Esempio n. 1
0
        public static FileSecurity GetAccessControl(this FileStream fileStream)
        {
            if (fileStream == null)
            {
                throw new ArgumentNullException(nameof(fileStream));
            }

            return(fileStream.GetAccessControl());
        }
Esempio n. 2
0
 static public int GetAccessControl(IntPtr l)
 {
     try {
         System.IO.FileStream self = (System.IO.FileStream)checkSelf(l);
         var ret = self.GetAccessControl();
         pushValue(l, true);
         pushValue(l, ret);
         return(2);
     }
     catch (Exception e) {
         return(error(l, e));
     }
 }
Esempio n. 3
0
 public static FileSecurity GetAccessControl(FileStream fileStream)
 {
     return(fileStream.GetAccessControl());
 }
 //ACL分为自由访问控制列表(DACL)和系统访问控制列表(SACL),通过DACL可以控制对受保护资源的访问,SACL则可以控制受保护资源的系统审核策略
 void GetACL()
 {
     string fileName = Server.MapPath("~/File/Test.doc");
     using (FileStream fs = new FileStream(fileName, FileMode.Open, FileAccess.Read))
     {
         FileSecurity fileSec = fs.GetAccessControl();
         foreach (FileSystemAccessRule fileRule in fileSec.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)))
         {
             Response.Write("File Name:" + fileName);
             Response.Write("<br/>访问控制类型:" + (fileRule.AccessControlType == AccessControlType.Allow ? "允许访问" : "拒绝访问"));
             Response.Write("<br/>访问控制权限:" + fileRule.IdentityReference.ToString());
         }
     }
 }
 public static FileSecurity GetAccessControl(FileStream fileStream)
 {
     return fileStream.GetAccessControl();
 }
Esempio n. 6
0
		public void InheritedPermissions ()
		{
			AuthorizationRuleCollection rules;
			DirectorySecurity dirSecurity; FileSecurity fileSecurity;
			SecurityIdentifier usersSid = new SecurityIdentifier ("BU");
			SecurityIdentifier worldSid = new SecurityIdentifier ("WD");
			FileSystemAccessRule worldDirFullControl = new FileSystemAccessRule
				(worldSid, FileSystemRights.FullControl,
				 InheritanceFlags.ObjectInherit, PropagationFlags.None,
				 AccessControlType.Allow);

			if (PlatformID.Win32NT != Environment.OSVersion.Platform) {
				Assert.Ignore ();
			}

			string dirpath = Path.Combine (Path.GetTempPath (), Path.GetRandomFileName ());
			string dirpath2 = null;
			string filepath = null;
			DirectoryInfo dirinfo = Directory.CreateDirectory (dirpath);

			try {
				// Set Full Control to Everyone.
				dirSecurity = dirinfo.GetAccessControl ();
				dirSecurity.SetGroup (usersSid);
				dirSecurity.AddAccessRule (worldDirFullControl);
				Directory.SetAccessControl (dirpath, dirSecurity);

				// Did the rule store on the directory?
				dirSecurity = Directory.GetAccessControl (dirpath);
				rules = dirSecurity.GetAccessRules (true, false, typeof (SecurityIdentifier ));
				Assert.AreEqual (usersSid, dirSecurity.GetGroup (typeof(SecurityIdentifier)));
				Assert.AreEqual (1, rules.Count);
				Assert.AreEqual (worldSid, rules[0].IdentityReference);
				Assert.AreEqual (InheritanceFlags.ObjectInherit, rules[0].InheritanceFlags);
				Assert.AreEqual (PropagationFlags.None, rules[0].PropagationFlags);
				Assert.IsFalse (rules[0].IsInherited);

				// Create a file. It will have no explicit rules.
				filepath = Path.Combine (dirpath, Path.GetRandomFileName ());
				using (FileStream file = new FileStream (filepath, FileMode.Create, FileAccess.ReadWrite)) {
					fileSecurity = file.GetAccessControl ();

					rules = fileSecurity.GetAccessRules (true, false, typeof (SecurityIdentifier));
					Assert.AreEqual (0, rules.Count);
				}

				// Make sure the file has inherited the Full Control access rule.
				FileInfo fileInfo = new FileInfo (filepath);
				fileSecurity = fileInfo.GetAccessControl ();

				rules = fileSecurity.GetAccessRules (false, true, typeof (SecurityIdentifier));
				bool fileInheritedRule = false;
				foreach (FileSystemAccessRule rule in rules) {
					if (rule.AccessControlType == AccessControlType.Allow &&
					    rule.FileSystemRights == FileSystemRights.FullControl &&
					    rule.IdentityReference == worldSid &&
					    rule.IsInherited &&
					    rule.InheritanceFlags == InheritanceFlags.None &&
					    rule.PropagationFlags == PropagationFlags.None) // only containers get non-None flags
						fileInheritedRule = true;
				}
				Assert.IsTrue (fileInheritedRule);

				// ContainerInherit not being set, create a directory.
				// Its inherited rule will have propagation flags to indicate only its children are affected.
				dirpath2 = Path.Combine (dirpath, Path.GetRandomFileName ());
				dirinfo = Directory.CreateDirectory (dirpath2);
				dirSecurity = dirinfo.GetAccessControl ();

				rules = dirSecurity.GetAccessRules (false, true, typeof (SecurityIdentifier));
				bool dirInheritedRule = false;
				foreach (FileSystemAccessRule rule in rules) {
					if (rule.AccessControlType == AccessControlType.Allow &&
					    rule.FileSystemRights == FileSystemRights.FullControl &&
					    rule.IdentityReference == worldSid &&
					    rule.IsInherited &&
					    rule.InheritanceFlags == InheritanceFlags.ObjectInherit &&
					    rule.PropagationFlags == PropagationFlags.InheritOnly) // <-- key difference
						dirInheritedRule = true;
				}
				Assert.IsTrue (dirInheritedRule);

			} finally {
				if (null != filepath) File.Delete (filepath);
				if (null != dirpath2) Directory.Delete (dirpath2);
				Directory.Delete (dirpath);
			}
		}