/// <summary>
/// Commits any pending changes to the directory specified by the supplied path.
/// </summary>
/// <param name="path">The path to the directory to commit changes on.</param>
/// <param name="security">The DirectorySecurity object of the directory that will be changed.</param>
/// <returns>True if the changes were commited. False if the directory does not exist,
/// or the current process does not have sufficient access to the specified path, or the
/// current operating system in not Windows 2000 or later.</returns>
static public bool CommitChanges(string path, ref DirectorySecurity security)
{
// Check that a path and security object were supplied.
if (!string.IsNullOrEmpty(path) && security != null)
{
// Check whether the directory exits.
if (SystemDirectory.Exists(path))
{
try
{
SystemDirectory.SetAccessControl(path, security);
return(true);
}
catch (UnauthorizedAccessException)
{
// The current process does not have access to the directory specified by path.
// Or the current process does not have sufficient privilege to set the ACL entry.
return(false);
}
catch (PlatformNotSupportedException)
{
// The current operating system is not Windows 2000 or later.
return(false);
}
}
else
{
// The directory does not exist.
return(false);
}
}
// The path or security object were not supplied.
return(false);
}
/// <summary>
/// Removes all access rules from the supplied directory.
/// </summary>
/// <param name="path">The path to the directory to remove all access rules from.</param>
/// <param name="security">The DirectorySecurity object of the directory that will be changed.</param>
/// <param name="commitChanges">Indicates whether changes should be commited to this directory. Useful when combining multiple commands.</param>
/// <returns>True if all rules were removed. False if an error occurred.</returns>
static public bool RemoveAllAccessRules(string path, ref DirectorySecurity security, bool commitChanges)
{
// Check whether a path and security object were supplied.
if (!string.IsNullOrEmpty(path) && security != null)
{
// A path and security object were supplied.
// Check whether the path exists.
if (SystemDirectory.Exists(path))
{
// The directory exists.
try
{
// Get all the authorization rules for the directory.
AuthorizationRuleCollection ruleCollection = security.GetAccessRules(true, true, typeof(SecurityIdentifier));
// Remove all the authorization rules for the entry.
foreach (FileSystemAccessRule rule in ruleCollection)
{
security.RemoveAccessRuleSpecific(rule);
}
// Commit the changes if necessary.
if (commitChanges)
{
try
{
SystemDirectory.SetAccessControl(path, security);
}
catch (UnauthorizedAccessException)
{
// The current process does not have access to the directory specified by path.
// Or the current process does not have sufficient privilege to set the ACL entry.
return(false);
}
catch (PlatformNotSupportedException)
{
// The current operating system is not Windows 2000 or later.
return(false);
}
}
return(true);
}
catch
{
// There was an error removing the rules.
return(false);
}
}
else
{
// The directory does not exist.
return(false);
}
}
else
{
// An directory or security object were not supplied.
return(false);
}
}
/// <summary>
/// Sets the owner of a directory.
/// </summary>
/// <param name="path">The path to the directory to have the ownership set on.</param>
/// <param name="security">The DirectorySecurity object of the directory that will be changed.</param>
/// <param name="ownerSid">The security identifier (SID) of the account that should take ownership of the entry.</param>
/// <param name="commitChanges">Indicates whether changes should be commited to this entry. Useful when combining multiple commands.</param>
/// <returns>True if the ownership could be set. False otherwise.</returns>
static public bool SetOwner(string path, ref DirectorySecurity security, byte[] ownerSid, bool commitChanges)
{
// Check whether a path, security object, and owner were supplied.
if (!string.IsNullOrEmpty(path) && security != null && ownerSid != null)
{
// A path, security object, and owner were supplied.
// Check whether the directory exists.
if (SystemDirectory.Exists(path))
{
try
{
// Get the security identifier (SID) of the owner.
SecurityIdentifier sid = new SecurityIdentifier(ownerSid, 0);
// Set the owner of the directory to the SID of the owner entry.
security.SetOwner(sid);
// Commit the changes if necessary.
if (commitChanges)
{
try
{
SystemDirectory.SetAccessControl(path, security);
}
catch (UnauthorizedAccessException)
{
// The current process does not have access to the directory specified by path.
// Or the current process does not have sufficient privilege to set the ACL entry.
return(false);
}
catch (PlatformNotSupportedException)
{
// The current operating system is not Windows 2000 or later.
return(false);
}
}
return(true);
}
catch
{
// There was an error changing the owner of the directory.
return(false);
}
}
else
{
// The directory does not exist.
return(false);
}
}
else
{
// A path, security object, and owner were not supplied.
return(false);
}
}
/// <summary>
/// Blocks inheritance on this directory.
/// </summary>
/// <param name="path">The path to the directory to block inheritance on.</param>
/// <param name="security">The DirectorySecurity object of the directory that will be changed.</param>
/// <param name="addInheritedPermissions">If true, copies the directory's inherited permissions as explicit permissions on the directory.</param>
/// <param name="commitChanges">Indicates whether changes should be commited to this entry. Useful when combining multiple commands.</param>
/// <returns>True if inheritance was blocked on the directory, false if the directory does not exist, or inheritance could not be
/// blocked.</returns>
static public bool BlockInheritance(string path, ref DirectorySecurity security, bool addInheritedPermissions, bool commitChanges)
{
// Check whether a path and security object were supplied.
if (!string.IsNullOrEmpty(path) && security != null)
{
// A path and security object were supplied.
// Check whether the directory exists.
if (SystemDirectory.Exists(path))
{
// The directory exists.
// Remove inheritance from the directory and copy inherited permissions if necessary.
try
{
security.SetAccessRuleProtection(true, addInheritedPermissions);
}
catch (InvalidOperationException)
{
// This method attempted to remove inherited rules from a non-canonical Discretionary Access Control List (DACL).
return(false);
}
// Commit the changes if necessary.
if (commitChanges)
{
try
{
SystemDirectory.SetAccessControl(path, security);
}
catch (UnauthorizedAccessException)
{
// The current process does not have access to the directory specified by path.
// Or the current process does not have sufficient privilege to set the ACL entry.
return(false);
}
catch (PlatformNotSupportedException)
{
// The current operating system is not Windows 2000 or later.
return(false);
}
}
return(true);
}
else
{
// The directory does not exist.
return(false);
}
}
else
{
// A path or security object were not supplied.
return(false);
}
}
// ----- VARIABLES -----
// ----- PROPERTITES -----
// ----- CONSTRUCTORS -----
// ----- METHODS -----
/// <summary>
/// Adds an access rule to the directory at the supplied path.
/// </summary>
/// <param name="path">The path to the directory to add the rule to.</param>
/// <param name="security">The DirectorySecurity object of the directory that will be changed.</param>
/// <param name="rule">The rule to add to the directory.</param>
/// <param name="commitChanges">Indicates whether changes should be commited to this directory. Useful when combining multiple commands.</param>
/// <returns>True if the rule was added. False if the directory does not exist, the rule is null, or the process does not have access to
/// the specified path, or does not have sufficient access to change the ACL entry of the directory, or the operating system is not Windows
/// 2000 or later.</returns>
static public bool AddAccessRule(string path, ref DirectorySecurity security, FileSystemAccessRule rule, bool commitChanges)
{
// Check that a path, security object, and rule are supplied.
if (!string.IsNullOrEmpty(path) && security != null && rule != null)
{
// A path, security object, and rule are supplied.
// Check whether the directory exits.
if (SystemDirectory.Exists(path))
{
// Add the access rule to the directory.
security.AddAccessRule(rule);
// Commit the changes if necessary.
if (commitChanges)
{
try
{
SystemDirectory.SetAccessControl(path, security);
}
catch (UnauthorizedAccessException)
{
// The current process does not have access to the directory specified by the path.
// Or the current process does not have sufficient privilege to set the ACL entry.
return(false);
}
catch (PlatformNotSupportedException)
{
// The current operating system is not Windows 2000 or later.
return(false);
}
}
return(true);
}
else
{
// The directory does not exist.
return(false);
}
}
else
{
// A path, security object, and rule were not supplied.
return(false);
}
}
public void SetAccessControl(DirectorySecurity directorySecurity)
{
Directory.SetAccessControl(FullPath, directorySecurity);
}
public override void SetAccessControl(string path, DirectorySecurity directorySecurity)
{
Directory.SetAccessControl(path, directorySecurity);
}
