| static private AccessMaskFromRights ( FileSystemRights fileSystemRights, AccessControlType controlType ) : int | ||
| fileSystemRights | FileSystemRights | |
| controlType | AccessControlType | |
| return | int | |
public void RemoveAccessRuleSpecific(FileSystemAccessRule rule)
{
ArgumentNullException.ThrowIfNull(rule);
// If the rule to be removed matches what is there currently then
// remove it unaltered. That is, don't mask off the Synchronize bit
// This is to avoid dangling synchronize bit
AuthorizationRuleCollection rules = GetAccessRules(true, true, rule.IdentityReference.GetType());
for (int i = 0; i < rules.Count; i++)
{
if ((rules[i] is FileSystemAccessRule fsrule) && (fsrule.FileSystemRights == rule.FileSystemRights) &&
(fsrule.IdentityReference == rule.IdentityReference) &&
(fsrule.AccessControlType == rule.AccessControlType))
{
base.RemoveAccessRuleSpecific(rule);
return;
}
}
// Mask off the synchronize bit (that is automatically added for Allow)
// before removing the ACL. The logic here should be same as Deny and hence
// fake a call to AccessMaskFromRights as though the ACL is for Deny
FileSystemAccessRule ruleNew = new FileSystemAccessRule(
rule.IdentityReference,
FileSystemAccessRule.AccessMaskFromRights(rule.FileSystemRights, AccessControlType.Deny),
rule.IsInherited,
rule.InheritanceFlags,
rule.PropagationFlags,
rule.AccessControlType);
base.RemoveAccessRuleSpecific(ruleNew);
}
/// <summary>使用以下内容初始化 <see cref="T:System.Security.AccessControl.FileSystemAccessRule" /> 类的新实例:用户帐户的名称、指定与访问规则关联的操作的类型的值、确定如何继承权限的值、确定如何传播权限的值,以及指定是允许还是拒绝该操作的值。</summary>
/// <param name="identity">用户帐户的名称。</param>
/// <param name="fileSystemRights">
/// <see cref="T:System.Security.AccessControl.FileSystemRights" /> 值之一,该值指定与访问规则关联的操作的类型。</param>
/// <param name="inheritanceFlags">
/// <see cref="T:System.Security.AccessControl.InheritanceFlags" /> 值之一,该值指定访问掩码如何传播到子对象。</param>
/// <param name="propagationFlags">
/// <see cref="T:System.Security.AccessControl.PropagationFlags" /> 值之一,该值指定访问控制项 (ACE) 如何传播到子对象。</param>
/// <param name="type">
/// <see cref="T:System.Security.AccessControl.AccessControlType" /> 值之一,该值指定是允许还是拒绝该操作。</param>
/// <exception cref="T:System.ArgumentNullException">
/// <paramref name="identity" /> 参数为 null。</exception>
/// <exception cref="T:System.ArgumentOutOfRangeException">一个错误枚举被传递给 <paramref name="type " /> 参数。- 或 -一个错误枚举被传递给 <paramref name="inheritanceFlags " /> 参数。- 或 -一个错误枚举被传递给 <paramref name="propagationFlags " /> 参数。</exception>
public FileSystemAccessRule(string identity, FileSystemRights fileSystemRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type)
: this((IdentityReference) new NTAccount(identity), FileSystemAccessRule.AccessMaskFromRights(fileSystemRights, type), false, inheritanceFlags, propagationFlags, type)
{
}
/// <summary>使用以下内容初始化 <see cref="T:System.Security.AccessControl.FileSystemAccessRule" /> 类的新实例:对用户帐户的引用、指定与访问规则关联的操作的类型的值,以及指定是允许还是拒绝该操作的值。</summary>
/// <param name="identity">封装对用户帐户的引用的 <see cref="T:System.Security.Principal.IdentityReference" /> 对象。</param>
/// <param name="fileSystemRights">
/// <see cref="T:System.Security.AccessControl.FileSystemRights" /> 值之一,该值指定与访问规则关联的操作的类型。</param>
/// <param name="type">
/// <see cref="T:System.Security.AccessControl.AccessControlType" /> 值之一,该值指定是允许还是拒绝该操作。</param>
/// <exception cref="T:System.ArgumentException">
/// <paramref name="identity" /> 参数不是一个 <see cref="T:System.Security.Principal.IdentityReference" /> 对象。</exception>
/// <exception cref="T:System.ArgumentNullException">
/// <paramref name="identity" /> 参数为 null。</exception>
/// <exception cref="T:System.ArgumentOutOfRangeException">一个错误枚举被传递给 <paramref name="type " /> 参数。</exception>
public FileSystemAccessRule(IdentityReference identity, FileSystemRights fileSystemRights, AccessControlType type)
: this(identity, FileSystemAccessRule.AccessMaskFromRights(fileSystemRights, type), false, InheritanceFlags.None, PropagationFlags.None, type)
{
}
/// <summary>从当前文件或目录移除单个匹配的允许或拒绝访问控制列表 (ACL) 权限。</summary>
/// <param name="rule">一个 <see cref="T:System.Security.AccessControl.FileSystemAccessRule" /> 对象,该对象指定应该从文件或目录移除其访问控制列表 (ACL) 权限的用户。</param>
/// <exception cref="T:System.ArgumentNullException">
/// <paramref name="rule" /> 参数为 null。</exception>
public void RemoveAccessRuleSpecific(FileSystemAccessRule rule)
{
if (rule == null)
{
throw new ArgumentNullException("rule");
}
AuthorizationRuleCollection accessRules = this.GetAccessRules(true, true, rule.IdentityReference.GetType());
for (int index = 0; index < accessRules.Count; ++index)
{
FileSystemAccessRule systemAccessRule = accessRules[index] as FileSystemAccessRule;
if (systemAccessRule != null && systemAccessRule.FileSystemRights == rule.FileSystemRights && (systemAccessRule.IdentityReference == rule.IdentityReference && systemAccessRule.AccessControlType == rule.AccessControlType))
{
this.RemoveAccessRuleSpecific((AccessRule)rule);
return;
}
}
this.RemoveAccessRuleSpecific((AccessRule) new FileSystemAccessRule(rule.IdentityReference, FileSystemAccessRule.AccessMaskFromRights(rule.FileSystemRights, AccessControlType.Deny), rule.IsInherited, rule.InheritanceFlags, rule.PropagationFlags, rule.AccessControlType));
}
/// <summary>Initializes a new instance of the <see cref="T:System.Security.AccessControl.FileSystemAccessRule" /> class using the name of a user account, a value that specifies the type of operation associated with the access rule, and a value that describes whether to allow or deny the operation. </summary>
/// <param name="identity">The name of a user account.</param>
/// <param name="fileSystemRights">One of the <see cref="T:System.Security.AccessControl.FileSystemRights" /> values that specifies the type of operation associated with the access rule. </param>
/// <param name="type">One of the <see cref="T:System.Security.AccessControl.AccessControlType" /> values that specifies whether to allow or deny the operation.</param>
/// <exception cref="T:System.ArgumentNullException">The <paramref name="identity" /> parameter is <see langword="null" />.</exception>
/// <exception cref="T:System.ArgumentOutOfRangeException">An incorrect enumeration was passed to the <paramref name="type " />parameter.</exception>
// Token: 0x06001F36 RID: 7990 RVA: 0x0006D517 File Offset: 0x0006B717
public FileSystemAccessRule(string identity, FileSystemRights fileSystemRights, AccessControlType type) : this(new NTAccount(identity), FileSystemAccessRule.AccessMaskFromRights(fileSystemRights, type), false, InheritanceFlags.None, PropagationFlags.None, type)
{
}
public void RemoveAccessRuleSpecific(FileSystemAccessRule rule)
{
if (rule == null)
{
throw new ArgumentNullException("rule");
}
AuthorizationRuleCollection rules = base.GetAccessRules(true, true, rule.IdentityReference.GetType());
for (int i = 0; i < rules.Count; i++)
{
FileSystemAccessRule rule2 = rules[i] as FileSystemAccessRule;
if (((rule2 != null) && (rule2.FileSystemRights == rule.FileSystemRights)) && ((rule2.IdentityReference == rule.IdentityReference) && (rule2.AccessControlType == rule.AccessControlType)))
{
base.RemoveAccessRuleSpecific(rule);
return;
}
}
FileSystemAccessRule rule3 = new FileSystemAccessRule(rule.IdentityReference, FileSystemAccessRule.AccessMaskFromRights(rule.FileSystemRights, AccessControlType.Deny), rule.IsInherited, rule.InheritanceFlags, rule.PropagationFlags, rule.AccessControlType);
base.RemoveAccessRuleSpecific(rule3);
}
/// <summary>Removes all matching allow or deny access control list (ACL) permissions from the current file or directory.</summary>
/// <param name="rule">A <see cref="T:System.Security.AccessControl.FileSystemAccessRule" /> object that represents an access control list (ACL) permission to remove from a file or directory.</param>
/// <returns>
/// <see langword="true" /> if the access rule was removed; otherwise, <see langword="false" />.</returns>
/// <exception cref="T:System.ArgumentNullException">The <paramref name="rule" /> parameter is <see langword="null" />.</exception>
// Token: 0x06001F50 RID: 8016 RVA: 0x0006D8E4 File Offset: 0x0006BAE4
public bool RemoveAccessRule(FileSystemAccessRule rule)
{
if (rule == null)
{
throw new ArgumentNullException("rule");
}
AuthorizationRuleCollection accessRules = base.GetAccessRules(true, true, rule.IdentityReference.GetType());
for (int i = 0; i < accessRules.Count; i++)
{
FileSystemAccessRule fileSystemAccessRule = accessRules[i] as FileSystemAccessRule;
if (fileSystemAccessRule != null && fileSystemAccessRule.FileSystemRights == rule.FileSystemRights && fileSystemAccessRule.IdentityReference == rule.IdentityReference && fileSystemAccessRule.AccessControlType == rule.AccessControlType)
{
return(base.RemoveAccessRule(rule));
}
}
FileSystemAccessRule rule2 = new FileSystemAccessRule(rule.IdentityReference, FileSystemAccessRule.AccessMaskFromRights(rule.FileSystemRights, AccessControlType.Deny), rule.IsInherited, rule.InheritanceFlags, rule.PropagationFlags, rule.AccessControlType);
return(base.RemoveAccessRule(rule2));
}
