static public void SetRule(string filePath, string account, FileSystemRights rights, AccessControlType controlType)
{
FileSecurity fSecurity = File.GetAccessControl(filePath);
fSecurity.ResetAccessRule(new FileSystemAccessRule(account, rights, controlType));
File.SetAccessControl(filePath, fSecurity);
}
public void ResetSetAccessRule_Succeeds()
{
var accessRuleRead = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount,
FileSystemRights.Read, AccessControlType.Allow);
var accessRuleAppendData = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount,
FileSystemRights.AppendData, AccessControlType.Deny);
var accessRuleWrite = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount,
FileSystemRights.Write, AccessControlType.Allow);
var fileSecurity = new FileSecurity();
fileSecurity.AddAccessRule(accessRuleRead);
fileSecurity.AddAccessRule(accessRuleAppendData);
AuthorizationRuleCollection rules =
fileSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount));
Assert.Equal(2, rules.Count);
//Resetting the access rules.
fileSecurity.ResetAccessRule(accessRuleWrite);
rules = fileSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount));
Assert.Equal(1, rules.Count);
var existingAccessRule = (FileSystemAccessRule)rules[0];
Assert.Equal(accessRuleWrite.FileSystemRights, existingAccessRule.FileSystemRights);
Assert.Equal(AccessControlType.Allow, existingAccessRule.AccessControlType);
}
static void Main(string[] args)
{
FileStream stream = null;
string fileName = "c:\\TEST\\test.txt";
// Deny 'Everyone' access to the file
FileSecurity fSecurity = File.GetAccessControl(fileName);
fSecurity.ResetAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Read, AccessControlType.Deny));
File.SetAccessControl(fileName, fSecurity);
// Attempt to access file.
try
{
stream = new FileStream(fileName, FileMode.Create);
}
catch (Exception ex)
{
Console.WriteLine("Exception thrown: ");
Console.WriteLine(ex.ToString());
}
finally
{
stream.Close();
stream.Dispose();
}
}
/// <summary>
/// Create File Permissions that allow universal access
/// </summary>
/// <returns>File Permissions that allow universal access</returns>
public static FileSecurity CreateFilePermissions()
{
FileSecurity security = new FileSecurity();
FileSystemRights fileFlags = FileSystemRights.ReadData | FileSystemRights.WriteData | FileSystemRights.AppendData | FileSystemRights.ReadExtendedAttributes | FileSystemRights.WriteExtendedAttributes | FileSystemRights.ExecuteFile | FileSystemRights.DeleteSubdirectoriesAndFiles | FileSystemRights.ReadAttributes | FileSystemRights.WriteAttributes | FileSystemRights.Delete | FileSystemRights.ReadPermissions | FileSystemRights.ChangePermissions | FileSystemRights.TakeOwnership | FileSystemRights.Synchronize | FileSystemRights.FullControl;
FileSystemAccessRule accRule = new FileSystemAccessRule("SYSTEM", fileFlags, InheritanceFlags.None, PropagationFlags.InheritOnly, AccessControlType.Allow);
security.ResetAccessRule(accRule);
return(security);
}
static void SetRule(string filePath, string account,
FileSystemRights rights, AccessControlType controlType)
{
// Получим объект FileSecurity, который устанавливает
// текущие настройки безопасности
FileSecurity fSecurity = File.GetAccessControl(filePath);
// Добавим FileSystemAccessRule к настройкам безопасности
fSecurity.ResetAccessRule(new FileSystemAccessRule(account,
rights, controlType));
// Устанавливаем новые настройки доступа
File.SetAccessControl(filePath, fSecurity);
}
static void SetRule(string filePath, string account,
FileSystemRights rights, AccessControlType controlType)
{
// Get a FileSecurity object that represents the
// current security settings.
FileSecurity fSecurity = File.GetAccessControl(filePath);
// Add the FileSystemAccessRule to the security settings.
fSecurity.ResetAccessRule(new FileSystemAccessRule(account,
rights, controlType));
// Set the new access settings.
File.SetAccessControl(filePath, fSecurity);
}
public static Boolean ReplaceFileSecurity(string File, string[] Account, FileSystemRights Rights, AccessControlType ControlType, InheritanceFlags Inherit, PropagationFlags Propagation)
{
FileInfo fInfo = new FileInfo(File);
FileSecurity fSecurity = fInfo.GetAccessControl();
try
{
fSecurity.SetAccessRuleProtection(true, false);
foreach (string account in Account)
{
fSecurity.ResetAccessRule(new FileSystemAccessRule(account, Rights, Inherit, Propagation, ControlType));
}
fInfo.SetAccessControl(fSecurity);
}
catch (Exception ex)
{
LibraryLogging.Error("unable to ReplaceFileSecurity for {0} error {1}", File, ex.Message);
return(false);
}
return(true);
}
public static void SetFlatFileLogListenerAccessRights(string configFileName)
{
XmlNode loggingConfigurationNode = GetConfigNode("//loggingConfiguration", ref configFileName);
var listenersNode = loggingConfigurationNode.SelectSingleNode("listeners");
var flatFileNode = listenersNode.SelectSingleNode("add[@name='FlatFile']");
string fileName = flatFileNode.Attributes["fileName"].Value;
if (!File.Exists(fileName))
{
string directoryName = Path.GetDirectoryName(fileName);
if (!Directory.Exists(directoryName))
{
Directory.CreateDirectory(directoryName);
}
File.Create(fileName);
}
FileSecurity access = System.IO.File.GetAccessControl(fileName);
FileSystemAccessRule rule = new FileSystemAccessRule(@"NT AUTHORITY\NetworkService", FileSystemRights.FullControl, AccessControlType.Allow);
access.ResetAccessRule(rule);
File.SetAccessControl(fileName, access);
}
public void ResetAccessRule_InvalidFileSystemAccessRule()
{
var fileSecurity = new FileSecurity();
AssertExtensions.Throws <ArgumentNullException>("rule", () => fileSecurity.ResetAccessRule(null));
}
