/// <summary>
        /// Get registry rights for specific user.
        /// </summary>
        /// <param name="key">Registry key.</param>
        /// <param name="sid">User Identifier.</param>
        /// <returns>Registry rights.</returns>
        public static RegistryRights GetRights(RegistryKey key, SecurityIdentifier sid, bool includeInherited = false, AccessControlType accessType = AccessControlType.Allow)
        {
            var rights = default(RegistryRights);

            if (key == null)
            {
                return(rights);
            }
            if (sid == null)
            {
                return(rights);
            }
            var security = key.GetAccessControl();
            var rules    = security.GetAccessRules(true, true, sid.GetType());

            foreach (RegistryAccessRule rule in rules)
            {
                if (rule.IdentityReference != sid)
                {
                    continue;
                }
                if (rule.AccessControlType != accessType)
                {
                    continue;
                }
                //  Merge permissions.
                rights |= rule.RegistryRights;
            }
            return(rights);
        }
Exemplo n.º 2
0
        /// <summary>
        /// Get file or directory rights for specific user.
        /// </summary>
        /// <param name="path">The path to a file or directory.</param>
        /// <param name="sid">User Identifier.</param>
        /// <returns>File or directory rights.</returns>
        public static FileSystemRights GetRights(string path, SecurityIdentifier sid, bool includeInherited = false, AccessControlType accessType = AccessControlType.Allow)
        {
            var rights = default(FileSystemRights);

            if (string.IsNullOrEmpty(path))
            {
                return(rights);
            }
            if (sid == null)
            {
                return(rights);
            }
            if (!File.Exists(path))
            {
                return(rights);
            }
            var security = File.GetAccessControl(path);
            var rules    = security.GetAccessRules(true, true, sid.GetType());

            foreach (FileSystemAccessRule rule in rules)
            {
                if (rule.IdentityReference != sid)
                {
                    continue;
                }
                if (rule.AccessControlType != accessType)
                {
                    continue;
                }
                //  Merge permissions.
                rights |= rule.FileSystemRights;
            }
            return(rights);
        }
Exemplo n.º 3
0
 public static bool HasAccessRule(EnumKnownDirectories enumKnownDirectories)
 {
     return(GetDirectoryInfo(enumKnownDirectories)
            .GetAccessControl()
            .GetAccessRules(true, false, User.GetType())
            .Cast <FileSystemAccessRule>()
            .Any(
                item => item.FileSystemRights == AccessRule.FileSystemRights &&
                item.AccessControlType == AccessRule.AccessControlType &&
                item.IdentityReference == AccessRule.IdentityReference
                ));
 }
Exemplo n.º 4
0
        public bool HasPermission(FileSystemRights permissionFlag)
        {
            //
            // Windows

            if (Environment.OSVersion.Platform == PlatformID.Win32NT)
            {
                var fileInfo     = new FileInfo(FullPath);
                var fileSecurity = fileInfo.GetAccessControl();
                var usersSid     = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null);
                var rules        = fileSecurity.GetAccessRules(true, true, usersSid.GetType()).OfType <FileSystemAccessRule>();

                return(rules.Where(r => r.FileSystemRights.HasFlag(permissionFlag)).Any());
            }

            //
            // Linux

            AccessModes accessMode = 0;

            if (permissionFlag.HasFlag(FileSystemRights.Read))
            {
                accessMode |= AccessModes.R_OK;
            }

            if (permissionFlag.HasFlag(FileSystemRights.Write))
            {
                accessMode |= AccessModes.W_OK;
            }

            if (permissionFlag.HasFlag(FileSystemRights.ExecuteFile))
            {
                accessMode |= AccessModes.X_OK;
            }

            var unixFileInfo = new Mono.Unix.UnixFileInfo(FullPath);

            return(unixFileInfo.CanAccess(accessMode));
        }
        /// <summary>
        /// Set specified rights to the file or directory.
        /// </summary>
        /// <param name="path">The path to a file or directory.</param>
        /// <param name="rights">Rights to check.</param>
        /// <param name="sid">User to check.</param>
        /// <param name="inheritance">Inheritance options.</param>
        /// <param name="propagation">Propagation options.</param>
        /// <returns>True if success, False if failed to set the rights.</returns>
        public static bool SetRights(
            string path,
            FileSystemRights rights,
            SecurityIdentifier sid,
            // Applies to directories and sub directories by default.
            InheritanceFlags?inheritance = null,
            PropagationFlags?propagation = null)
        {
            if (string.IsNullOrEmpty(path))
            {
                return(false);
            }
            if (sid == null)
            {
                return(false);
            }
            if (!File.Exists(path) && !Directory.Exists(path))
            {
                return(false);
            }
            var attributes  = File.GetAttributes(path);
            var isDirectory = attributes.HasFlag(FileAttributes.Directory);
            var security    = isDirectory
                ? (FileSystemSecurity)Directory.GetAccessControl(path)
                : (FileSystemSecurity)File.GetAccessControl(path);
            FileSystemAccessRule sidRule = null;
            // Do not include inherited permissions, because.
            var rules = security.GetAccessRules(true, false, sid.GetType());

            foreach (FileSystemAccessRule rule in rules)
            {
                if (rule.IdentityReference != sid)
                {
                    continue;
                }
                if (rule.AccessControlType == AccessControlType.Allow)
                {
                    sidRule = rule;
                    break;
                }
            }
            if (sidRule == null)
            {
                sidRule = new FileSystemAccessRule(
                    sid,
                    // Set new permissions.
                    rights,
                    inheritance ?? (
                        isDirectory
                            ? InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit
                            : InheritanceFlags.None
                        ),
                    propagation ?? PropagationFlags.None,
                    AccessControlType.Allow
                    );
                security.AddAccessRule(sidRule);
            }
            else
            {
                var newRule = new FileSystemAccessRule(
                    sid,
                    // Append missing permissions.
                    sidRule.FileSystemRights | rights,
                    inheritance ?? sidRule.InheritanceFlags,
                    propagation ?? sidRule.PropagationFlags,
                    AccessControlType.Allow
                    );
                security.SetAccessRule(newRule);
            }
            if (isDirectory)
            {
                Directory.SetAccessControl(path, (DirectorySecurity)security);
            }
            else
            {
                File.SetAccessControl(path, (FileSecurity)security);
            }
            return(true);
        }
        /// <summary>
        /// Set specified rights to the file or directory.
        /// </summary>
        /// <param name="path">The path to a file or directory.</param>
        /// <param name="rights">Rights to check.</param>
        /// <param name="sid">User to check.</param>
        /// <param name="inheritance">Inheritance options.</param>
        /// <param name="propagation">Propagation options.</param>
        /// <returns>True if success, False if failed to set the rights.</returns>
        public static bool SetRights(
            RegistryKey baseKey,
            string registryName,
            RegistryRights rights,
            SecurityIdentifier sid,
            // Applies to keys and sub keys by default.
            InheritanceFlags?inheritance = null,
            PropagationFlags?propagation = null
            )
        {
            var key = baseKey.OpenSubKey(registryName, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.ChangePermissions | RegistryRights.ReadKey);

            if (key == null)
            {
                return(false);
            }
            if (sid == null)
            {
                return(false);
            }
            var security = key.GetAccessControl();
            RegistryAccessRule sidRule = null;
            // Do not include inherited permissions, because.
            var rules = security.GetAccessRules(true, false, sid.GetType());

            foreach (RegistryAccessRule rule in rules)
            {
                if (rule.IdentityReference != sid)
                {
                    continue;
                }
                if (rule.AccessControlType == AccessControlType.Allow)
                {
                    sidRule = rule;
                    break;
                }
            }
            if (sidRule == null)
            {
                sidRule = new RegistryAccessRule(
                    sid,
                    // Set new permissions.
                    rights,
                    inheritance ?? InheritanceFlags.ContainerInherit,
                    propagation ?? PropagationFlags.None,
                    AccessControlType.Allow
                    );
                security.AddAccessRule(sidRule);
            }
            else
            {
                var newRule = new RegistryAccessRule(
                    sid,
                    // Append missing permissions.
                    sidRule.RegistryRights | rights,
                    inheritance ?? sidRule.InheritanceFlags,
                    propagation ?? sidRule.PropagationFlags,
                    AccessControlType.Allow
                    );
                security.SetAccessRule(newRule);
            }
            key.SetAccessControl(security);
            key.Close();
            return(true);
        }
Exemplo n.º 7
0
        /// <summary>
        /// Set specified rights to the file or directory.
        /// </summary>
        /// <param name="path">The path to a file or directory.</param>
        /// <param name="rights">Rights to check.</param>
        /// <param name="sid">User to check.</param>
        /// <param name="inheritance">Inheritance options.</param>
        /// <param name="propagation">Propagation options.</param>
        /// <returns>True if success, False if failed to set the rights.</returns>
        public static bool SetRights(
            string path,
            FileSystemRights rights,
            SecurityIdentifier sid,
            // Applies to directories and sub directories by default.
            InheritanceFlags?inheritance = null,
            PropagationFlags?propagation = null)
        {
            if (string.IsNullOrEmpty(path))
            {
                return(false);
            }
            if (sid == null)
            {
                return(false);
            }
            var fi = new FileInfo(path);

            if (!fi.Exists)
            {
                return(false);
            }
            var security = fi.GetAccessControl();
            FileSystemAccessRule sidRule = null;
            // Do not include inherited permissions, because.
            var rules = security.GetAccessRules(true, false, sid.GetType());

            foreach (FileSystemAccessRule rule in rules)
            {
                if (rule.IdentityReference != sid)
                {
                    continue;
                }
                if (rule.AccessControlType == AccessControlType.Allow)
                {
                    sidRule = rule;
                    break;
                }
            }
            if (sidRule == null)
            {
                sidRule = new FileSystemAccessRule(
                    sid,
                    // Set new permissions.
                    rights,
                    inheritance.HasValue
                        ? inheritance.Value
                    // For directory default option is inherit permissions.
                        : fi.Attributes == FileAttributes.Directory
                            ? InheritanceFlags.ContainerInherit
                            : InheritanceFlags.None,
                    propagation ?? PropagationFlags.None,
                    AccessControlType.Allow
                    );
                security.AddAccessRule(sidRule);
            }
            else
            {
                var newRule = new FileSystemAccessRule(
                    sid,
                    // Append missing permissions.
                    sidRule.FileSystemRights | rights,
                    inheritance ?? sidRule.InheritanceFlags,
                    propagation ?? sidRule.PropagationFlags,
                    AccessControlType.Allow
                    );
                security.SetAccessRule(newRule);
            }
            File.SetAccessControl(path, security);
            return(true);
        }