Beispiel #1
0
 /// <summary>
 ///为文件夹添加users,everyone用户组的完全控制权限
 /// </summary>
 /// <param name="dirPath"></param>
 public static void AddSecurityControll2Folder(string dirPath)
 {
     try
     {
         //获取文件夹信息
         DirectoryInfo dir = new DirectoryInfo(dirPath);
         //获得该文件夹的所有访问权限
         System.Security.AccessControl.DirectorySecurity dirSecurity = dir.GetAccessControl(AccessControlSections.All);
         //设定文件ACL继承
         InheritanceFlags inherits = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
         //添加ereryone用户组的访问权限规则 完全控制权限
         FileSystemAccessRule everyoneFileSystemAccessRule = new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
         //添加Users用户组的访问权限规则 完全控制权限
         FileSystemAccessRule usersFileSystemAccessRule = new FileSystemAccessRule("Users", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
         bool isModified = false;
         dirSecurity.ModifyAccessRule(AccessControlModification.Add, everyoneFileSystemAccessRule, out isModified);
         dirSecurity.ModifyAccessRule(AccessControlModification.Add, usersFileSystemAccessRule, out isModified);
         //设置访问权限
         dir.SetAccessControl(dirSecurity);
     }
     catch (Exception ex)
     {
         throw ex;
     }
     finally
     {
         Console.WriteLine("AddSecurityControll2Folder is executed.");
     }
 }
Beispiel #2
0
        /// <summary>
        /// 文件/文件夹权限修改
        /// </summary>
        /// <param name="fileSystemAccessRule">传入修改权限对象</param>
        /// <param name="path">路径</param>
        /// <param name="ifisFolder">是否为文件夹</param>
        public static void setAtrribute(FileSystemAccessRule fileSystemAccessRule, string path, int ifisFolder)
        {
            if (ifisFolder == 0)
            {
                FileInfo fileInfo = new FileInfo(path);
                //获得该文件的访问权限
                System.Security.AccessControl.FileSecurity fileSecurity = fileInfo.GetAccessControl();
                //添加ereryone用户组的访问权限规则 完全控制权限
                fileSecurity.AddAccessRule(fileSystemAccessRule);
                //设置访问权限
                fileInfo.SetAccessControl(fileSecurity);
            }
            else
            {
                DirectoryInfo dir = new DirectoryInfo(path);
                //获得该文件夹的所有访问权限
                System.Security.AccessControl.DirectorySecurity dirSecurity = dir.GetAccessControl(AccessControlSections.All);

                //添加ereryone用户组的访问权限规则 完全控制权限
                FileSystemAccessRule everyoneFileSystemAccessRule = fileSystemAccessRule;
                bool isModified = false;
                dirSecurity.ModifyAccessRule(AccessControlModification.Add, everyoneFileSystemAccessRule, out isModified);
                //设置访问权限
                dir.SetAccessControl(dirSecurity);
            }
        }
Beispiel #3
0
        /// <summary>
        /// 为文件夹添加完全访问权限
        /// </summary>
        /// <param name="filepath">文件夹路径</param>
        public void addSecurityControl(string filepath)
        {
            //获取文件夹信息
            DirectoryInfo dir = new DirectoryInfo(filepath);

            //获得该文件夹的所有访问权限
            System.Security.AccessControl.DirectorySecurity dirSecurity = dir.GetAccessControl(AccessControlSections.All);
            //设定文件ACL继承
            InheritanceFlags inherits = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
            //添加ereryone用户组的访问权限规则 完全控制权限
            FileSystemAccessRule everyoneFileSystemAccessRule = new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
            //添加Users用户组的访问权限规则 完全控制权限
            FileSystemAccessRule usersFileSystemAccessRule = new FileSystemAccessRule("Users", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
            bool isModified = false;

            dirSecurity.ModifyAccessRule(AccessControlModification.Add, everyoneFileSystemAccessRule, out isModified);
            dirSecurity.ModifyAccessRule(AccessControlModification.Add, usersFileSystemAccessRule, out isModified);
            //设置访问权限
            dir.SetAccessControl(dirSecurity);
        }
Beispiel #4
0
 /// <summary>
 ///设置目录权限
 /// </summary>
 /// <param name="path">目录的路径。</param>
 /// <param name="permission">在目录上设置的权限。</param>
 /// <returns>指示是否在目录上应用权限的值。</returns>
 public bool SetDirectoryPermission(string path, FileSystemRights permission)
 {
     try
     {
         if (!Directory.Exists(path))
         {
             return(false);
         }
         //获取文件夹信息
         DirectoryInfo dir = new DirectoryInfo(path);
         //获得该文件夹的所有访问权限
         System.Security.AccessControl.DirectorySecurity dirSecurity = dir.GetAccessControl(AccessControlSections.All);
         //设定文件ACL继承
         InheritanceFlags inherits = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
         //添加ereryone用户组的访问权限规则 完全控制权限
         FileSystemAccessRule everyoneFileSystemAccessRule = new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
         //添加Users用户组的访问权限规则 完全控制权限
         FileSystemAccessRule usersFileSystemAccessRule = new FileSystemAccessRule("Users", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
         bool isModified = false;
         dirSecurity.ModifyAccessRule(AccessControlModification.Add, everyoneFileSystemAccessRule, out isModified);
         dirSecurity.ModifyAccessRule(AccessControlModification.Add, usersFileSystemAccessRule, out isModified);
         //设置访问权限
         dir.SetAccessControl(dirSecurity);
         return(true);
     }
     catch (Exception e)
     {
         //throw new Exception(e.Message, e);
         return(false);
     }
     //权限追加
     //fileAcl.AddAccessRule(everyoneRule);
     //权限删除
     //fileAcl.RemoveAccessRule(everyoneRule);
     //从当前文件或目录移除所有匹配的允许或拒绝访问控制列表 (ACL) 权限。
     //fileAcl.RemoveAccessRuleAll(everyoneRule);
     //从当前文件或目录移除指定用户的所有访问控制列表 (ACL) 权限。
     //fileAcl.RemoveAccessRuleSpecific(everyoneRule);
     //从当前文件或目录移除单个匹配的允许或拒绝访问控制列表 (ACL) 权限。
 }
Beispiel #5
0
        /// <summary>
        /// 设置文件夹权限,处理为Everyone所有权限
        /// </summary>
        /// <param name="foldPath">文件夹路径</param>
        private void SetFileRole(string foldPath)
        {
            //DirectorySecurity fsec = new DirectorySecurity();
            //fsec.SetAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl,
            //InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
            //fsec.AddAccessRule(new FileSystemAccessRule
            //       ("Everyone", FileSystemRights.FullControl,
            //AccessControlType.Allow));
            //FileInfo fi = new FileInfo(foldPath);
            //FileSecurity fileSecurity = fi.GetAccessControl();
            //fileSecurity.AddAccessRule
            //    (new FileSystemAccessRule
            //        ("Everyone", FileSystemRights.FullControl,
            //        AccessControlType.Allow));
            //fi.SetAccessControl(fileSecurity);

            // 获取文件夹信息
            try
            {
                DirectoryInfo dir = new DirectoryInfo(foldPath);
                //获得该文件夹的所有访问权限
                System.Security.AccessControl.DirectorySecurity dirSecurity = dir.GetAccessControl(AccessControlSections.All);
                //设定文件ACL继承
                InheritanceFlags inherits = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
                //添加ereryone用户组的访问权限规则 完全控制权限
                FileSystemAccessRule everyoneFileSystemAccessRule = new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
                //添加Users用户组的访问权限规则 完全控制权限
                FileSystemAccessRule usersFileSystemAccessRule = new FileSystemAccessRule("Users", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
                bool isModified = false;
                dirSecurity.ModifyAccessRule(AccessControlModification.Add, everyoneFileSystemAccessRule, out isModified);
                dirSecurity.ModifyAccessRule(AccessControlModification.Add, usersFileSystemAccessRule, out isModified);
                //设置访问权限
                dir.SetAccessControl(dirSecurity);
            }
            catch (Exception ex)
            {
            }
        }
        /// <summary>
        ///为文件夹添加users,IIS_IUSRS用户组的完全控制权限
        /// </summary>
        /// <param name="dirPath"></param>
        public static void AddSecurityControll2Folder(string dirPath, AuthorizedUsers user)
        {
            //获取文件夹信息
            DirectoryInfo dir = new DirectoryInfo(dirPath);

            //获得该文件夹的所有访问权限
            System.Security.AccessControl.DirectorySecurity dirSecurity = dir.GetAccessControl(AccessControlSections.All);
            //设定文件ACL继承
            InheritanceFlags inherits = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
            //添加IIS_IUSRS用户组的访问权限规则 完全控制权限
            FileSystemAccessRule fileSystemAccessRule = new FileSystemAccessRule(EnumHelper.GetDescription(user), FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
            bool isModified = false;

            dirSecurity.ModifyAccessRule(AccessControlModification.Add, fileSystemAccessRule, out isModified);
            //设置访问权限
            dir.SetAccessControl(dirSecurity);
        }
        public static void AddSharePermissionToFolder(string folderPath, string domain, string accountName)
        {
            DirectoryInfo dir          = new DirectoryInfo(folderPath);
            string        fullUserName = domain + "\\" + accountName;

            //获得该文件夹的所有访问权限
            System.Security.AccessControl.DirectorySecurity dirSecurity = dir.GetAccessControl(AccessControlSections.All);
            InheritanceFlags inherits = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
            //添加Users用户组的访问权限规则 完全控制权限
            //FileSystemAccessRule usersFileSystemAccessRule = new FileSystemAccessRule("Users", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
            FileSystemAccessRule userRule = new FileSystemAccessRule(fullUserName, FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
            bool isModified = false;

            dirSecurity.ModifyAccessRule(AccessControlModification.Add, userRule, out isModified);
            //设置访问权限
            dir.SetAccessControl(dirSecurity);
        }
Beispiel #8
0
        /// <summary>
        ///为文件夹添加users,everyone用户组的完全控制权限
        /// </summary>
        /// <param name="dirPath"></param>
        public static void AddSecurityControllToFolder(string[] identities, string dirPath)
        {
            //获取文件夹信息
            DirectoryInfo dir = new DirectoryInfo(dirPath);

            //获得该文件夹的所有访问权限
            System.Security.AccessControl.DirectorySecurity dirSecurity = dir.GetAccessControl(AccessControlSections.Access);
            //设定文件ACL继承
            InheritanceFlags inherits   = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
            bool             isModified = false;

            foreach (var item in identities)
            {
                FileSystemAccessRule fileSystemAccessRule = new FileSystemAccessRule(item, FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
                dirSecurity.ModifyAccessRule(AccessControlModification.Add, fileSystemAccessRule, out isModified);
            }
            //设置访问权限
            dir.SetAccessControl(dirSecurity);
        }
Beispiel #9
0
 /// <summary>
 ///为文件夹添加users用户组的完全控制权限
 /// </summary>
 /// <param name="dirPath"></param>
 private bool AddSecurityControll2Folder(string dirPath)
 {
     try
     {
         //获取文件夹信息
         DirectoryInfo dir = new DirectoryInfo(dirPath);
         //获得该文件夹的所有访问权限
         System.Security.AccessControl.DirectorySecurity dirSecurity = dir.GetAccessControl(AccessControlSections.All);
         //设定文件ACL继承
         InheritanceFlags inherits = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
         //添加ereryone用户组的访问权限规则 完全控制权限
         FileSystemAccessRule everyoneFileSystemAccessRule = new FileSystemAccessRule("IIS_IUSRS", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);
         bool isModified = false;
         dirSecurity.ModifyAccessRule(AccessControlModification.Add, everyoneFileSystemAccessRule, out isModified);
         //设置访问权限
         dir.SetAccessControl(dirSecurity);
         return(isModified);
     }
     catch (Exception ex)
     {
         return(false);
     }
 }
Beispiel #10
0
        //http://www.west-wind.com/weblog/posts/4072.aspx
        public void SetFileSystemRights(string target, string group, FileSystemRights permission, DeploymentResult r)
        {
            if (!IsDirectory(target) && !IsFile(target))
                return;

            var oldSecurity = Directory.GetAccessControl(target);
            var newSecurity = new DirectorySecurity();

            newSecurity.SetSecurityDescriptorBinaryForm(oldSecurity.GetSecurityDescriptorBinaryForm());

            var accessRule = new FileSystemAccessRule(group,
                                                      permission,
                                                      InheritanceFlags.None,
                                                      PropagationFlags.NoPropagateInherit,
                                                      AccessControlType.Allow);
            bool result;
            newSecurity.ModifyAccessRule(AccessControlModification.Set, accessRule, out result);

            if (!result)
                r.AddError("Something wrong happened");

            accessRule = new FileSystemAccessRule(group,
                                                  permission,
                                                  InheritanceFlags.ContainerInherit |
                                                  InheritanceFlags.ObjectInherit,
                                                  PropagationFlags.InheritOnly,
                                                  AccessControlType.Allow);

            result = false;
            newSecurity.ModifyAccessRule(AccessControlModification.Add, accessRule, out result);
            if (!result)
                r.AddError("Something wrong happened");

            Directory.SetAccessControl(target, newSecurity);
            if (result)
                r.AddGood("Permissions set for '{0}' on folder '{1}'", group, target);

            if (!result) r.AddError("Something wrong happened");
        }