static public void Run() { var file = "sectest.txt"; File.WriteAllText(file, "File security."); var sid = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null); string usersAccount = sid.Translate(typeof(NTAccount)).ToString(); Console.WriteLine($"User: {usersAccount}"); FileSecurity sec = new FileSecurity(file, AccessControlSections.Owner | AccessControlSections.Group | AccessControlSections.Access); Console.WriteLine("AFTER CREATE:"); ShowSecurity(sec); sec.ModifyAccessRule(AccessControlModification.Add, new FileSystemAccessRule(usersAccount, FileSystemRights.Write, AccessControlType.Allow), out bool modified); Console.WriteLine("AFTER MODIFY:"); ShowSecurity(sec); File.Delete(file); }
public static void SetFolderPermissions(FileInfo Target, string ACLUser) { FileSecurity fileSec = Target.GetAccessControl(); FileSystemAccessRule fsRule = new FileSystemAccessRule(ACLUser, FileSystemRights.FullControl, AccessControlType.Allow); fileSec.AddAccessRule(fsRule); bool modified = false; fileSec.ModifyAccessRule(AccessControlModification.Add, fsRule, out modified); Target.SetAccessControl(fileSec); }
/// <summary> /// 添加 指定文件 指定用户 指定的 权限 /// </summary> /// <param name="FileName"></param> /// <param name="Account"></param> /// <param name="UserRights"></param> public static void AddFileSecurity(string FileName, string Account, string UserRights) { if (!File.Exists(FileName) || string.IsNullOrEmpty(Account)) { return; } FileSystemRights Rights = new FileSystemRights(); if (UserRights.IndexOf("R") >= 0) { Rights = Rights | FileSystemRights.Read; } if (UserRights.IndexOf("C") >= 0) { Rights = Rights | FileSystemRights.ChangePermissions; } if (UserRights.IndexOf("F") >= 0) { Rights = Rights | FileSystemRights.FullControl; } if (UserRights.IndexOf("W") >= 0) { Rights = Rights | FileSystemRights.Write; } if (UserRights.IndexOf("D") >= 0) { Rights = Rights | FileSystemRights.Delete; } bool ok; FileInfo fInfo = new FileInfo(FileName); FileSecurity fSecurity = fInfo.GetAccessControl(); InheritanceFlags iFlags = new InheritanceFlags(); iFlags = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit; FileSystemAccessRule AccessRule2 = new FileSystemAccessRule(Account, Rights, iFlags, PropagationFlags.None, AccessControlType.Allow); fSecurity.ModifyAccessRule(AccessControlModification.Add, AccessRule2, out ok); fInfo.SetAccessControl(fSecurity); }
private void saveAndExitButton_Click(object sender, EventArgs e) { AccessControlType ACT; switch (accessControlList.SelectedItem.ToString()) { case "Allow": ACT = AccessControlType.Allow; break; case "Deny": ACT = AccessControlType.Deny; break; default: ACT = rule.AccessControlType; break; } FileSystemRights FSR; switch (fileSystemRightsList.SelectedItem.ToString()) { case "Full Control": FSR = FileSystemRights.FullControl; break; case "Modify": FSR = FileSystemRights.Modify; break; case "Read and Execute": FSR = FileSystemRights.ReadAndExecute; break; case "Write": FSR = FileSystemRights.Write; break; case "Execute": FSR = FileSystemRights.ExecuteFile; break; case "Read": FSR = FileSystemRights.Read; break; case "Delete": FSR = FileSystemRights.Delete; break; default: FSR = rule.FileSystemRights; break; } FileSystemAccessRule FSAR = new FileSystemAccessRule(rule.IdentityReference.Value, FSR, ACT); bool modified; using (FileStream stream = File.Open(filename, FileMode.Open)) { FileSecurity securityDescriptor = stream.GetAccessControl(); AuthorizationRuleCollection rules = securityDescriptor.GetAccessRules(true, true, typeof(NTAccount)); securityDescriptor.ModifyAccessRule(AccessControlModification.Reset, FSAR, out modified); File.SetAccessControl(filename, securityDescriptor); } ACLView frm = new ACLView(filename); frm.Show(); this.Hide(); }