public FileSystemSecurity GetSecurity(AccessControlSections sections)
{
lock (Lock) {
DirectorySecurity security = new DirectorySecurity();
if ((sections & AccessControlSections.Owner) != 0)
{
security.SetOwner(_directory.Owner);
}
if ((sections & AccessControlSections.Group) != 0)
{
security.SetGroup(_directory.Group);
}
if ((sections & AccessControlSections.Access) != 0)
{
foreach (var r in _fileSystem.GetAccessRules(_directory))
{
security.AddAccessRule(
new FileSystemAccessRule(r.IdentityReference, r.FileSystemRights, r.InheritanceFlags, r.PropagationFlags, r.AccessControlType));
}
}
if ((sections & AccessControlSections.Audit) != 0)
{
foreach (var r in _fileSystem.GetAuditRules(_directory))
{
security.AddAuditRule(
new FileSystemAuditRule(r.IdentityReference, r.FileSystemRights, r.InheritanceFlags, r.PropagationFlags, r.AuditFlags));
}
}
return(security);
}
}
public static void CreateFolderSecurity(string path)
{
DirectorySecurity directorySecurity = new DirectorySecurity();
directorySecurity.SetAccessRuleProtection(true, false);
//administrators
IdentityReference adminId = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
directorySecurity.AddAccessRule(new FileSystemAccessRule(adminId, FileSystemRights.FullControl
, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow));
// set the owner and the group to admins
directorySecurity.SetOwner(adminId);
directorySecurity.SetGroup(adminId);
string sDirPath;
sDirPath = path;
DirectoryInfo di = new DirectoryInfo(sDirPath);
if (di.Exists == false)
{
di.Create(directorySecurity);
}
}
private RawSecurityDescriptor CreateSecurityDescriptor(IEnumerable <IdentityRights> allowRights,
IEnumerable <IdentityRights> denyRights = null)
{
var security = new DirectorySecurity();
security.SetOwner(CurrentIdentity);
security.SetGroup(Group);
if (allowRights == null)
{
allowRights = Enumerable.Empty <IdentityRights>();
}
if (denyRights == null)
{
denyRights = Enumerable.Empty <IdentityRights>();
}
foreach (var right in allowRights)
{
security.AddAccessRule(new FileSystemAccessRule(right.Identity, right.Rights,
AccessControlType.Allow));
}
foreach (var right in denyRights)
{
security.AddAccessRule(new FileSystemAccessRule(right.Identity, right.Rights, AccessControlType.Deny));
}
var binaryDescriptor = security.GetSecurityDescriptorBinaryForm();
return(new RawSecurityDescriptor(binaryDescriptor, 0));
}
static IpfsDokan()
{
var everyone = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
var everyoneRead = new FileSystemAccessRule(everyone,
FileSystemRights.ReadAndExecute | FileSystemRights.ListDirectory,
AccessControlType.Allow);
readonlyFileSecurity.AddAccessRule(everyoneRead);
readonlyFileSecurity.SetOwner(everyone);
readonlyFileSecurity.SetGroup(everyone);
readonlyDirectorySecurity.AddAccessRule(everyoneRead);
readonlyDirectorySecurity.SetOwner(everyone);
readonlyDirectorySecurity.SetGroup(everyone);
}
public System.Security.AccessControl.DirectorySecurity GetDirectorySecurity(string path)
{
lock (lockThread)
{
Trace.WriteLine("Linux GetDirectorySecurity " + path);
var ds = new DirectorySecurity();
ds.SetOwner(new SecurityIdentifier(GetAttr(path, "system.nt_sec_desc.owner")));
ds.SetGroup(new SecurityIdentifier(GetAttr(path, "system.nt_sec_desc.group")));
var acls = GetAttr(path, "system.nt_sec_desc.acl.*");
foreach (var acl in acls.Split(','))
{
var part = acl.Split(':');
var part2 = part[1].Split('/');
var type = int.Parse(part2[0]);
var flags = int.Parse(part2[1]);
var access_mask = Convert.ToUInt32(part2[2], 16);
ds.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(part[0]), (FileSystemRights)access_mask, (AccessControlType)type));
}
return(ds);
}
}
