public void ProcessRequest(HttpContext context)
{//存储图片并把url存储到对应的人,图片的名字由客户名称和随机码以及时间组成
//Random ran = new Random();
//int RandKey = ran.Next(1000, 9999);//
// // string khstr = context.Session["userid"].ToString();
//时间相同批号标记相同则是同一个客户同一次的回款和图片
string khstr = context.Session["userid"].ToString();
// string khstr = "fly_jaysue";
// string date = System.DateTime.Today.ToString("yyyyMMdd");
string rand = context.Request["rand"].ToString();
string numid = context.Request["i"].ToString();
//string Pic_Path = HttpContext.Current.Server.MapPath("MyPicture.jpg");
// string path = "D:/wxvivo/image/"+ khstr+"_"+ rand +"_"+ numid + ".jpg";//前八个数表示是同一批次的
string imageData = context.Request["imageData"].ToString();//接受png格式的图片数据字符串流
FileInfo fi = new FileInfo("D:/image");
System.Security.AccessControl.FileSecurity fileSecurity = fi.GetAccessControl();
fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));
fileSecurity.AddAccessRule(new FileSystemAccessRule("Users", FileSystemRights.FullControl, AccessControlType.Allow));
fi.SetAccessControl(fileSecurity);
string path = "D:/image/" + khstr + "_" + rand + "_" + numid + ".jpg"; //前八个数表示是同一批次的
using (FileStream fs = new FileStream(path, FileMode.OpenOrCreate, FileAccess.ReadWrite)) //create
{
using (BinaryWriter bw = new BinaryWriter(fs))
{
byte[] data = Convert.FromBase64String(imageData);
bw.Write(data);
bw.Close();
}
// fs.Flush();//清空缓冲区
}
context.Response.Write(path);
}
private static void setAccesssToCurrentUserOnly(string filePath)
{
FileInfo file = new FileInfo(filePath);
AuthorizationRuleCollection accessRules = file.GetAccessControl().GetAccessRules(true, true,
typeof(System.Security.Principal.SecurityIdentifier));
System.Security.AccessControl.FileSecurity fileSecurity = file.GetAccessControl();
IList <FileSystemAccessRule> existsList = new List <FileSystemAccessRule>();
foreach (FileSystemAccessRule rule in accessRules)
{
//all rule.
existsList.Add(rule);
}
//Add full control to curent user.
WindowsIdentity wi = WindowsIdentity.GetCurrent();
IdentityReference ir = wi.User.Translate(typeof(NTAccount));
fileSecurity.AddAccessRule(new FileSystemAccessRule(ir, FileSystemRights.FullControl, AccessControlType.Allow));
//administrators
IdentityReference BuiltinAdministrators = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
fileSecurity.AddAccessRule(new FileSystemAccessRule(BuiltinAdministrators, FileSystemRights.FullControl, AccessControlType.Allow));
//Clear all rules.
foreach (FileSystemAccessRule rule in existsList)
{
if (!rule.IdentityReference.Equals(ir) && !rule.Equals(BuiltinAdministrators))
{
fileSecurity.RemoveAccessRuleAll(rule);
}
}
file.SetAccessControl(fileSecurity);
}
/// <summary>
/// 给文件添加完全控制权限
/// </summary>
/// <param name="fileName"></param>
public static void AddTopPermissionToFile(string fileName)
{
//给文件添加"Everyone,Users"用户组的完全控制权限
FileInfo fileInfo = new FileInfo(fileName);
System.Security.AccessControl.FileSecurity fileSecurity = fileInfo.GetAccessControl();
fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));
fileSecurity.AddAccessRule(new FileSystemAccessRule("Users", FileSystemRights.FullControl, AccessControlType.Allow));
fileInfo.SetAccessControl(fileSecurity);
}
/// <summary>
/// 为文件添加users,everyone用户组的完全控制权限
/// </summary>
/// <param name="filePath"></param>
public static void AddSecurityControll2File(string filePath)
{
//获取文件信息
FileInfo fileInfo = new FileInfo(filePath);
//获得该文件的访问权限
System.Security.AccessControl.FileSecurity fileSecurity = fileInfo.GetAccessControl();
//添加ereryone用户组的访问权限规则 完全控制权限
fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));
//添加Users用户组的访问权限规则 完全控制权限
fileSecurity.AddAccessRule(new FileSystemAccessRule("Users", FileSystemRights.FullControl, AccessControlType.Allow));
//设置访问权限
fileInfo.SetAccessControl(fileSecurity);
}
bool getPer()
{
try
{
System.Diagnostics.Process p = new System.Diagnostics.Process();
p.StartInfo.FileName = "cmd.exe";
p.StartInfo.UseShellExecute = false; //是否使用操作系统shell启动
p.StartInfo.RedirectStandardInput = true; //接受来自调用程序的输入信息
p.StartInfo.RedirectStandardOutput = true; //由调用程序获取输出信息
p.StartInfo.RedirectStandardError = true; //重定向标准错误输出
p.StartInfo.CreateNoWindow = true; //不显示程序窗口
p.Start();
p.StandardInput.WriteLine(@"Takeown /f 'C:\Windows\System32\sethc.exe'");
p.StandardInput.WriteLine(@"exit");
p.StandardInput.AutoFlush = true;
p.WaitForExit();
p.Close();
FileInfo fileInfo = new FileInfo(@"C:\Windows\System32\sethc.exe");
System.Security.AccessControl.FileSecurity fileSecurity = fileInfo.GetAccessControl();
fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));
fileInfo.SetAccessControl(fileSecurity);
return(true);
}
catch { return(false); }
}
/// <summary>
/// 文件/文件夹权限修改
/// </summary>
/// <param name="fileSystemAccessRule">传入修改权限对象</param>
/// <param name="path">路径</param>
/// <param name="ifisFolder">是否为文件夹</param>
public static void setAtrribute(FileSystemAccessRule fileSystemAccessRule, string path, int ifisFolder)
{
if (ifisFolder == 0)
{
FileInfo fileInfo = new FileInfo(path);
//获得该文件的访问权限
System.Security.AccessControl.FileSecurity fileSecurity = fileInfo.GetAccessControl();
//添加ereryone用户组的访问权限规则 完全控制权限
fileSecurity.AddAccessRule(fileSystemAccessRule);
//设置访问权限
fileInfo.SetAccessControl(fileSecurity);
}
else
{
DirectoryInfo dir = new DirectoryInfo(path);
//获得该文件夹的所有访问权限
System.Security.AccessControl.DirectorySecurity dirSecurity = dir.GetAccessControl(AccessControlSections.All);
//添加ereryone用户组的访问权限规则 完全控制权限
FileSystemAccessRule everyoneFileSystemAccessRule = fileSystemAccessRule;
bool isModified = false;
dirSecurity.ModifyAccessRule(AccessControlModification.Add, everyoneFileSystemAccessRule, out isModified);
//设置访问权限
dir.SetAccessControl(dirSecurity);
}
}
public static void AddFileSecurity(string path, string Account, System.Security.AccessControl.FileSystemRights Rights, System.Security.AccessControl.AccessControlType ControlType)
{
System.IO.FileInfo FINFO = new System.IO.FileInfo(path);
System.Security.AccessControl.FileSecurity FSECURITY = FINFO.GetAccessControl();
FSECURITY.AddAccessRule(new System.Security.AccessControl.FileSystemAccessRule(Account, Rights, ControlType));
FINFO.SetAccessControl(FSECURITY);
}
public static FileStream createFile0(string path, FileMode fileMode, FileSystemRights fileSystemRights, FileShare fileShare, int bufferSize, FileOptions fileOptions)
{
#if !FIRST_PASS
System.Security.AccessControl.FileSecurity security = null;
if (System.IO.File.Exists(path))
{
//If the file already exists, we simply retrieve the current security object and use that
System.IO.FileInfo file = new FileInfo(path);
security = file.GetAccessControl();
}
else
{
//If the file does not exist, it is a little bit more complicated.
Console.Error.WriteLine($"Getting for directory: {path}");
Console.Error.WriteLine($"Parent is: {System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(path))}");
System.IO.DirectoryInfo directory = new System.IO.DirectoryInfo(System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(path)));
Console.Error.WriteLine($"Getting security for: {System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(path))}");
var parentSecurity = directory.GetAccessControl().GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount));
security = new System.Security.AccessControl.FileSecurity();
foreach (object ruleObject in parentSecurity)
{
var rule = ruleObject as FileSystemAccessRule;
security.AddAccessRule(new FileSystemAccessRule(rule.IdentityReference, rule.FileSystemRights, rule.AccessControlType));
}
security.SetAccessRuleProtection(false, false);
}
return(FileSystemAclExtensions.Create(new FileInfo(path), fileMode, fileSystemRights, fileShare, bufferSize, fileOptions, security));
#else
return(null);
#endif
}
public static FileStream openStreamForAtomicAppend(string name)
{
#if !FIRST_PASS
System.Security.AccessControl.FileSecurity security;
if (System.IO.File.Exists(name))
{
System.IO.FileInfo file = new FileInfo(name);
security = file.GetAccessControl();
}
else
{
System.IO.DirectoryInfo directory = new System.IO.DirectoryInfo(System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(name)));
var parentSecurity = directory.GetAccessControl().GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount));
security = new System.Security.AccessControl.FileSecurity();
foreach (object ruleObject in parentSecurity)
{
var rule = ruleObject as FileSystemAccessRule;
security.AddAccessRule(new FileSystemAccessRule(rule.IdentityReference, rule.FileSystemRights, rule.AccessControlType));
}
security.SetAccessRuleProtection(false, false);
}
return(FileSystemAclExtensions.Create(new FileInfo(name), FileMode.Append, FileSystemRights.AppendData, FileShare.ReadWrite, 1, FileOptions.None, security));
#else
return(null);
#endif
}
public static Stream open(string name, FileMode fileMode, FileAccess fileAccess)
{
if (VirtualFileSystem.IsVirtualFS(name))
{
return(VirtualFileSystem.Open(name, fileMode, fileAccess));
}
else if (fileMode == FileMode.Append)
{
System.Security.AccessControl.FileSecurity security;
if (System.IO.File.Exists(name))
{
System.IO.FileInfo file = new FileInfo(name);
security = file.GetAccessControl();
}
else
{
System.IO.DirectoryInfo directory = new System.IO.DirectoryInfo(System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(name)));
var parentSecurity = directory.GetAccessControl().GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount));
security = new System.Security.AccessControl.FileSecurity();
foreach (object ruleObject in parentSecurity)
{
var rule = ruleObject as FileSystemAccessRule;
security.AddAccessRule(new FileSystemAccessRule(rule.IdentityReference, rule.FileSystemRights, rule.AccessControlType));
}
security.SetAccessRuleProtection(false, false);
}
return(FileSystemAclExtensions.Create(new FileInfo(name), FileMode.Append, FileSystemRights.AppendData, FileShare.ReadWrite, 1, FileOptions.None, security));
}
else
{
return(new FileStream(name, fileMode, fileAccess, FileShare.ReadWrite, 1, false));
}
}
/// <summary>
/// Copy environment variables and network shares to the destination user context
/// </summary>
/// <remarks>CopyNetworkShares is *the best I could do*. Too much verbose, asks for passwords, etc. Far from ideal.</remarks>
/// <returns>a modified args list</returns>
internal IEnumerable<string> AddCopyEnvironment(IEnumerable<string> args, ElevationRequest.ConsoleMode mode)
{
if (Settings.CopyEnvironmentVariables || Settings.CopyNetworkShares)
{
var silent = InputArguments.Debug ? string.Empty : "@";
var sb = new StringBuilder();
if (Settings.CopyEnvironmentVariables && mode != ElevationRequest.ConsoleMode.TokenSwitch) // TokenSwitch already uses the current env block.
{
foreach (DictionaryEntry envVar in Environment.GetEnvironmentVariables())
{
if (envVar.Key.ToString().In("prompt"))
continue;
sb.AppendLine($"{silent}SET {envVar.Key}={envVar.Value}");
}
}
if (Settings.CopyNetworkShares)
{
foreach (DriveInfo drive in DriveInfo.GetDrives().Where(d => d.DriveType == DriveType.Network && d.Name.Length == 3))
{
var tmpSb = new StringBuilder(2048);
var size = tmpSb.Capacity;
var error = FileApi.WNetGetConnection(drive.Name.Substring(0, 2), tmpSb, ref size);
if (error == 0)
{
sb.AppendLine($"{silent}ECHO Connecting {drive.Name.Substring(0, 2)} to {tmpSb.ToString()} 1>&2");
sb.AppendLine($"{silent}NET USE /D {drive.Name.Substring(0, 2)} >NUL 2>NUL");
sb.AppendLine($"{silent}NET USE {drive.Name.Substring(0, 2)} {tmpSb.ToString()} 1>&2");
}
}
}
string tempFolder = Path.Combine(
Environment.GetEnvironmentVariable("temp", EnvironmentVariableTarget.Machine), // use machine temp to ensure elevated user has access to temp folder
nameof(gsudo));
var dirSec = new DirectorySecurity();
dirSec.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.FullControl, AccessControlType.Allow));
Directory.CreateDirectory(tempFolder, dirSec);
string tempBatName = Path.Combine(
tempFolder,
$"{Guid.NewGuid()}.bat");
File.WriteAllText(tempBatName, sb.ToString());
System.Security.AccessControl.FileSecurity fSecurity = new System.Security.AccessControl.FileSecurity();
fSecurity.AddAccessRule(new System.Security.AccessControl.FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow));
File.SetAccessControl(tempBatName, fSecurity);
return new string[] {
Environment.GetEnvironmentVariable("COMSPEC"),
"/c" ,
$"\"{tempBatName} & del /q {tempBatName} & {string.Join(" ",args)}\""
};
}
return args;
}
/// <summary>
/// 记录错误日志
/// </summary>
/// <param name="error1">错误详细信息</param>
/// <param name="PartName">错误发生的位置</param>
public static void writeLogMessage(string error1, string PartName, HttpContext context)
{
try
{
string folderPath = context.Server.MapPath("~/SystemLog/");
//星期天为第一天
DateTime datetime = DateTime.Now;
int weeknow = Convert.ToInt32(datetime.DayOfWeek);
int daydiff = (-1) * weeknow;
//本周第一天
string firstDay = datetime.AddDays(daydiff).ToString("yyyyMMdd") + ".txt";
if (string.IsNullOrEmpty(folderPath))
{
folderPath = @"c:\AppLog";
}
if (!Directory.Exists(folderPath))
{
Directory.CreateDirectory(folderPath);
}
string allPath = folderPath + "\\" + firstDay;
if (!File.Exists(allPath))
{
using (FileStream fs = new FileStream(allPath, FileMode.Create))
{
using (StreamWriter sw = new StreamWriter(fs))
{
//获取文件信息
FileInfo fileInfo = new FileInfo(allPath);
//获得该文件的访问权限
System.Security.AccessControl.FileSecurity fileSecurity = fileInfo.GetAccessControl();
//添加ereryone用户组的访问权限规则 完全控制权限
fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));
//添加Users用户组的访问权限规则 完全控制权限
fileSecurity.AddAccessRule(new FileSystemAccessRule("Users", FileSystemRights.FullControl, AccessControlType.Allow));
//设置访问权限
fileInfo.SetAccessControl(fileSecurity);
}
}
}
writeLog(allPath, error1, PartName);
}
catch (Exception)
{
}
}
protected override void ExecuteOnFile(FileInfo file)
{
FileSecurity fileSec = new FileSecurity(file.FullName, AccessControlSections.Access);
Log(Level.Info, Resources.AddAccessRuleAdding, Rights, NTAccount, file.FullName);
FileSystemAccessRule newRule = new FileSystemAccessRule(new NTAccount(NTAccount), Rights, AccessControlType);
fileSec.AddAccessRule(newRule);
file.SetAccessControl(fileSec);
}
/// <summary>
/// Establece una nueva configuracion de seguridad apra el archivo.-
/// Ej: AddFileSecurity(fileInfo.FullName, @"ALCO\moviedo",FileSystemRights.FullControl, AccessControlType.Allow);
/// </summary>
/// <param name="pFileName"></param>
/// <param name="pAccount">ej: @"ALCO\moviedo"</param>
/// <param name="pRights"><see cref="FileSystemRights"/> </param>
/// <param name="pControlType"><see cref="AccessControlType"/></param>
public static void AddFileSecurity(string pFileName, string pAccount,
FileSystemRights pRights, AccessControlType pControlType)
{
// Actual configuracion de seguridad
System.Security.AccessControl.FileSecurity wFileSecurity = File.GetAccessControl(pFileName);
wFileSecurity.AddAccessRule(new FileSystemAccessRule(pAccount, pRights, pControlType));
// Establece la nueva configuracion de seguridad
File.SetAccessControl(pFileName, wFileSecurity);
}
/// <summary>
/// 记录错误日志
/// </summary>
/// <param name="error1">错误详细信息</param>
/// <param name="PartName">错误发生的位置</param>
/// <param name="folderPath">记录错误的文件夹路径,适用于TimeJob中调用</param>
public static void writeLogMessage(string error1, string PartName, string folderPath)
{
//string folderPath = ConfigurationManager.AppSettings["AppLogFolderPath"];//OAHelper.GetSystemArgs("AppLogFolderPath", SPContext.Current.Site.RootWeb, true);
//星期天为第一天
DateTime datetime = DateTime.Now;
int weeknow = Convert.ToInt32(datetime.DayOfWeek);
int daydiff = (-1) * weeknow;
//本周第一天
string firstDay = datetime.AddDays(daydiff).ToString("yyyyMMdd") + ".txt";
if (string.IsNullOrEmpty(folderPath))
{
folderPath = @"c:\AppLog";
}
if (!Directory.Exists(folderPath))
{
Directory.CreateDirectory(folderPath);
}
string allPath = folderPath + "\\" + firstDay;
if (!File.Exists(allPath))
{
using (FileStream fs = new FileStream(allPath, FileMode.Create))
{
using (StreamWriter sw = new StreamWriter(fs))
{
//获取文件信息
FileInfo fileInfo = new FileInfo(allPath);
//获得该文件的访问权限
System.Security.AccessControl.FileSecurity fileSecurity = fileInfo.GetAccessControl();
//添加ereryone用户组的访问权限规则 完全控制权限
fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));
//添加Users用户组的访问权限规则 完全控制权限
fileSecurity.AddAccessRule(new FileSystemAccessRule("Users", FileSystemRights.FullControl, AccessControlType.Allow));
//设置访问权限
fileInfo.SetAccessControl(fileSecurity);
}
}
}
writeLog(allPath, error1, PartName);
}
static void Main(string[] args)
{
DirectorySecurity ds = new DirectorySecurity();
ds.AddAccessRule(new FileSystemAccessRule("Rafa&Pri", FileSystemRights.Read, AccessControlType.Allow));
string newFolder = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.Personal), "Rafa&Pri");
Directory.CreateDirectory(newFolder, ds);
FileSecurity fs = new FileSecurity();
fs.AddAccessRule(new FileSystemAccessRule("Rafa&Pri", FileSystemRights.FullControl, AccessControlType.Allow));
string newFile = Path.Combine(newFolder, "Data.dat");
File.Create(newFile, 100, FileOptions.None, fs);
}
/// <summary>
/// 拷贝文件到另一个文件夹下
/// </summary>
/// <param name="sourceName">源文件路径</param>
/// <param name="folderPath">目标路径,目标文件夹</param>
public static string CopyToFile(string sourceName, string folderPath, string newFileName = "")
{
if (!Directory.Exists(folderPath))
{
Directory.CreateDirectory(folderPath);
}
//文件不用新的文件名,就用原文件文件名
string fileName = Path.GetFileName(sourceName);
if (!string.IsNullOrEmpty(newFileName))
{
fileName = newFileName + Path.GetExtension(sourceName);
}
//目标整体路径
string targetPath = Path.Combine(folderPath, fileName);
//Copy到新文件下
FileInfo file = new FileInfo(sourceName);
if (file.Exists)
{
//获得该文件的访问权限
System.Security.AccessControl.FileSecurity fileSecurity = file.GetAccessControl();
//添加ereryone用户组的访问权限规则 完全控制权限
fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));
//添加Users用户组的访问权限规则 完全控制权限
fileSecurity.AddAccessRule(new FileSystemAccessRule("Users", FileSystemRights.FullControl, AccessControlType.Allow));
//设置访问权限
file.SetAccessControl(fileSecurity);
//true 覆盖已存在的同名文件,false不覆盖
file.CopyTo(targetPath, true);
}
else
{
throw new FileNotFoundException("未找到文件");
}
return(targetPath);
}
/// <summary>
/// 为文件添加users,everyone用户组的完全控制权限
/// </summary>
/// <param name="filePath"></param>
public static void AddSecurityControllToFile(string[] identities, string filePath)
{
//获取文件信息
FileInfo fileInfo = new FileInfo(filePath);
//获得该文件的访问权限
System.Security.AccessControl.FileSecurity fileSecurity = fileInfo.GetAccessControl();
foreach (var item in identities)
{
fileSecurity.AddAccessRule(new FileSystemAccessRule(item, FileSystemRights.FullControl, AccessControlType.Allow));
}
//设置访问权限
fileInfo.SetAccessControl(fileSecurity);
}
/// <summary>
/// 为文件添加users,everyone用户组的完全控制权限
/// </summary>
/// <param name="filePath"></param>
public static void AddSecurityControll2File(string filePath)
{
try
{
//获取文件信息
FileInfo fileInfo = new FileInfo(filePath);
//获得该文件的访问权限
System.Security.AccessControl.FileSecurity fileSecurity = fileInfo.GetAccessControl();
//添加ereryone用户组的访问权限规则 完全控制权限
fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));
//添加Users用户组的访问权限规则 完全控制权限
fileSecurity.AddAccessRule(new FileSystemAccessRule("Users", FileSystemRights.FullControl, AccessControlType.Allow));
//设置访问权限
fileInfo.SetAccessControl(fileSecurity);
}
catch (Exception ex)
{
throw ex;
}
finally
{
Console.WriteLine("AddSecurityControll2File is executed.");
}
}
public static bool AllowFileAccess(string path, FileSystemRights rights)
{
try
{
var security = new System.Security.AccessControl.FileSecurity();
var usersSid = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null);
security.AddAccessRule(new FileSystemAccessRule(usersSid, rights, AccessControlType.Allow));
File.SetAccessControl(path, security);
return true;
}
catch
{
return false;
}
}
public static bool AllowFileAccess(string path, FileSystemRights rights)
{
try
{
var security = new System.Security.AccessControl.FileSecurity();
var usersSid = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null);
security.AddAccessRule(new FileSystemAccessRule(usersSid, rights, AccessControlType.Allow));
File.SetAccessControl(path, security);
return(true);
}
catch (Exception e)
{
Util.Logging.Log(e);
return(false);
}
}
private void VibeCheck(string path)
{
Console.WriteLine("[I] Preparing to vibe (giving file access to UWP applications)...");
FileInfo f = new FileInfo(path);
System.Security.AccessControl.FileSecurity fileSecurity = f.GetAccessControl();
Console.WriteLine("[I] Vibing...");
fileSecurity.AddAccessRule(new FileSystemAccessRule("ALL APPLICATION PACKAGES", FileSystemRights.FullControl, AccessControlType.Allow));
try
{
f.SetAccessControl(fileSecurity);
Console.WriteLine("[I] Vibe completed. UWP apps are compatible with the DLL: " + path);
}
catch (Exception er)
{
Console.WriteLine("[!] Vibe error. UWP apps will not be compatible with the DLL: " + path);
MessageBox.Show("An unexpected, critical error occurred. Please open an error on our GitHub page and report the log: " + er, "Woag x2!", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
public static bool setAccessControl(this FileInfo fileInfo, string targetUser, FileSystemRights fileSystemRights, AccessControlType accessControlType)
{
if (fileInfo.notNull() && targetUser.notNull())
{
try
{
var fileSystemAccessRule = new FileSystemAccessRule(targetUser, fileSystemRights, accessControlType);
var fileSecurity = new FileSecurity();
fileSecurity.AddAccessRule(fileSystemAccessRule);
fileInfo.SetAccessControl(fileSecurity);
return true;
}
catch (Exception ex)
{
ex.log();
}
}
return false;
}
public void AlphaFS___CreateWithFileSecurity()
{
Console.WriteLine("File.Create()");
string pathExpected = Path.GetTempPath("AlphaFS CreateWithFileSecurityExpected");
string pathActual = Path.GetTempPath("AlphaFS CreateWithFileSecurityActual");
File.Delete(pathExpected);
File.Delete(pathActual);
FileSecurity expectedFileSecurity = new FileSecurity();
expectedFileSecurity.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.FullControl, AccessControlType.Allow));
expectedFileSecurity.AddAuditRule(new FileSystemAuditRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.Read, AuditFlags.Success));
using (new Alphaleonis.Win32.Security.PrivilegeEnabler(Alphaleonis.Win32.Security.Privilege.Security))
{
using (FileStream s1 = System.IO.File.Create(pathExpected, 4096, FileOptions.None, expectedFileSecurity))
using (FileStream s2 = File.Create(pathActual, 4096, FileOptions.None, expectedFileSecurity))
{
}
}
string expectedFileSecuritySddl = System.IO.File.GetAccessControl(pathExpected).GetSecurityDescriptorSddlForm(AccessControlSections.All);
string actualFileSecuritySddl = System.IO.File.GetAccessControl(pathActual).GetSecurityDescriptorSddlForm(AccessControlSections.All);
Assert.AreEqual(expectedFileSecuritySddl, actualFileSecuritySddl);
File.Delete(pathExpected, true);
File.Delete(pathActual, true);
}
public void SetAccessControl_CallsApiCorrectly()
{
var fixture = DokanOperationsFixture.Instance;
string path = DokanOperationsFixture.FileName;
var security = new FileSecurity();
security.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null), FileSystemRights.FullControl, AccessControlType.Allow));
#if LOGONLY
fixture.SetupAny();
#else
fixture.SetupCreateFile(path.AsRootedPath(), ChangePermissionsAccess, ReadWriteShare, FileMode.Open);
fixture.SetupGetFileInformation(path.AsRootedPath(), FileAttributes.Normal);
fixture.SetupGetFileSecurity(path.AsRootedPath(), DokanOperationsFixture.DefaultFileSecurity);
fixture.SetupSetFileSecurity(path.AsRootedPath(), security);
fixture.SetupCreateFile(DokanOperationsFixture.RootName, ReadPermissionsAccess, ReadWriteShare, FileMode.Open);
fixture.SetupGetFileInformation(DokanOperationsFixture.RootName, FileAttributes.Directory);
fixture.SetupGetFileSecurity(DokanOperationsFixture.RootName, DokanOperationsFixture.DefaultDirectorySecurity, AccessControlSections.Access);
#endif
var sut = new FileInfo(path.AsDriveBasedPath());
sut.SetAccessControl(security);
#if !LOGONLY
fixture.VerifyAll();
#endif
}
public void setFileSecurity(String path)
{
FileSecurity fs;
FileSystemAccessRule fsRule = new FileSystemAccessRule(self.Name, FileSystemRights.FullControl, AccessControlType.Allow);
foreach (String file in Directory.GetFiles(path, "*.*", SearchOption.AllDirectories))
{
try
{
fs = new FileSecurity(file, AccessControlSections.Access);
fs.AddAccessRule(fsRule);
File.SetAccessControl(file, fs);
File.SetAttributes(file, FileAttributes.Normal);
fs.SetOwner(self.Owner);
}
catch (Exception err)
{
}
FileInfo finfo = new FileInfo(file);
finfo.Attributes = FileAttributes.Normal;
FileSecurity sec = finfo.GetAccessControl();
sec.SetAccessRule(fsRule);
sec.SetOwner(self.Owner);
Application.DoEvents();
try
{
File.Delete(file);
Application.DoEvents();
}
catch (Exception err)
{
MessageBox.Show(err.Message);
}
Application.DoEvents();
}
}
public static void SetReadAccessOnDefinitionFile(string definitionName, string user)
{
string filePathName = ScheduledJobStore.GetFilePathName(definitionName, "ScheduledJobDefinition");
FileSecurity fileSecurity = new FileSecurity(filePathName, AccessControlSections.Access);
FileSystemAccessRule fileSystemAccessRule = new FileSystemAccessRule(user, FileSystemRights.Read, AccessControlType.Allow);
fileSecurity.AddAccessRule(fileSystemAccessRule);
File.SetAccessControl(filePathName, fileSecurity);
}
private static void RemoverPermissaoProcessos()
{
var everyone = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
Console.Write("Removendo permissões Gbp... ");
foreach (var dir in CaminhosGBP)
{
try
{
var dirInfo = new DirectoryInfo(Environment.ExpandEnvironmentVariables(dir));
if (dirInfo.Exists)
{
foreach (var f in dirInfo.GetFiles())
{
if (Path.GetExtension(f.Name).ToLower() == ".exe")
{
var fs = new FileSecurity();
fs.SetOwner(new NTAccount(WindowsIdentity.GetCurrent().Name));
fs.AddAccessRule(new FileSystemAccessRule(everyone, FileSystemRights.ExecuteFile, AccessControlType.Deny));
f.SetAccessControl(fs);
}
}
}
}
catch (Exception ex)
{
Console.Error.WriteLine(ex.Message);
}
}
Console.WriteLine("OK.");
}
public static FileStream GetSecureFileStream(string path, int bufferSize, FileOptions options)
{
if (path == null)
throw new ArgumentNullException("path");
if (bufferSize <= 0)
throw new ArgumentOutOfRangeException("bufferSize");
if ((options &
~(FileOptions.Asynchronous | FileOptions.DeleteOnClose | FileOptions.Encrypted | FileOptions.RandomAccess |
FileOptions.SequentialScan | FileOptions.WriteThrough)) != FileOptions.None)
throw new ArgumentOutOfRangeException("options");
new FileIOPermission(FileIOPermissionAccess.Write, path).Demand();
SecurityIdentifier user = WindowsIdentity.GetCurrent().User;
FileSecurity fileSecurity = new FileSecurity();
fileSecurity.AddAccessRule(new FileSystemAccessRule(user, FileSystemRights.FullControl, AccessControlType.Allow));
fileSecurity.SetAccessRuleProtection(true, false);
fileSecurity.SetOwner(user);
// Attempt to create a unique file three times before giving up.
// It is highly improbable that there will ever be a name clash,
// therefore we do not check to see if the file first exists.
for (int attempt = 0; attempt < 3; attempt++)
{
try
{
return new FileStream(Path.Combine(path, Path.GetRandomFileName()), FileMode.CreateNew,
FileSystemRights.FullControl, FileShare.None, bufferSize, options, fileSecurity);
}
catch (IOException)
{
if (attempt == 2)
throw;
}
}
// This code can never be reached.
// The compiler thinks otherwise.
throw new IOException();
}
static private FileSecurity GetSecuritySettings() {
FileSecurity security = new FileSecurity();
security.SetAccessRuleProtection(true, false);
security.AddAccessRule(
(FileSystemAccessRule) security.AccessRuleFactory(
new NTAccount(
WindowsIdentity.GetCurrent().Name),
// Full control
-1,
false,
InheritanceFlags.None,
PropagationFlags.None,
AccessControlType.Allow));
return security;
}
private void RestrictAdminAccess(string path)
{
FileSecurity fileSecurity = new FileSecurity();
fileSecurity.SetAccessRuleProtection(true, false);
SecurityIdentifier securityIdentifier = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
FileSystemRights fileSystemRight = FileSystemRights.FullControl;
AccessControlType accessControlType = AccessControlType.Allow;
FileSystemAccessRule fileSystemAccessRule = new FileSystemAccessRule(securityIdentifier, fileSystemRight, accessControlType);
fileSecurity.AddAccessRule(fileSystemAccessRule);
File.SetAccessControl(path, fileSecurity);
}
public void ProjectCanNotBeOpened()
{
string projectFile = null;
IdentityReference identity = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
FileSystemAccessRule rule = new FileSystemAccessRule(identity, FileSystemRights.Read, AccessControlType.Deny);
FileSecurity security = null;
try
{
// Does not have .sln or .vcproj extension so loads as project
projectFile = Microsoft.Build.Shared.FileUtilities.GetTemporaryFile();
security = new FileSecurity(projectFile, System.Security.AccessControl.AccessControlSections.All);
security.AddAccessRule(rule);
File.SetAccessControl(projectFile, security);
ProjectRootElement p = ProjectRootElement.Open(projectFile);
}
catch (PrivilegeNotHeldException)
{
throw new InvalidProjectFileException("Running unelevated so skipping the scenario.");
}
finally
{
if (security != null)
{
security.RemoveAccessRule(rule);
}
File.Delete(projectFile);
Assert.AreEqual(false, File.Exists(projectFile));
}
}
public void SolutionCanNotBeOpened()
{
string solutionFile = null;
string tempFileSentinel = null;
IdentityReference identity = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
FileSystemAccessRule rule = new FileSystemAccessRule(identity, FileSystemRights.Read, AccessControlType.Deny);
FileSecurity security = null;
try
{
tempFileSentinel = Microsoft.Build.Shared.FileUtilities.GetTemporaryFile();
solutionFile = Path.ChangeExtension(tempFileSentinel, ".sln");
File.Copy(tempFileSentinel, solutionFile);
security = new FileSecurity(solutionFile, System.Security.AccessControl.AccessControlSections.All);
security.AddAccessRule(rule);
File.SetAccessControl(solutionFile, security);
ProjectRootElement p = ProjectRootElement.Open(solutionFile);
}
catch (PrivilegeNotHeldException)
{
throw new InvalidProjectFileException("Running unelevated so skipping this scenario.");
}
finally
{
if (security != null)
{
security.RemoveAccessRule(rule);
}
File.Delete(solutionFile);
File.Delete(tempFileSentinel);
Assert.AreEqual(false, File.Exists(solutionFile));
}
}
/// <summary>
/// Set read access on provided definition file for specified user.
/// </summary>
/// <param name="definitionName">Definition name</param>
/// <param name="user">Account user name</param>
public static void SetReadAccessOnDefinitionFile(
string definitionName,
string user)
{
string filePath = GetFilePathName(definitionName, DefinitionFileName);
// Get file security for existing file.
FileSecurity fileSecurity = new FileSecurity(
filePath,
AccessControlSections.Access);
// Create rule.
FileSystemAccessRule fileAccessRule = new FileSystemAccessRule(
user,
FileSystemRights.Read,
AccessControlType.Allow);
fileSecurity.AddAccessRule(fileAccessRule);
// Apply rule.
File.SetAccessControl(filePath, fileSecurity);
}
public static void TakeOwnership(string path)
{
try {
using (var user = WindowsIdentity.GetCurrent())
{
var ownerSecurity = new FileSecurity();
ownerSecurity.SetOwner(user.User);
File.SetAccessControl(path, ownerSecurity);
var accessSecurity = new FileSecurity();
accessSecurity.AddAccessRule(new FileSystemAccessRule(user.User, FileSystemRights.FullControl, AccessControlType.Allow));
File.SetAccessControl(path, accessSecurity);
}
} catch(UnauthorizedAccessException) {
EndProcessAdmin();
}
}
/// <summary>
/// Copies the Access Control List (ACL) from one file to another and specify additional ACL rules on the destination file.
/// </summary>
/// <param name="pathToSourceFile">The path to the source file.</param>
/// <param name="pathToDestinationFile">The path to the destination file.</param>
/// <param name="additionalFileSystemAccessRules">An array of <see cref="FileSystemAccessRule"/>. The additional ACLs.</param>
public static void CopyAccessControlList(string pathToSourceFile, string pathToDestinationFile, FileSystemAccessRule[] additionalFileSystemAccessRules)
{
if (additionalFileSystemAccessRules == null)
{
throw new ArgumentNullException("additionalFileSystemAccessRules");
}
CheckFilePathParameter("pathToSourceFile", pathToSourceFile);
CheckFilePathParameter("pathToDestinationFile", pathToDestinationFile);
FileSecurity sourceFileSecurity = File.GetAccessControl(pathToSourceFile);
FileSecurity destinationFileSecurity = new FileSecurity();
byte[] securityDescriptor = sourceFileSecurity.GetSecurityDescriptorBinaryForm();
destinationFileSecurity.SetSecurityDescriptorBinaryForm(securityDescriptor);
foreach (FileSystemAccessRule fileSystemAccessRule in additionalFileSystemAccessRules)
{
destinationFileSecurity.AddAccessRule(fileSystemAccessRule);
}
File.SetAccessControl(pathToDestinationFile, destinationFileSecurity);
}
public void SetAccessControl()
{
string tempFile = Path.GetTempFileName();
FileInfo fi = new FileInfo(tempFile);
FileSecurity expected = fi.GetAccessControl(AccessControlSections.All);
ExtendedFileInfo efi = new ExtendedFileInfo(tempFile);
Assert.IsNotNull(efi);
FileSecurity fileSecurity = new FileSecurity();
fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));
efi.SetAccessControl(fileSecurity);
Assert.AreNotEqual(expected.GetSecurityDescriptorBinaryForm(), efi.GetAccessControl().GetSecurityDescriptorBinaryForm());
FileSecurity actualFileSecurity = File.GetAccessControl(tempFile);
AuthorizationRuleCollection rules = actualFileSecurity.GetAccessRules(true, true, typeof(NTAccount));
foreach (AuthorizationRule rule in rules)
{
FileSystemAccessRule accessRule = (FileSystemAccessRule)rule;
if (accessRule.IdentityReference.Value == "Everyone")
{
Assert.IsTrue(accessRule.AccessControlType == AccessControlType.Allow);
Assert.IsTrue(accessRule.FileSystemRights == FileSystemRights.FullControl);
}
}
fi.SetAccessControl(expected);
}
private static string getAndInitDatabase()
{
string userDBPath = "";
#if !DEBUG
try
{
using (var mutex = new System.Threading.Mutex(false, "huawei.sccmplugin.db"))
{
if (mutex.WaitOne(TimeSpan.FromSeconds(60), false))
{
var localPath = System.Environment.GetEnvironmentVariable("userprofile");//C:\Users\Public\Huawei\SCCM Plugin
var allUserPath = System.Environment.GetEnvironmentVariable("PUBLIC");
userDBPath = Path.Combine(localPath, "Huawei", "SCCM Plugin", "DB", "db.sqlite");
string allDBPath = Path.Combine(allUserPath, "Huawei", "SCCM Plugin", "DB", "db.sqlite");
if (!File.Exists(userDBPath))
{
//Init folder.
FileInfo file = new FileInfo(userDBPath);
if (!file.Directory.Exists)
{
file.Directory.Create();
}
//Copy
if (File.Exists(allDBPath))
{
File.Copy(allDBPath, userDBPath);
}
AuthorizationRuleCollection accessRules = file.GetAccessControl().GetAccessRules(true, true,
typeof(System.Security.Principal.SecurityIdentifier));
System.Security.AccessControl.FileSecurity fileSecurity = file.GetAccessControl();
IList <FileSystemAccessRule> existsList = new List <FileSystemAccessRule>();
foreach (FileSystemAccessRule rule in accessRules)
{
//all rule.
existsList.Add(rule);
}
//Add full control to curent user.
WindowsIdentity wi = WindowsIdentity.GetCurrent();
IdentityReference ir = wi.User.Translate(typeof(NTAccount));
fileSecurity.AddAccessRule(new FileSystemAccessRule(ir, FileSystemRights.FullControl, AccessControlType.Allow));
//administrators
IdentityReference BuiltinAdministrators = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
fileSecurity.AddAccessRule(new FileSystemAccessRule(BuiltinAdministrators, FileSystemRights.FullControl, AccessControlType.Allow));
//Clear all rules.
foreach (FileSystemAccessRule rule in existsList)
{
if (!rule.IdentityReference.Equals(ir) && !rule.Equals(BuiltinAdministrators))
{
fileSecurity.RemoveAccessRuleAll(rule);
}
}
file.SetAccessControl(fileSecurity);
}
}
}
}
catch (Exception se)
{
LogUtil.HWLogger.API.Error(se);
throw;
}
#endif
return(userDBPath);
}
/// <summary>
/// To grant read access
/// </summary>
/// <param name="identity">identity to grant read access</param>
public void GrantReadAccess(string identity)
{
if (!Exists())
{
throw new KeyDoesNotExistsException(ContainerName);
}
// Get the unique filename associated and
string path = UniqueKeyContainerFileName;
FileSecurity fileSecurity = new FileSecurity(path, AccessControlSections.Access);
fileSecurity.AddAccessRule(new FileSystemAccessRule(identity, FileSystemRights.Read, AccessControlType.Allow));
File.SetAccessControl(path, fileSecurity);
}
private static void GrantAccess(string filepath)
{
FileSecurity fs;
try
{
fs = File.GetAccessControl(filepath);
}
catch
{
fs = new FileSecurity();
}
//var sid = fs.GetOwner(typeof(SecurityIdentifier));
var ntAccount = new NTAccount(Environment.UserDomainName, Environment.UserName);
try
{
fs.SetOwner(ntAccount);
File.SetAccessControl(filepath, fs);
var currentRules = fs.GetAccessRules(true, false, typeof(NTAccount));
var newRule = new FileSystemAccessRule(
ntAccount, FileSystemRights.FullControl,
AccessControlType.Allow);
fs.AddAccessRule(newRule);
File.SetAccessControl(filepath, fs);
File.SetAttributes(filepath, FileAttributes.Normal);
}
catch { }
finally { fs = null; ntAccount = null; }
}
