static public void Run()
{
var file = "sectest.txt";
File.WriteAllText(file, "File security.");
var sid = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null);
string usersAccount = sid.Translate(typeof(NTAccount)).ToString();
Console.WriteLine($"User: {usersAccount}");
FileSecurity sec = new FileSecurity(file,
AccessControlSections.Owner |
AccessControlSections.Group |
AccessControlSections.Access);
Console.WriteLine("AFTER CREATE:");
ShowSecurity(sec);
sec.ModifyAccessRule(AccessControlModification.Add,
new FileSystemAccessRule(usersAccount, FileSystemRights.Write, AccessControlType.Allow),
out bool modified);
Console.WriteLine("AFTER MODIFY:");
ShowSecurity(sec);
File.Delete(file);
}
public static void SetFolderPermissions(FileInfo Target, string ACLUser)
{
FileSecurity fileSec = Target.GetAccessControl();
FileSystemAccessRule fsRule = new FileSystemAccessRule(ACLUser, FileSystemRights.FullControl, AccessControlType.Allow);
fileSec.AddAccessRule(fsRule);
bool modified = false;
fileSec.ModifyAccessRule(AccessControlModification.Add, fsRule, out modified);
Target.SetAccessControl(fileSec);
}
/// <summary>
/// 添加 指定文件 指定用户 指定的 权限
/// </summary>
/// <param name="FileName"></param>
/// <param name="Account"></param>
/// <param name="UserRights"></param>
public static void AddFileSecurity(string FileName, string Account, string UserRights)
{
if (!File.Exists(FileName) || string.IsNullOrEmpty(Account))
{
return;
}
FileSystemRights Rights = new FileSystemRights();
if (UserRights.IndexOf("R") >= 0)
{
Rights = Rights | FileSystemRights.Read;
}
if (UserRights.IndexOf("C") >= 0)
{
Rights = Rights | FileSystemRights.ChangePermissions;
}
if (UserRights.IndexOf("F") >= 0)
{
Rights = Rights | FileSystemRights.FullControl;
}
if (UserRights.IndexOf("W") >= 0)
{
Rights = Rights | FileSystemRights.Write;
}
if (UserRights.IndexOf("D") >= 0)
{
Rights = Rights | FileSystemRights.Delete;
}
bool ok;
FileInfo fInfo = new FileInfo(FileName);
FileSecurity fSecurity = fInfo.GetAccessControl();
InheritanceFlags iFlags = new InheritanceFlags();
iFlags = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
FileSystemAccessRule AccessRule2 = new FileSystemAccessRule(Account, Rights, iFlags, PropagationFlags.None, AccessControlType.Allow);
fSecurity.ModifyAccessRule(AccessControlModification.Add, AccessRule2, out ok);
fInfo.SetAccessControl(fSecurity);
}
private void saveAndExitButton_Click(object sender, EventArgs e)
{
AccessControlType ACT;
switch (accessControlList.SelectedItem.ToString())
{
case "Allow":
ACT = AccessControlType.Allow;
break;
case "Deny":
ACT = AccessControlType.Deny;
break;
default:
ACT = rule.AccessControlType;
break;
}
FileSystemRights FSR;
switch (fileSystemRightsList.SelectedItem.ToString())
{
case "Full Control":
FSR = FileSystemRights.FullControl;
break;
case "Modify":
FSR = FileSystemRights.Modify;
break;
case "Read and Execute":
FSR = FileSystemRights.ReadAndExecute;
break;
case "Write":
FSR = FileSystemRights.Write;
break;
case "Execute":
FSR = FileSystemRights.ExecuteFile;
break;
case "Read":
FSR = FileSystemRights.Read;
break;
case "Delete":
FSR = FileSystemRights.Delete;
break;
default:
FSR = rule.FileSystemRights;
break;
}
FileSystemAccessRule FSAR = new FileSystemAccessRule(rule.IdentityReference.Value, FSR, ACT);
bool modified;
using (FileStream stream = File.Open(filename, FileMode.Open))
{
FileSecurity securityDescriptor = stream.GetAccessControl();
AuthorizationRuleCollection rules = securityDescriptor.GetAccessRules(true, true, typeof(NTAccount));
securityDescriptor.ModifyAccessRule(AccessControlModification.Reset, FSAR, out modified);
File.SetAccessControl(filename, securityDescriptor);
}
ACLView frm = new ACLView(filename);
frm.Show();
this.Hide();
}
