public void SecurityDescriptor()
{
DiscretionaryAcl dacl = new DiscretionaryAcl
{
//new AccessControlEntry<FileSystemRight>() { Allowed = true, Right = FileSystemRight.FullControl },
//new AccessControlEntry<UIRight>() { Allowed = true, Right = UIRight.FullControl },
//new AccessControlEntry<UIRight>() { Allowed = false, Right = UIRight.Enabled },
//new AccessControlEntry<FileSystemRight>() { Allowed = false, Right = FileSystemRight.Execute }
};
SystemAcl sacl = new SystemAcl
{
//new AccessControlEntryAudit<FileSystemRight>() { Allowed = true, Denied = false, Right = FileSystemRight.FullControl },
//new AccessControlEntryAudit<UIRight>() { Allowed = true, Denied = true, Right = UIRight.FullControl },
//new AccessControlEntryAudit<UIRight>() { Allowed = false, Denied = false, Right = UIRight.Enabled },
//new AccessControlEntryAudit<FileSystemRight>() { Allowed = false, Denied = true, Right = FileSystemRight.Execute }
};
SecurityDescriptor sd = new SecurityDescriptor()
{
Dacl = dacl,
Sacl = sacl
};
//sd.Eval<UIRight>();
sd.Eval();
}
int EvalRights(int allowedMask, int deniedMask)
{
Type rightType = Ace.RightData.RightType;
IAccessControlEntry allowedAce = AccessControlEntryUtilities.MakeGenericAceFromType(rightType);
allowedAce.Allowed = true;
allowedAce.SetRight(allowedMask.ToString());
IAccessControlEntry deniedAce = AccessControlEntryUtilities.MakeGenericAceFromType(rightType);
deniedAce.Allowed = false;
deniedAce.SetRight(deniedMask.ToString());
_sd.Clear();
_sd.Dacl.Add(allowedAce);
_sd.Dacl.Add(deniedAce);
_sd.Eval(rightType);
//suppress reentrancy into this function: IsChecked=true fires CheckBox_Checked
_suppressRightsEval = true;
int mask = 0;
foreach (CheckBox cb in this.Items)
{
cb.IsChecked = _sd.Results.GetByTypeRight(rightType, (int)cb.Content).AccessAllowed;
if (cb.IsChecked.Value)
{
mask |= (int)cb.Content;
}
}
_suppressRightsEval = false;
return(mask);
}