private void File_SetAccessControl(bool isNetwork)
{
using (var tempRoot = new TemporaryDirectory(isNetwork))
{
var file = tempRoot.CreateFile();
Console.WriteLine("Input File Path: [{0}]", file.FullName);
var sysIO = System.IO.File.GetAccessControl(file.FullName);
var sysIOaccessRules = sysIO.GetAccessRules(true, true, typeof(NTAccount));
var alphaFS = Alphaleonis.Win32.Filesystem.File.GetAccessControl(file.FullName);
var alphaFSaccessRules = alphaFS.GetAccessRules(true, true, typeof(NTAccount));
Console.WriteLine("\n\tSystem.IO rules found: [{0}]\n\tAlphaFS rules found : [{1}]", sysIOaccessRules.Count, alphaFSaccessRules.Count);
Assert.AreEqual(sysIOaccessRules.Count, alphaFSaccessRules.Count);
// Sanity check.
UnitTestConstants.TestAccessRules(sysIO, alphaFS);
// Remove inherited properties.
// Passing true for first parameter protects the new permission from inheritance,
// and second parameter removes the existing inherited permissions
Console.WriteLine("\n\tRemove inherited properties and persist it.");
alphaFS.SetAccessRuleProtection(true, false);
Alphaleonis.Win32.Filesystem.File.SetAccessControl(file.FullName, alphaFS, AccessControlSections.Access);
// Re-read, using instance methods.
var sysIOfi = new System.IO.FileInfo(file.FullName);
var alphaFSfi = new Alphaleonis.Win32.Filesystem.FileInfo(file.FullName);
sysIO = sysIOfi.GetAccessControl(AccessControlSections.Access);
alphaFS = alphaFSfi.GetAccessControl(AccessControlSections.Access);
// Sanity check.
UnitTestConstants.TestAccessRules(sysIO, alphaFS);
// Restore inherited properties.
Console.WriteLine("\n\tRestore inherited properties and persist it.");
alphaFS.SetAccessRuleProtection(false, true);
Alphaleonis.Win32.Filesystem.File.SetAccessControl(file.FullName, alphaFS, AccessControlSections.Access);
// Re-read.
sysIO = System.IO.File.GetAccessControl(file.FullName, AccessControlSections.Access);
alphaFS = Alphaleonis.Win32.Filesystem.File.GetAccessControl(file.FullName, AccessControlSections.Access);
// Sanity check.
UnitTestConstants.TestAccessRules(sysIO, alphaFS);
}
}
//Returns the filename if successfull otherwise null
public static string RetrieveFileSecuritySDDL(string strFilePath, TextBox tbSecurityInfo)
{
string strFullFileName = strFilePath;
try
{
System.IO.FileInfo fiSelectedFile = new System.IO.FileInfo(strFullFileName);
System.Security.AccessControl.FileSecurity fsSelectedFile = fiSelectedFile.GetAccessControl();
tbSecurityInfo.Text = fiSelectedFile.FullName + "\r\n";
tbSecurityInfo.Text += fsSelectedFile.GetSecurityDescriptorSddlForm(System.Security.AccessControl.AccessControlSections.All);
}
catch (Exception eFailure)
{
Console.WriteLine(eFailure.Data.ToString());
return(null);
}
return(strFullFileName);
}
public FileSystemFile(FileSystemDirectory directory, System.IO.FileInfo file)
{
this.Directory = directory;
// alle filenames in lowercase!
this.Name = file.Name.ToLower();
this.Extension = file.Extension.ToLower();
this.Size = file.Length;
this.DateCreate = file.CreationTime;
this.DateWrite = file.LastWriteTime;
this.DateAccess = file.LastAccessTime;
System.Security.Principal.SecurityIdentifier sid = null;
try
{
System.Security.AccessControl.FileSecurity fileSecurity = file.GetAccessControl();
sid = fileSecurity.GetOwner(typeof(System.Security.Principal.SecurityIdentifier)) as System.Security.Principal.SecurityIdentifier;
System.Security.Principal.NTAccount ntAccount = sid.Translate(typeof(System.Security.Principal.NTAccount)) as System.Security.Principal.NTAccount;
this.Owner = ntAccount.Value;
}
catch (System.Security.Principal.IdentityNotMappedException ex)
{
if (sid != null)
{
this.Owner = sid.ToString();
}
else
{
this.Owner = "unknown";
}
}
catch (Exception ex)
{
this.Owner = "error:" + ex.ToString();
}
}
/// <span class="code-SummaryComment"><summary></span>
/// Supply the path to the file or directory and a user or group.
/// Access checks are done
/// during instantiation to ensure we always have a valid object
/// <span class="code-SummaryComment"></summary></span>
/// <span class="code-SummaryComment"><param name="path"></param></span>
/// <span class="code-SummaryComment"><param name="principal"></param></span>
public UserFileAccessRights(string path,
System.Security.Principal.WindowsIdentity principal)
{
this._path = path;
this._principal = principal;
try
{
System.IO.FileInfo fi = new System.IO.FileInfo(_path);
AuthorizationRuleCollection acl = fi.GetAccessControl().GetAccessRules
(true, true, typeof(SecurityIdentifier));
for (int i = 0; i < acl.Count; i++)
{
System.Security.AccessControl.FileSystemAccessRule rule =
(System.Security.AccessControl.FileSystemAccessRule)acl[i];
if (_principal.User.Equals(rule.IdentityReference))
{
if (System.Security.AccessControl.AccessControlType.Deny.Equals
(rule.AccessControlType))
{
if (contains(FileSystemRights.AppendData, rule))
{
_denyAppendData = true;
}
if (contains(FileSystemRights.ChangePermissions, rule))
{
_denyChangePermissions = true;
}
if (contains(FileSystemRights.CreateDirectories, rule))
{
_denyCreateDirectories = true;
}
if (contains(FileSystemRights.CreateFiles, rule))
{
_denyCreateFiles = true;
}
if (contains(FileSystemRights.Delete, rule))
{
_denyDelete = true;
}
if (contains(FileSystemRights.DeleteSubdirectoriesAndFiles,
rule))
{
_denyDeleteSubdirectoriesAndFiles = true;
}
if (contains(FileSystemRights.ExecuteFile, rule))
{
_denyExecuteFile = true;
}
if (contains(FileSystemRights.FullControl, rule))
{
_denyFullControl = true;
}
if (contains(FileSystemRights.ListDirectory, rule))
{
_denyListDirectory = true;
}
if (contains(FileSystemRights.Modify, rule))
{
_denyModify = true;
}
if (contains(FileSystemRights.Read, rule))
{
_denyRead = true;
}
if (contains(FileSystemRights.ReadAndExecute, rule))
{
_denyReadAndExecute = true;
}
if (contains(FileSystemRights.ReadAttributes, rule))
{
_denyReadAttributes = true;
}
if (contains(FileSystemRights.ReadData, rule))
{
_denyReadData = true;
}
if (contains(FileSystemRights.ReadExtendedAttributes, rule))
{
_denyReadExtendedAttributes = true;
}
if (contains(FileSystemRights.ReadPermissions, rule))
{
_denyReadPermissions = true;
}
if (contains(FileSystemRights.Synchronize, rule))
{
_denySynchronize = true;
}
if (contains(FileSystemRights.TakeOwnership, rule))
{
_denyTakeOwnership = true;
}
if (contains(FileSystemRights.Traverse, rule))
{
_denyTraverse = true;
}
if (contains(FileSystemRights.Write, rule))
{
_denyWrite = true;
}
if (contains(FileSystemRights.WriteAttributes, rule))
{
_denyWriteAttributes = true;
}
if (contains(FileSystemRights.WriteData, rule))
{
_denyWriteData = true;
}
if (contains(FileSystemRights.WriteExtendedAttributes, rule))
{
_denyWriteExtendedAttributes = true;
}
}
else if (System.Security.AccessControl.AccessControlType.
Allow.Equals(rule.AccessControlType))
{
if (contains(FileSystemRights.AppendData, rule))
{
_allowAppendData = true;
}
if (contains(FileSystemRights.ChangePermissions, rule))
{
_allowChangePermissions = true;
}
if (contains(FileSystemRights.CreateDirectories, rule))
{
_allowCreateDirectories = true;
}
if (contains(FileSystemRights.CreateFiles, rule))
{
_allowCreateFiles = true;
}
if (contains(FileSystemRights.Delete, rule))
{
_allowDelete = true;
}
if (contains(FileSystemRights.DeleteSubdirectoriesAndFiles,
rule))
{
_allowDeleteSubdirectoriesAndFiles = true;
}
if (contains(FileSystemRights.ExecuteFile, rule))
{
_allowExecuteFile = true;
}
if (contains(FileSystemRights.FullControl, rule))
{
_allowFullControl = true;
}
if (contains(FileSystemRights.ListDirectory, rule))
{
_allowListDirectory = true;
}
if (contains(FileSystemRights.Modify, rule))
{
_allowModify = true;
}
if (contains(FileSystemRights.Read, rule))
{
_allowRead = true;
}
if (contains(FileSystemRights.ReadAndExecute, rule))
{
_allowReadAndExecute = true;
}
if (contains(FileSystemRights.ReadAttributes, rule))
{
_allowReadAttributes = true;
}
if (contains(FileSystemRights.ReadData, rule))
{
_allowReadData = true;
}
if (contains(FileSystemRights.ReadExtendedAttributes, rule))
{
_allowReadExtendedAttributes = true;
}
if (contains(FileSystemRights.ReadPermissions, rule))
{
_allowReadPermissions = true;
}
if (contains(FileSystemRights.Synchronize, rule))
{
_allowSynchronize = true;
}
if (contains(FileSystemRights.TakeOwnership, rule))
{
_allowTakeOwnership = true;
}
if (contains(FileSystemRights.Traverse, rule))
{
_allowTraverse = true;
}
if (contains(FileSystemRights.Write, rule))
{
_allowWrite = true;
}
if (contains(FileSystemRights.WriteAttributes, rule))
{
_allowWriteAttributes = true;
}
if (contains(FileSystemRights.WriteData, rule))
{
_allowWriteData = true;
}
if (contains(FileSystemRights.WriteExtendedAttributes, rule))
{
_allowWriteExtendedAttributes = true;
}
}
}
}
IdentityReferenceCollection groups = _principal.Groups;
for (int j = 0; j < groups.Count; j++)
{
for (int i = 0; i < acl.Count; i++)
{
System.Security.AccessControl.FileSystemAccessRule rule =
(System.Security.AccessControl.FileSystemAccessRule)acl[i];
if (groups[j].Equals(rule.IdentityReference))
{
if (System.Security.AccessControl.AccessControlType.
Deny.Equals(rule.AccessControlType))
{
if (contains(FileSystemRights.AppendData, rule))
{
_denyAppendData = true;
}
if (contains(FileSystemRights.ChangePermissions, rule))
{
_denyChangePermissions = true;
}
if (contains(FileSystemRights.CreateDirectories, rule))
{
_denyCreateDirectories = true;
}
if (contains(FileSystemRights.CreateFiles, rule))
{
_denyCreateFiles = true;
}
if (contains(FileSystemRights.Delete, rule))
{
_denyDelete = true;
}
if (contains(FileSystemRights.
DeleteSubdirectoriesAndFiles, rule))
{
_denyDeleteSubdirectoriesAndFiles = true;
}
if (contains(FileSystemRights.ExecuteFile, rule))
{
_denyExecuteFile = true;
}
if (contains(FileSystemRights.FullControl, rule))
{
_denyFullControl = true;
}
if (contains(FileSystemRights.ListDirectory, rule))
{
_denyListDirectory = true;
}
if (contains(FileSystemRights.Modify, rule))
{
_denyModify = true;
}
if (contains(FileSystemRights.Read, rule))
{
_denyRead = true;
}
if (contains(FileSystemRights.ReadAndExecute, rule))
{
_denyReadAndExecute = true;
}
if (contains(FileSystemRights.ReadAttributes, rule))
{
_denyReadAttributes = true;
}
if (contains(FileSystemRights.ReadData, rule))
{
_denyReadData = true;
}
if (contains(FileSystemRights.
ReadExtendedAttributes, rule))
{
_denyReadExtendedAttributes = true;
}
if (contains(FileSystemRights.ReadPermissions, rule))
{
_denyReadPermissions = true;
}
if (contains(FileSystemRights.Synchronize, rule))
{
_denySynchronize = true;
}
if (contains(FileSystemRights.TakeOwnership, rule))
{
_denyTakeOwnership = true;
}
if (contains(FileSystemRights.Traverse, rule))
{
_denyTraverse = true;
}
if (contains(FileSystemRights.Write, rule))
{
_denyWrite = true;
}
if (contains(FileSystemRights.WriteAttributes, rule))
{
_denyWriteAttributes = true;
}
if (contains(FileSystemRights.WriteData, rule))
{
_denyWriteData = true;
}
if (contains(FileSystemRights.
WriteExtendedAttributes, rule))
{
_denyWriteExtendedAttributes = true;
}
}
else if (System.Security.AccessControl.AccessControlType.
Allow.Equals(rule.AccessControlType))
{
if (contains(FileSystemRights.AppendData, rule))
{
_allowAppendData = true;
}
if (contains(FileSystemRights.ChangePermissions, rule))
{
_allowChangePermissions = true;
}
if (contains(FileSystemRights.CreateDirectories, rule))
{
_allowCreateDirectories = true;
}
if (contains(FileSystemRights.CreateFiles, rule))
{
_allowCreateFiles = true;
}
if (contains(FileSystemRights.Delete, rule))
{
_allowDelete = true;
}
if (contains(FileSystemRights.
DeleteSubdirectoriesAndFiles, rule))
{
_allowDeleteSubdirectoriesAndFiles = true;
}
if (contains(FileSystemRights.ExecuteFile, rule))
{
_allowExecuteFile = true;
}
if (contains(FileSystemRights.FullControl, rule))
{
_allowFullControl = true;
}
if (contains(FileSystemRights.ListDirectory, rule))
{
_allowListDirectory = true;
}
if (contains(FileSystemRights.Modify, rule))
{
_allowModify = true;
}
if (contains(FileSystemRights.Read, rule))
{
_allowRead = true;
}
if (contains(FileSystemRights.ReadAndExecute, rule))
{
_allowReadAndExecute = true;
}
if (contains(FileSystemRights.ReadAttributes, rule))
{
_allowReadAttributes = true;
}
if (contains(FileSystemRights.ReadData, rule))
{
_allowReadData = true;
}
if (contains(FileSystemRights.
ReadExtendedAttributes, rule))
{
_allowReadExtendedAttributes = true;
}
if (contains(FileSystemRights.ReadPermissions, rule))
{
_allowReadPermissions = true;
}
if (contains(FileSystemRights.Synchronize, rule))
{
_allowSynchronize = true;
}
if (contains(FileSystemRights.TakeOwnership, rule))
{
_allowTakeOwnership = true;
}
if (contains(FileSystemRights.Traverse, rule))
{
_allowTraverse = true;
}
if (contains(FileSystemRights.Write, rule))
{
_allowWrite = true;
}
if (contains(FileSystemRights.WriteAttributes, rule))
{
_allowWriteAttributes = true;
}
if (contains(FileSystemRights.WriteData, rule))
{
_allowWriteData = true;
}
if (contains(FileSystemRights.WriteExtendedAttributes,
rule))
{
_allowWriteExtendedAttributes = true;
}
}
}
}
}
}
catch (Exception e)
{
//Deal with IO exceptions if you want
throw e;
}
}
/// <summary>
/// Gets a FileSecurity object that encapsulates the access control list (ACL) entries for the file described by the current FileInfo object.
/// </summary>
/// <returns></returns>
/// <exception cref="System.IO.IOException">An I/O error occurred while opening the file.</exception>
/// <exception cref="System.PlatformNotSupportedException">The current operating system is not Microsoft Windows 2000 or later.</exception>
/// <exception cref="System.Security.AccessControl.PrivilegeNotHeldException">The current system account does not have administrative privileges.</exception>
/// <exception cref="System.SystemException">The file could not be found.</exception>
/// <exception cref="System.UnauthorizedAccessException">
/// This operation is not supported on the current platform.
/// -or-
/// The caller does not have the required permission.</exception>
public System.Security.AccessControl.FileSecurity GetAccessControl()
{
return(_fileInfo.GetAccessControl());
}
public System.Security.AccessControl.FileSecurity GetAccessControl()
{
return(inner.GetAccessControl());
}
/// <summary>
/// Supply the path to the file or directory and a user or group.
/// Access checks are done
/// during instantiation to ensure we always have a valid object
/// </summary>
/// <param name="path"></param>
/// <param name="principal"></param>
public CheckUserFileAccessRights(string path,
System.Security.Principal.WindowsIdentity principal)
{
this._path = path;
this._principal = principal;
try
{
System.IO.FileInfo fi = new System.IO.FileInfo(_path);
AuthorizationRuleCollection acl = fi.GetAccessControl().GetAccessRules
(true, true, typeof(SecurityIdentifier));
for (int i = 0; i < acl.Count; i++)
{
System.Security.AccessControl.FileSystemAccessRule rule =
(System.Security.AccessControl.FileSystemAccessRule)acl[i];
if (_principal.User.Equals(rule.IdentityReference))
{
if (System.Security.AccessControl.AccessControlType.Deny.Equals
(rule.AccessControlType))
{
AuthorizationDenyAccess(rule);
}
else if (System.Security.AccessControl.AccessControlType.
Allow.Equals(rule.AccessControlType))
{
AuthorizationAllowAccess(rule);
}
}
}
IdentityReferenceCollection groups = _principal.Groups;
for (int j = 0; j < groups.Count; j++)
{
for (int i = 0; i < acl.Count; i++)
{
System.Security.AccessControl.FileSystemAccessRule rule =
(System.Security.AccessControl.FileSystemAccessRule)acl[i];
if (groups[j].Equals(rule.IdentityReference))
{
if (System.Security.AccessControl.AccessControlType.
Deny.Equals(rule.AccessControlType))
{
IdentityDenyAccess(rule);
}
else if (System.Security.AccessControl.AccessControlType.
Allow.Equals(rule.AccessControlType))
{
IdentityAllowAccess(rule);
}
}
}
}
}
catch (Exception e)
{
//Deal with IO exceptions if you want
//throw e;
AccessDenied();
}
}
private void File_SetAccessControl(bool isNetwork)
{
UnitTestConstants.PrintUnitTestHeader(isNetwork);
var tempPath = System.IO.Path.GetTempPath();
if (isNetwork)
{
tempPath = Alphaleonis.Win32.Filesystem.Path.LocalToUnc(tempPath);
}
using (var rootDir = new TemporaryDirectory(tempPath, "File.SetAccessControl"))
{
var file = rootDir.RandomFileFullPath + ".txt";
using (System.IO.File.Create(file)) {}
var sysIO = System.IO.File.GetAccessControl(file);
var sysIOaccessRules = sysIO.GetAccessRules(true, true, typeof(NTAccount));
var alphaFS = Alphaleonis.Win32.Filesystem.File.GetAccessControl(file);
var alphaFSaccessRules = alphaFS.GetAccessRules(true, true, typeof(NTAccount));
Console.WriteLine("\nInput File Path: [{0}]", file);
Console.WriteLine("\n\tSystem.IO rules found: [{0}]\n\tAlphaFS rules found : [{1}]", sysIOaccessRules.Count, alphaFSaccessRules.Count);
Assert.AreEqual(sysIOaccessRules.Count, alphaFSaccessRules.Count);
// Sanity check.
UnitTestConstants.TestAccessRules(sysIO, alphaFS);
// Remove inherited properties.
// Passing true for first parameter protects the new permission from inheritance,
// and second parameter removes the existing inherited permissions
Console.WriteLine("\n\tRemove inherited properties and persist it.");
alphaFS.SetAccessRuleProtection(true, false);
Alphaleonis.Win32.Filesystem.File.SetAccessControl(file, alphaFS, AccessControlSections.Access);
// Re-read, using instance methods.
var sysIOfi = new System.IO.FileInfo(file);
var alphaFSfi = new Alphaleonis.Win32.Filesystem.FileInfo(file);
sysIO = sysIOfi.GetAccessControl(AccessControlSections.Access);
alphaFS = alphaFSfi.GetAccessControl(AccessControlSections.Access);
// Sanity check.
UnitTestConstants.TestAccessRules(sysIO, alphaFS);
// Restore inherited properties.
Console.WriteLine("\n\tRestore inherited properties and persist it.");
alphaFS.SetAccessRuleProtection(false, true);
Alphaleonis.Win32.Filesystem.File.SetAccessControl(file, alphaFS, AccessControlSections.Access);
// Re-read.
sysIO = System.IO.File.GetAccessControl(file, AccessControlSections.Access);
alphaFS = Alphaleonis.Win32.Filesystem.File.GetAccessControl(file, AccessControlSections.Access);
// Sanity check.
UnitTestConstants.TestAccessRules(sysIO, alphaFS);
}
}
/// <summary>
/// Supply the path to the file or directory and a user or group.
/// Access checks are done
/// during instantiation to ensure we always have a valid object
/// </summary>
/// <param name="path"></param>
/// <param name="principal"></param>
public UserFileAccessRights(string path,
System.Security.Principal.WindowsIdentity principal)
{
this._path = path;
this._principal = principal;
string username = _principal.Name;
string domain = _principal.Name.Contains('\\') ? _principal.Name.Substring(0, _principal.Name.IndexOf('\\')) : "";
try {
System.IO.FileInfo fi = new System.IO.FileInfo(_path);
AuthorizationRuleCollection acl = fi.GetAccessControl().GetAccessRules
(true, true, typeof(NTAccount));
for (int i = 0; i < acl.Count; i++)
{
System.Security.AccessControl.FileSystemAccessRule rule =
(System.Security.AccessControl.FileSystemAccessRule)acl[i];
if (rule.IdentityReference.Value.ToLower() == username.ToLower())
{
if (System.Security.AccessControl.AccessControlType.Deny.Equals
(rule.AccessControlType))
{
if (contains(FileSystemRights.AppendData, rule))
{
_denyAppendData = true;
}
if (contains(FileSystemRights.CreateDirectories, rule))
{
_denyCreateDirectories = true;
}
if (contains(FileSystemRights.CreateFiles, rule))
{
_denyCreateFiles = true;
}
if (contains(FileSystemRights.Delete, rule))
{
_denyDelete = true;
}
if (contains(FileSystemRights.DeleteSubdirectoriesAndFiles,
rule))
{
_denyDeleteSubdirectoriesAndFiles = true;
}
if (contains(FileSystemRights.ExecuteFile, rule))
{
_denyExecuteFile = true;
}
if (contains(FileSystemRights.FullControl, rule))
{
_denyFullControl = true;
}
if (contains(FileSystemRights.ListDirectory, rule))
{
_denyListDirectory = true;
}
if (contains(FileSystemRights.Modify, rule))
{
_denyModify = true;
}
if (contains(FileSystemRights.Read, rule))
{
_denyRead = true;
}
if (contains(FileSystemRights.ReadAndExecute, rule))
{
_denyReadAndExecute = true;
}
if (contains(FileSystemRights.ReadAttributes, rule))
{
_denyReadAttributes = true;
}
if (contains(FileSystemRights.ReadData, rule))
{
_denyReadData = true;
}
if (contains(FileSystemRights.ReadExtendedAttributes, rule))
{
_denyReadExtendedAttributes = true;
}
if (contains(FileSystemRights.Traverse, rule))
{
_denyTraverse = true;
}
if (contains(FileSystemRights.Write, rule))
{
_denyWrite = true;
}
if (contains(FileSystemRights.WriteAttributes, rule))
{
_denyWriteAttributes = true;
}
if (contains(FileSystemRights.WriteData, rule))
{
_denyWriteData = true;
}
if (contains(FileSystemRights.WriteExtendedAttributes, rule))
{
_denyWriteExtendedAttributes = true;
}
}
else if (System.Security.AccessControl.AccessControlType.
Allow.Equals(rule.AccessControlType))
{
if (contains(FileSystemRights.AppendData, rule))
{
_allowAppendData = true;
}
if (contains(FileSystemRights.CreateDirectories, rule))
{
_allowCreateDirectories = true;
}
if (contains(FileSystemRights.CreateFiles, rule))
{
_allowCreateFiles = true;
}
if (contains(FileSystemRights.Delete, rule))
{
_allowDelete = true;
}
if (contains(FileSystemRights.DeleteSubdirectoriesAndFiles,
rule))
{
_allowDeleteSubdirectoriesAndFiles = true;
}
if (contains(FileSystemRights.ExecuteFile, rule))
{
_allowExecuteFile = true;
}
if (contains(FileSystemRights.FullControl, rule))
{
_allowFullControl = true;
}
if (contains(FileSystemRights.ListDirectory, rule))
{
_allowListDirectory = true;
}
if (contains(FileSystemRights.Modify, rule))
{
_allowModify = true;
}
if (contains(FileSystemRights.Read, rule))
{
_allowRead = true;
}
if (contains(FileSystemRights.ReadAndExecute, rule))
{
_allowReadAndExecute = true;
}
if (contains(FileSystemRights.ReadAttributes, rule))
{
_allowReadAttributes = true;
}
if (contains(FileSystemRights.ReadData, rule))
{
_allowReadData = true;
}
if (contains(FileSystemRights.ReadExtendedAttributes, rule))
{
_allowReadExtendedAttributes = true;
}
if (contains(FileSystemRights.Traverse, rule))
{
_allowTraverse = true;
}
if (contains(FileSystemRights.Write, rule))
{
_allowWrite = true;
}
if (contains(FileSystemRights.WriteAttributes, rule))
{
_allowWriteAttributes = true;
}
if (contains(FileSystemRights.WriteData, rule))
{
_allowWriteData = true;
}
if (contains(FileSystemRights.WriteExtendedAttributes, rule))
{
_allowWriteExtendedAttributes = true;
}
}
}
}
string[] groups = Roles.GetRolesForUser(_principal.Name);
for (int j = 0; j < groups.Length; j++)
{
for (int i = 0; i < acl.Count; i++)
{
System.Security.AccessControl.FileSystemAccessRule rule =
(System.Security.AccessControl.FileSystemAccessRule)acl[i];
if (rule.IdentityReference.Value.ToLower().EndsWith(groups[j] == "Authenticated Users" || groups[j] == "Administrators" ? groups[j].ToLower() : (domain.ToLower() + '\\' + groups[j].ToLower())))
{
if (System.Security.AccessControl.AccessControlType.
Deny.Equals(rule.AccessControlType))
{
if (contains(FileSystemRights.AppendData, rule))
{
_denyAppendData = true;
}
if (contains(FileSystemRights.CreateDirectories, rule))
{
_denyCreateDirectories = true;
}
if (contains(FileSystemRights.CreateFiles, rule))
{
_denyCreateFiles = true;
}
if (contains(FileSystemRights.Delete, rule))
{
_denyDelete = true;
}
if (contains(FileSystemRights.
DeleteSubdirectoriesAndFiles, rule))
{
_denyDeleteSubdirectoriesAndFiles = true;
}
if (contains(FileSystemRights.ExecuteFile, rule))
{
_denyExecuteFile = true;
}
if (contains(FileSystemRights.FullControl, rule))
{
_denyFullControl = true;
}
if (contains(FileSystemRights.ListDirectory, rule))
{
_denyListDirectory = true;
}
if (contains(FileSystemRights.Modify, rule))
{
_denyModify = true;
}
if (contains(FileSystemRights.Read, rule))
{
_denyRead = true;
}
if (contains(FileSystemRights.ReadAndExecute, rule))
{
_denyReadAndExecute = true;
}
if (contains(FileSystemRights.ReadAttributes, rule))
{
_denyReadAttributes = true;
}
if (contains(FileSystemRights.ReadData, rule))
{
_denyReadData = true;
}
if (contains(FileSystemRights.ReadExtendedAttributes, rule))
{
_denyReadExtendedAttributes = true;
}
if (contains(FileSystemRights.Traverse, rule))
{
_denyTraverse = true;
}
if (contains(FileSystemRights.Write, rule))
{
_denyWrite = true;
}
if (contains(FileSystemRights.WriteAttributes, rule))
{
_denyWriteAttributes = true;
}
if (contains(FileSystemRights.WriteData, rule))
{
_denyWriteData = true;
}
if (contains(FileSystemRights.
WriteExtendedAttributes, rule))
{
_denyWriteExtendedAttributes = true;
}
}
else if (System.Security.AccessControl.AccessControlType.
Allow.Equals(rule.AccessControlType))
{
if (contains(FileSystemRights.AppendData, rule))
{
_allowAppendData = true;
}
if (contains(FileSystemRights.CreateDirectories, rule))
{
_allowCreateDirectories = true;
}
if (contains(FileSystemRights.CreateFiles, rule))
{
_allowCreateFiles = true;
}
if (contains(FileSystemRights.Delete, rule))
{
_allowDelete = true;
}
if (contains(FileSystemRights.
DeleteSubdirectoriesAndFiles, rule))
{
_allowDeleteSubdirectoriesAndFiles = true;
}
if (contains(FileSystemRights.ExecuteFile, rule))
{
_allowExecuteFile = true;
}
if (contains(FileSystemRights.FullControl, rule))
{
_allowFullControl = true;
}
if (contains(FileSystemRights.ListDirectory, rule))
{
_allowListDirectory = true;
}
if (contains(FileSystemRights.Modify, rule))
{
_allowModify = true;
}
if (contains(FileSystemRights.Read, rule))
{
_allowRead = true;
}
if (contains(FileSystemRights.ReadAndExecute, rule))
{
_allowReadAndExecute = true;
}
if (contains(FileSystemRights.ReadAttributes, rule))
{
_allowReadAttributes = true;
}
if (contains(FileSystemRights.ReadData, rule))
{
_allowReadData = true;
}
if (contains(FileSystemRights.
ReadExtendedAttributes, rule))
{
_allowReadExtendedAttributes = true;
}
if (contains(FileSystemRights.Traverse, rule))
{
_allowTraverse = true;
}
if (contains(FileSystemRights.Write, rule))
{
_allowWrite = true;
}
if (contains(FileSystemRights.WriteAttributes, rule))
{
_allowWriteAttributes = true;
}
if (contains(FileSystemRights.WriteData, rule))
{
_allowWriteData = true;
}
if (contains(FileSystemRights.WriteExtendedAttributes,
rule))
{
_allowWriteExtendedAttributes = true;
}
}
}
}
}
} catch (Exception e) {
//Deal with IO exceptions if you want
throw e;
}
}
public UserAccessRights(string path, string UserId)
{
if ((!String.IsNullOrEmpty(UserId)) && !String.IsNullOrEmpty(path))
{
NTAccount n = new NTAccount(UserId);
_principalSid = (SecurityIdentifier)n.Translate(typeof(SecurityIdentifier));
this._path = path;
System.IO.FileInfo fi = new System.IO.FileInfo(_path);
AuthorizationRuleCollection acl = fi.GetAccessControl().GetAccessRules(true, true, typeof(SecurityIdentifier));
for (int i = 0; i < acl.Count; i++)
{
System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i];
if (_principalSid.Equals(rule.IdentityReference))
{
if (System.Security.AccessControl.AccessControlType.Deny.Equals(rule.AccessControlType))
{
if (Contains(FileSystemRights.AppendData, rule))
{
_denyAppendData = true;
}
if (Contains(FileSystemRights.ChangePermissions, rule))
{
_denyChangePermissions = true;
}
if (Contains(FileSystemRights.CreateDirectories, rule))
{
_denyCreateDirectories = true;
}
if (Contains(FileSystemRights.CreateFiles, rule))
{
_denyCreateFiles = true;
}
if (Contains(FileSystemRights.Delete, rule))
{
_denyDelete = true;
}
if (Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule))
{
_denyDeleteSubdirectoriesAndFiles = true;
}
if (Contains(FileSystemRights.ExecuteFile, rule))
{
_denyExecuteFile = true;
}
if (Contains(FileSystemRights.FullControl, rule))
{
_denyFullControl = true;
}
if (Contains(FileSystemRights.ListDirectory, rule))
{
_denyListDirectory = true;
}
if (Contains(FileSystemRights.Modify, rule))
{
_denyModify = true;
}
if (Contains(FileSystemRights.Read, rule))
{
_denyRead = true;
}
if (Contains(FileSystemRights.ReadAndExecute, rule))
{
_denyReadAndExecute = true;
}
if (Contains(FileSystemRights.ReadAttributes, rule))
{
_denyReadAttributes = true;
}
if (Contains(FileSystemRights.ReadData, rule))
{
_denyReadData = true;
}
if (Contains(FileSystemRights.ReadExtendedAttributes, rule))
{
_denyReadExtendedAttributes = true;
}
if (Contains(FileSystemRights.ReadPermissions, rule))
{
_denyReadPermissions = true;
}
if (Contains(FileSystemRights.Synchronize, rule))
{
_denySynchronize = true;
}
if (Contains(FileSystemRights.TakeOwnership, rule))
{
_denyTakeOwnership = true;
}
if (Contains(FileSystemRights.Traverse, rule))
{
_denyTraverse = true;
}
if (Contains(FileSystemRights.Write, rule))
{
_denyWrite = true;
}
if (Contains(FileSystemRights.WriteAttributes, rule))
{
_denyWriteAttributes = true;
}
if (Contains(FileSystemRights.WriteData, rule))
{
_denyWriteData = true;
}
if (Contains(FileSystemRights.WriteExtendedAttributes, rule))
{
_denyWriteExtendedAttributes = true;
}
}
else if (System.Security.AccessControl.AccessControlType.Allow.Equals(rule.AccessControlType))
{
if (Contains(FileSystemRights.AppendData, rule))
{
_allowAppendData = true;
}
if (Contains(FileSystemRights.ChangePermissions, rule))
{
_allowChangePermissions = true;
}
if (Contains(FileSystemRights.CreateDirectories, rule))
{
_allowCreateDirectories = true;
}
if (Contains(FileSystemRights.CreateFiles, rule))
{
_allowCreateFiles = true;
}
if (Contains(FileSystemRights.Delete, rule))
{
_allowDelete = true;
}
if (Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule))
{
_allowDeleteSubdirectoriesAndFiles = true;
}
if (Contains(FileSystemRights.ExecuteFile, rule))
{
_allowExecuteFile = true;
}
if (Contains(FileSystemRights.FullControl, rule))
{
_allowFullControl = true;
}
if (Contains(FileSystemRights.ListDirectory, rule))
{
_allowListDirectory = true;
}
if (Contains(FileSystemRights.Modify, rule))
{
_allowModify = true;
}
if (Contains(FileSystemRights.Read, rule))
{
_allowRead = true;
}
if (Contains(FileSystemRights.ReadAndExecute, rule))
{
_allowReadAndExecute = true;
}
if (Contains(FileSystemRights.ReadAttributes, rule))
{
_allowReadAttributes = true;
}
if (Contains(FileSystemRights.ReadData, rule))
{
_allowReadData = true;
}
if (Contains(FileSystemRights.ReadExtendedAttributes, rule))
{
_allowReadExtendedAttributes = true;
}
if (Contains(FileSystemRights.ReadPermissions, rule))
{
_allowReadPermissions = true;
}
if (Contains(FileSystemRights.Synchronize, rule))
{
_allowSynchronize = true;
}
if (Contains(FileSystemRights.TakeOwnership, rule))
{
_allowTakeOwnership = true;
}
if (Contains(FileSystemRights.Traverse, rule))
{
_allowTraverse = true;
}
if (Contains(FileSystemRights.Write, rule))
{
_allowWrite = true;
}
if (Contains(FileSystemRights.WriteAttributes, rule))
{
_allowWriteAttributes = true;
}
if (Contains(FileSystemRights.WriteData, rule))
{
_allowWriteData = true;
}
if (Contains(FileSystemRights.WriteExtendedAttributes, rule))
{
_allowWriteExtendedAttributes = true;
}
}
}
}
/*
* IdentityReferenceCollection groups = _principal.Groups;
* for (int j = 0; j < groups.Count; j++)
* {
* for (int i = 0; i < acl.Count; i++)
* {
* System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i];
* if (groups[j].Equals(rule.IdentityReference))
* {
* if (System.Security.AccessControl.AccessControlType.Deny.Equals(rule.AccessControlType))
* {
* if (Contains(FileSystemRights.AppendData, rule)) _denyAppendData = true;
* if (Contains(FileSystemRights.ChangePermissions, rule)) _denyChangePermissions = true;
* if (Contains(FileSystemRights.CreateDirectories, rule)) _denyCreateDirectories = true;
* if (Contains(FileSystemRights.CreateFiles, rule)) _denyCreateFiles = true;
* if (Contains(FileSystemRights.Delete, rule)) _denyDelete = true;
* if (Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) _denyDeleteSubdirectoriesAndFiles = true;
* if (Contains(FileSystemRights.ExecuteFile, rule)) _denyExecuteFile = true;
* if (Contains(FileSystemRights.FullControl, rule)) _denyFullControl = true;
* if (Contains(FileSystemRights.ListDirectory, rule)) _denyListDirectory = true;
* if (Contains(FileSystemRights.Modify, rule)) _denyModify = true;
* if (Contains(FileSystemRights.Read, rule)) _denyRead = true;
* if (Contains(FileSystemRights.ReadAndExecute, rule)) _denyReadAndExecute = true;
* if (Contains(FileSystemRights.ReadAttributes, rule)) _denyReadAttributes = true;
* if (Contains(FileSystemRights.ReadData, rule)) _denyReadData = true;
* if (Contains(FileSystemRights.ReadExtendedAttributes, rule)) _denyReadExtendedAttributes = true;
* if (Contains(FileSystemRights.ReadPermissions, rule)) _denyReadPermissions = true;
* if (Contains(FileSystemRights.Synchronize, rule)) _denySynchronize = true;
* if (Contains(FileSystemRights.TakeOwnership, rule)) _denyTakeOwnership = true;
* if (Contains(FileSystemRights.Traverse, rule)) _denyTraverse = true;
* if (Contains(FileSystemRights.Write, rule)) _denyWrite = true;
* if (Contains(FileSystemRights.WriteAttributes, rule)) _denyWriteAttributes = true;
* if (Contains(FileSystemRights.WriteData, rule)) _denyWriteData = true;
* if (Contains(FileSystemRights.WriteExtendedAttributes, rule)) _denyWriteExtendedAttributes = true;
* }
* else if (System.Security.AccessControl.AccessControlType.Allow.Equals(rule.AccessControlType))
* {
* if (Contains(FileSystemRights.AppendData, rule)) _allowAppendData = true;
* if (Contains(FileSystemRights.ChangePermissions, rule)) _allowChangePermissions = true;
* if (Contains(FileSystemRights.CreateDirectories, rule)) _allowCreateDirectories = true;
* if (Contains(FileSystemRights.CreateFiles, rule)) _allowCreateFiles = true;
* if (Contains(FileSystemRights.Delete, rule)) _allowDelete = true;
* if (Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) _allowDeleteSubdirectoriesAndFiles = true;
* if (Contains(FileSystemRights.ExecuteFile, rule)) _allowExecuteFile = true;
* if (Contains(FileSystemRights.FullControl, rule)) _allowFullControl = true;
* if (Contains(FileSystemRights.ListDirectory, rule)) _allowListDirectory = true;
* if (Contains(FileSystemRights.Modify, rule)) _allowModify = true;
* if (Contains(FileSystemRights.Read, rule)) _allowRead = true;
* if (Contains(FileSystemRights.ReadAndExecute, rule)) _allowReadAndExecute = true;
* if (Contains(FileSystemRights.ReadAttributes, rule)) _allowReadAttributes = true;
* if (Contains(FileSystemRights.ReadData, rule)) _allowReadData = true;
* if (Contains(FileSystemRights.ReadExtendedAttributes, rule)) _allowReadExtendedAttributes = true;
* if (Contains(FileSystemRights.ReadPermissions, rule)) _allowReadPermissions = true;
* if (Contains(FileSystemRights.Synchronize, rule)) _allowSynchronize = true;
* if (Contains(FileSystemRights.TakeOwnership, rule)) _allowTakeOwnership = true;
* if (Contains(FileSystemRights.Traverse, rule)) _allowTraverse = true;
* if (Contains(FileSystemRights.Write, rule)) _allowWrite = true;
* if (Contains(FileSystemRights.WriteAttributes, rule)) _allowWriteAttributes = true;
* if (Contains(FileSystemRights.WriteData, rule)) _allowWriteData = true;
* if (Contains(FileSystemRights.WriteExtendedAttributes, rule)) _allowWriteExtendedAttributes = true;
* }
* }
* }
* }
*/
}
}
/// <summary>
/// Supply the path to the file or directory and a user or group.
/// Access checks are done
/// during instantiation to ensure we always have a valid object
/// </summary>
/// <param name="path"></param>
/// <param name="principal"></param>
public CheckUserFileAccessRights(string path,
System.Security.Principal.WindowsIdentity principal)
{
this._path = path;
this._principal = principal;
try
{
System.IO.FileInfo fi = new System.IO.FileInfo(_path);
AuthorizationRuleCollection acl = fi.GetAccessControl().GetAccessRules
(true, true, typeof(SecurityIdentifier));
for (int i = 0; i < acl.Count; i++)
{
System.Security.AccessControl.FileSystemAccessRule rule =
(System.Security.AccessControl.FileSystemAccessRule)acl[i];
if (_principal.User.Equals(rule.IdentityReference))
{
if (System.Security.AccessControl.AccessControlType.Deny.Equals
(rule.AccessControlType))
{
AuthorizationDenyAccess(rule);
}
else if (System.Security.AccessControl.AccessControlType.
Allow.Equals(rule.AccessControlType))
{
AuthorizationAllowAccess(rule);
}
}
}
IdentityReferenceCollection groups = _principal.Groups;
for (int j = 0; j < groups.Count; j++)
{
for (int i = 0; i < acl.Count; i++)
{
System.Security.AccessControl.FileSystemAccessRule rule =
(System.Security.AccessControl.FileSystemAccessRule)acl[i];
if (groups[j].Equals(rule.IdentityReference))
{
if (System.Security.AccessControl.AccessControlType.
Deny.Equals(rule.AccessControlType))
{
IdentityDenyAccess(rule);
}
else if (System.Security.AccessControl.AccessControlType.
Allow.Equals(rule.AccessControlType))
{
IdentityAllowAccess(rule);
}
}
}
}
}
catch (Exception e)
{
//Deal with IO exceptions if you want
//throw e;
Console.WriteLine(e.Message);
AccessDenied();
}
}
