static void Main(string[] args)
{
DirectorySecurity ds = new DirectorySecurity(@"C:\Program Files", AccessControlSections.Access);
AuthorizationRuleCollection arc = ds.GetAccessRules(true, true, typeof(NTAccount));
Console.WriteLine("Identity Reference".PadRight(28)+ ": " +
"Access Control Type".PadRight(20) + " " + "File System Rights");
foreach (FileSystemAccessRule fsar in arc)
{
Console.WriteLine(fsar.IdentityReference.ToString().PadRight(28) + ": " +
fsar.AccessControlType.ToString().PadRight(20) + " " + fsar.FileSystemRights);
}
Console.WriteLine();
RegistrySecurity rs = Registry.LocalMachine.GetAccessControl();
arc = rs.GetAccessRules(true, true, typeof(NTAccount));
Console.WriteLine("Identity Reference".PadRight(28) + ": " +
"Access Control Type".PadRight(20) + " " + "Registry Rights");
foreach (RegistryAccessRule rar in arc)
{
Console.WriteLine(rar.IdentityReference.ToString().PadRight(28) + ": " +
rar.AccessControlType.ToString().PadRight(20) + " " + rar.RegistryRights);
}
}
/// <summary>
/// checks if user has rights to acess the directory
/// </summary>
/// <param name="username">user's name</param>
/// <param name="path">path of directory</param>
/// <returns>true if can has right to acess directory false otherwise</returns>
public Boolean UserHasAccessOnDirectory(string username, string path)
{
try
{
Boolean ap = false;
// System.Windows.Forms.MessageBox.Show("hi 2");
WhiteTigerService.conf.ReadConfig();
if (WhiteTigerService.pref.Filesecurity == true)
{
if ((username != null) || (path != null) || (Directory.Exists(path) != false))
{
DirectoryInfo dirinf = new DirectoryInfo(path);
System.Security.AccessControl.DirectorySecurity ds = dirinf.GetAccessControl();
AuthorizationRuleCollection aucol = ds.GetAccessRules(true, true,
typeof(System.Security.Principal.WindowsIdentity));
WindowsIdentity wi = new WindowsIdentity(username);
// System.Windows.Forms.MessageBox.Show("hi 1");
for (int i = 0; i < aucol.Count; i++)
{
FileSystemAccessRule drsac = (FileSystemAccessRule)aucol[i];
WindowsPrincipal pr = new WindowsPrincipal(wi);
if ((wi.User.Equals(drsac.IdentityReference) == true) || (pr.IsInRole((SecurityIdentifier)drsac.IdentityReference) == true))
{
//System.Windows.Forms.MessageBox.Show(wi.User.Value + "\n" + drsac.IdentityReference.Value);
ap = true;
break;
}
}
}
}
else
{
// System.Windows.Forms.MessageBox.Show("hi ");
ap = true;
}
return(ap);
}
catch (Exception e)
{
program.errorreport(e);
return(false);
}
}
/// <summary>
/// Removes all explicit access rules from the supplied directory.
/// </summary>
/// <param name="path">The path to the directory to have access removed on.</param>
/// <param name="security">The DirectorySecurity object of the directory that will be changed.</param>
/// <param name="commitChanges">Indicates whether changes should be commited to this directory. Useful when combining multiple commands.</param>
/// <returns>True if access was removed. False otherwise.</returns>
public static bool RemoveAllExplicitAccessRules(string path, ref DirectorySecurity security, bool commitChanges)
{
// Check whether the path and security object are supplied.
if (!string.IsNullOrEmpty(path) && security != null)
{
// Check whether the directory exists.
if (SystemDirectory.Exists(path))
{
// A path and security object are supplied.
// Remove existing explicit permissions.
security = GetSecurityObject(path);
AuthorizationRuleCollection rules = security.GetAccessRules(true, false, typeof(SecurityIdentifier));
foreach (AuthorizationRule rule in rules)
{
security.RemoveAccessRule((FileSystemAccessRule)rule);
}
// Commit the changes if necessary.
if (commitChanges)
{
try
{
SystemDirectory.SetAccessControl(path, security);
}
catch (UnauthorizedAccessException)
{
// The current process does not have access to the directory specified by path.
// Or the current process does not have sufficient privilege to set the ACL entry.
return false;
}
catch (PlatformNotSupportedException)
{
// The current operating system is not Windows 2000 or later.
return false;
}
}
return true;
}
else
{
// The directory does not exist.
return false;
}
}
else
{
// A path and security object were not supplied.
return false;
}
}