystemAccessRule rule = new System.Security.AccessControl.FileSystemAccessRule(secID, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow); List<string> perrors = new List<string>(); foreach (dfs.DfsFile.FileNode node in dfsf.Nodes) { bool eof = false; bool newline = false; System.IO.Stream fs = null; System.IO.FileStream ft = null; try { fs = new DfsFileNodeStream(node, true, System.IO.FileMode.Open, System.IO.FileAccess.Read, System.IO.FileShare.Read, FILE_BUFFER_SIZE); { int xhead = StreamReadLoop(fs, fbuf, 4); if (4 == xhead) { int hlen = MySpace.DataMining.DistributedObjects.Entry.BytesToInt(fbuf); StreamReadExact(fs, fbuf, hlen - 4); } } while (!eof) { if (newline) { if (ft != null) { ft.Close(); ft = null; } } int xread = 0; while (xread < MAX_SIZE_PER_RECEIVE) { newline = false; int ib = fs.ReadByte(); if (ib == -1) { eof = true; break; } if ('\n' == ib) { newline = true; break; } if (ib != '\r') { fbuf[xread++] = (byte)ib; } } string s = System.Text.Encoding.UTF8.GetString(fbuf, 0, xread); if (s.Length > 0) { if (ft == null) { string targetPath = targetFolder + s.Substring(0, blobPadSize).Trim(); s = s.Substring(260); if (System.IO.File.Exists(targetPath)) { Console.Error.WriteLine("Warning: Local file overwritten: {0}", targetPath); } ft = new System.IO.FileStream(targetPath, System.IO.FileMode.Create, System.IO.FileAccess.Write, System.IO.FileShare.Read, FILE_BUFFER_SIZE); filesCount++; try { System.Security.AccessControl.FileSecurity fsec = new System.Security.AccessControl.FileSecurity(); fsec.AddAccessRule(rule); System.IO.File.SetAccessControl(targetPath, fsec); } catch (Exception e) { perrors.Add(e.ToString()); } } byte[] data = Convert.FromBase64String(s); ft.Write(data, 0, data.Length); } } } catch (Exception e) { Console.Error.WriteLine("Error: {0}", e.Message); } finally { if (ft != null) { ft.Close(); ft = null; } if (fs != null) { fs.Close(); fs = null; } } } if (perrors.Count > 0) { Console.Error.WriteLine("Error while assigning file permission to: {0}\\{1}", userdomain, dousername); foreach (string perr in perrors) { Console.Error.WriteLine(perr); } } return filesCount; }
// <dfspath> <localpath> static void _DfsGetNoWildcard(string[] args, int startparts, int lastparts) { //System.Threading.Thread.Sleep(8000); if (!dfs.DfsConfigExists(DFSXMLPATH)) { Console.Error.WriteLine("DFS not setup; use: {0} format", appname); SetFailure(); return; } if (args.Length < 2) { Console.Error.WriteLine("dfs get error: {0} dfs get <dfspath> <localpath>", appname); SetFailure(); return; } { string dfspath = args[0]; if (dfspath.StartsWith("dfs://", StringComparison.OrdinalIgnoreCase)) { dfspath = dfspath.Substring(6); } if (dfspath.Length == 0) { Console.Error.WriteLine("Invalid dfspath"); SetFailure(); return; } string localpath = args[1]; EnsureNetworkPath(localpath); if (localpath.EndsWith(".gz")) { //Console.Error.WriteLine("Error: dfs get not supported for GZip (.gz) files; use dfs getgzip"); //SetFailure(); _DfsGetPartsNoWildcard(args, startparts, lastparts); return; } if (!System.IO.File.Exists(localpath)) { string folderPath = localpath; System.IO.DirectoryInfo di = new System.IO.DirectoryInfo(folderPath); if (di.Exists) localpath += "\\" + args[0]; else if(!di.Parent.Exists) { Console.Error.WriteLine("Specified path does not exist, double check existance of the folders in the path"); return; } } if (System.IO.File.Exists(localpath)) { if (QuietMode || !InteractiveMode) { Console.Error.WriteLine("The specified file already exists locally: {0}", localpath); SetFailure(); return; } Console.Write("The specified file already exists locally; overwrite? "); ConsoleFlush(); for (; ; ) { string s = Console.ReadLine(); char ch = '\0'; if (0 != s.Length) { ch = char.ToUpper(s[0]); } if ('N' == ch) { Console.WriteLine(" Aborted by user"); return; } else if ('Y' == ch) { break; // ! } else { Console.Write("Overwrite, yes or no? "); ConsoleFlush(); } } } const int MAX_SIZE_PER_RECEIVE = 0x400 * 64; byte[] fbuf = new byte[MAX_SIZE_PER_RECEIVE]; dfs dc = LoadDfsConfig(); dfs.DfsFile dfsf = DfsFindAny(dc, dfspath); if (null == dfsf) { Console.Error.WriteLine("Error: The specified file '{0}' does not exist in DFS", dfspath); SetFailure(); return; } if (0 != string.Compare(dfsf.Type, DfsFileTypes.NORMAL, StringComparison.OrdinalIgnoreCase) && 0 != string.Compare(dfsf.Type, DfsFileTypes.BINARY_RECT, StringComparison.OrdinalIgnoreCase)) { Console.Error.WriteLine("DFS file '{0}' is not of expected type", dfsf.Name); SetFailure(); return; } bool warned = false; long curfilepos = 0; using (System.IO.FileStream _fs = new System.IO.FileStream(localpath, System.IO.FileMode.CreateNew, System.IO.FileAccess.Write, System.IO.FileShare.Read, FILE_BUFFER_SIZE)) { System.IO.Stream fs = _fs; /*if (localpath.EndsWith(".gz")) { //if (verbose) { Console.WriteLine("Warning: GZip (.gz) does not suport files over 4 GB in size; use 'dfs getgzip' if large file support is ever needed"); } fs = new System.IO.Compression.GZipStream(_fs, System.IO.Compression.CompressionMode.Compress); }*/ bool hitlimit = false; for (int dn = startparts; dn < dfsf.Nodes.Count; dn++) { if (dn > lastparts) { //if (verbose) { Console.WriteLine(" Done with partial get {0}-{1}", startparts, lastparts); } hitlimit = true; break; } dfs.DfsFile.FileNode node = dfsf.Nodes[dn]; if (curfilepos != node.Position) { if (-1 != node.Position) { if (!warned) { warned = true; if (startparts != 0) { LogOutput("1 or more parts of the file are not received. Index of parts for this file starts from 0 to " + (dfsf.Nodes.Count - 1).ToString()); } else { LogOutput("Warning: file positions do not line up; " + dfs.DFSXMLNAME + " or data-node chunks may be corrupted"); } //return; } } } using (System.IO.Stream _fc = new DfsFileNodeStream(node, true, System.IO.FileMode.Open, System.IO.FileAccess.Read, System.IO.FileShare.Read, FILE_BUFFER_SIZE)) { System.IO.Stream fc = _fc; if (1 == dc.slave.CompressDfsChunks) { fc = new System.IO.Compression.GZipStream(_fc, System.IO.Compression.CompressionMode.Decompress); } { int xread = StreamReadLoop(fc, fbuf, 4); if (4 == xread) { int hlen = MySpace.DataMining.DistributedObjects.Entry.BytesToInt(fbuf); StreamReadExact(fc, fbuf, hlen - 4); } } for (; ; ) { int xread = fc.Read(fbuf, 0, MAX_SIZE_PER_RECEIVE); if (xread <= 0) { break; } fs.Write(fbuf, 0, xread); curfilepos += xread; } fc.Close(); } } if (!hitlimit) { if (curfilepos != dfsf.Size) { if (-1 != dfsf.Size) { if (!warned) { warned = true; if (startparts != 0) { LogOutput("1 or more parts of the file are not received. Index of parts for this file starts from 0 to " + (dfsf.Nodes.Count - 1).ToString()); } else { LogOutput("Warning: file data received is not correct resulting size; " + dfs.DFSXMLNAME + " or data-node chunks may be corrupted"); } //return; } } } } fs.Close(); try { System.Security.Principal.NTAccount nt = new System.Security.Principal.NTAccount(userdomain, dousername); System.Security.Principal.SecurityIdentifier secID = (System.Security.Principal.SecurityIdentifier)nt.Translate(typeof(System.Security.Principal.SecurityIdentifier)); System.Security.AccessControl.FileSystemAccessRule rule = new System.Security.AccessControl.FileSystemAccessRule(secID, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow); System.Security.AccessControl.FileSecurity fsec = new System.Security.AccessControl.FileSecurity(); fsec.AddAccessRule(rule); System.IO.File.SetAccessControl(localpath, fsec); } catch(Exception e) { Console.Error.WriteLine("Error while assigning file permission to: {0}\\{1}", userdomain, dousername); Console.Error.WriteLine(e.ToString()); } } Console.WriteLine("Received {0} bytes to file {1}", curfilepos, localpath); } }
private void Directory_Copy_CatchUnauthorizedAccessException_UserExplicitDenyOnDestinationFolder(bool isNetwork) { UnitTestConstants.PrintUnitTestHeader(isNetwork); Console.WriteLine(); var gotException = false; var tempPath = System.IO.Path.GetTempPath(); if (isNetwork) { tempPath = Alphaleonis.Win32.Filesystem.Path.LocalToUnc(tempPath); } using (var rootDir = new TemporaryDirectory(tempPath, MethodBase.GetCurrentMethod().Name)) { var srcFolder = System.IO.Directory.CreateDirectory(System.IO.Path.Combine(rootDir.Directory.FullName, "Source Destination Folder")); var dstFolder = System.IO.Directory.CreateDirectory(System.IO.Path.Combine(rootDir.Directory.FullName, "Existing Destination Folder")); Console.WriteLine("Src Directory Path: [{0}]", srcFolder.FullName); Console.WriteLine("Dst Directory Path: [{0}]", dstFolder.FullName); UnitTestConstants.CreateDirectoriesAndFiles(srcFolder.FullName, 1, false, false, true); var user = (Environment.UserDomainName + @"\" + Environment.UserName).TrimStart('\\'); var rule = new System.Security.AccessControl.FileSystemAccessRule(user, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.InheritanceFlags.ContainerInherit | System.Security.AccessControl.InheritanceFlags.ObjectInherit, System.Security.AccessControl.PropagationFlags.None, System.Security.AccessControl.AccessControlType.Deny); // Set DENY for current user. var dirSecurity = dstFolder.GetAccessControl(); dirSecurity.AddAccessRule(rule); dstFolder.SetAccessControl(dirSecurity); try { Alphaleonis.Win32.Filesystem.Directory.Copy(srcFolder.FullName, dstFolder.FullName); } catch (Exception ex) { var exType = ex.GetType(); gotException = exType == typeof(UnauthorizedAccessException); Console.WriteLine("\n\tCaught {0} Exception: [{1}] {2}", gotException ? "EXPECTED" : "UNEXPECTED", exType.Name, ex.Message); } finally { // Remove DENY for current user. dirSecurity = dstFolder.GetAccessControl(); dirSecurity.RemoveAccessRule(rule); dstFolder.SetAccessControl(dirSecurity); } Assert.IsTrue(gotException, "The exception is not caught, but is expected to."); } Console.WriteLine(); }