private void CreateFromParts(bool isContainer, bool isDS, ControlFlags flags, SecurityIdentifier owner, SecurityIdentifier group, SystemAcl systemAcl, DiscretionaryAcl discretionaryAcl) { if (systemAcl != null && systemAcl.IsContainer != isContainer) { throw new ArgumentException(Environment.GetResourceString(isContainer ? "AccessControl_MustSpecifyContainerAcl" : "AccessControl_MustSpecifyLeafObjectAcl"), "systemAcl"); } if (discretionaryAcl != null && discretionaryAcl.IsContainer != isContainer) { throw new ArgumentException(Environment.GetResourceString(isContainer ? "AccessControl_MustSpecifyContainerAcl" : "AccessControl_MustSpecifyLeafObjectAcl"), "discretionaryAcl"); } this._isContainer = isContainer; if (systemAcl != null && systemAcl.IsDS != isDS) { throw new ArgumentException(Environment.GetResourceString(isDS ? "AccessControl_MustSpecifyDirectoryObjectAcl" : "AccessControl_MustSpecifyNonDirectoryObjectAcl"), "systemAcl"); } if (discretionaryAcl != null && discretionaryAcl.IsDS != isDS) { throw new ArgumentException(Environment.GetResourceString(isDS ? "AccessControl_MustSpecifyDirectoryObjectAcl" : "AccessControl_MustSpecifyNonDirectoryObjectAcl"), "discretionaryAcl"); } this._isDS = isDS; this._sacl = systemAcl; if (discretionaryAcl == null) { discretionaryAcl = DiscretionaryAcl.CreateAllowEveryoneFullAccess(this._isDS, this._isContainer); } this._dacl = discretionaryAcl; ControlFlags controlFlags = flags | ControlFlags.DiscretionaryAclPresent; this._rawSd = new RawSecurityDescriptor(systemAcl != null ? controlFlags | ControlFlags.SystemAclPresent : controlFlags& ~ControlFlags.SystemAclPresent, owner, group, systemAcl == null ? (RawAcl)null : systemAcl.RawAcl, discretionaryAcl.RawAcl); }
private void CreateFromParts(bool isContainer, bool isDS, ControlFlags flags, SecurityIdentifier owner, SecurityIdentifier group, SystemAcl systemAcl, DiscretionaryAcl discretionaryAcl) { if (systemAcl != null && systemAcl.IsContainer != isContainer) { throw new ArgumentException( isContainer ? SR.AccessControl_MustSpecifyContainerAcl : SR.AccessControl_MustSpecifyLeafObjectAcl, nameof(systemAcl)); } if (discretionaryAcl != null && discretionaryAcl.IsContainer != isContainer) { throw new ArgumentException( isContainer ? SR.AccessControl_MustSpecifyContainerAcl : SR.AccessControl_MustSpecifyLeafObjectAcl, nameof(discretionaryAcl)); } _isContainer = isContainer; if (systemAcl != null && systemAcl.IsDS != isDS) { throw new ArgumentException( isDS ? SR.AccessControl_MustSpecifyDirectoryObjectAcl : SR.AccessControl_MustSpecifyNonDirectoryObjectAcl, nameof(systemAcl)); } if (discretionaryAcl != null && discretionaryAcl.IsDS != isDS) { throw new ArgumentException( isDS ? SR.AccessControl_MustSpecifyDirectoryObjectAcl : SR.AccessControl_MustSpecifyNonDirectoryObjectAcl, nameof(discretionaryAcl)); } _isDS = isDS; _sacl = systemAcl; // // Replace null DACL with an allow-all for everyone DACL // if (discretionaryAcl == null) { // // to conform to native behavior, we will add allow everyone ace for DACL // discretionaryAcl = DiscretionaryAcl.CreateAllowEveryoneFullAccess(_isDS, _isContainer); } _dacl = discretionaryAcl; // // DACL is never null. So always set the flag bit on // ControlFlags actualFlags = flags | ControlFlags.DiscretionaryAclPresent; // // Keep SACL and the flag bit in sync. // if (systemAcl == null) { unchecked { actualFlags &= ~(ControlFlags.SystemAclPresent); } } else { actualFlags |= (ControlFlags.SystemAclPresent); } _rawSd = new RawSecurityDescriptor(actualFlags, owner, group, systemAcl == null ? null : systemAcl.RawAcl, discretionaryAcl.RawAcl); }