public static Boolean CreateDir(String strSitePath, String strUserName) { Boolean bOk; try { Directory.CreateDirectory(strSitePath); SecurityDescriptor secDesc = SecurityDescriptor.GetFileSecurity(strSitePath, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION); Dacl dacl = secDesc.Dacl; Sid sidUser = new Sid(strUserName); // allow: folder, subfolder and files // modify dacl.AddAce(new AceAccessAllowed(sidUser, AccessType.GENERIC_WRITE | AccessType.GENERIC_READ | AccessType.DELETE | AccessType.GENERIC_EXECUTE, AceFlags.OBJECT_INHERIT_ACE | AceFlags.CONTAINER_INHERIT_ACE)); // deny: this folder // write attribs // write extended attribs // delete // change permissions // take ownership DirectoryAccessType DAType = DirectoryAccessType.FILE_WRITE_ATTRIBUTES | DirectoryAccessType.FILE_WRITE_EA | DirectoryAccessType.DELETE | DirectoryAccessType.WRITE_OWNER | DirectoryAccessType.WRITE_DAC; AccessType AType = (AccessType)DAType; dacl.AddAce(new AceAccessDenied(sidUser, AType)); secDesc.SetDacl(dacl); secDesc.SetFileSecurity(strSitePath, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION); bOk = true; } catch { bOk = false; } return(bOk); } /* CreateDir */
/// <summary> /// 对用户 strUserName 赋予对文件夹strSitePath 所有的访问权限 /// </summary> /// <param name="strSitePath"></param> /// <param name="strUserName"></param> /// <returns></returns> public static Boolean SetDirPermission(String strSitePath, String strUserName) { bool IsDir = false; if (System.IO.File.Exists(strSitePath)) { IsDir = false; } else if (!IsDir && !System.IO.Directory.Exists(strSitePath)) { return(false); } else { IsDir = true; } Boolean bOk; try { // Directory.CreateDirectory(strSitePath); SecurityDescriptor secDesc = SecurityDescriptor.GetFileSecurity(strSitePath, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION); Dacl dacl = secDesc.Dacl;//The discretionary access control list (DACL) of an object Sid sidUser = new Sid(strUserName); dacl.RemoveAces(sidUser); AccessType AType = AccessType.GENERIC_ALL; AceFlags flag = AceFlags.OBJECT_INHERIT_ACE | AceFlags.CONTAINER_INHERIT_ACE | AceFlags.SUCCESSFUL_ACCESS_ACE_FLAG; AceAccessAllowed ace = new AceAccessAllowed(sidUser, AType, flag); dacl.AddAce(ace); secDesc.SetDacl(dacl); secDesc.SetFileSecurity(strSitePath, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION); bOk = true; } catch (Exception ee) { throw ee; } //对所有的子文件和子文件夹附权 if (IsDir) { string[] files = System.IO.Directory.GetFiles(strSitePath); if (files != null && files.Length > 0) { foreach (string file in files) { SetDirPermission(file, strUserName); } } string[] dirs = System.IO.Directory.GetDirectories(strSitePath); if (dirs != null && dirs.Length > 0) { foreach (string dir in dirs) { SetDirPermission(dir, strUserName); } } } return(bOk); } /* CreateDir */