public int CompareTo(object obj)
{
var result = 1;
var sid1 = obj as Sid;
if (sid1 != null)
{
var s = sid1;
result = s.sid != null
? sid.CompareTo(s.sid)
: String.Compare(SecurityIdentifier.ToLowerInvariant(), s.SecurityIdentifier.ToLowerInvariant(),
StringComparison.Ordinal);
}
var identifier = obj as SecurityIdentifier;
if (identifier != null)
{
var s = identifier;
result = sid.CompareTo(s);
}
if ((obj != null) && ((obj is String) || obj is string))
{
var s = (String)obj;
if (!String.IsNullOrEmpty(s))
{
result = String.Compare(SecurityIdentifier.ToLowerInvariant(), s.ToLowerInvariant(),
StringComparison.Ordinal);
}
}
return(result);
}
public bool ValidateFolderPermissions(String windowsAccount, FileSystemRights fileSystemRights, DirectoryInfo folder)
{
try
{
var dSecurity = folder.GetAccessControl();
foreach (FileSystemAccessRule rule in dSecurity.GetAccessRules(true, false, typeof(SecurityIdentifier)))
{
var sid = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null);
if (sid.CompareTo(rule.IdentityReference as SecurityIdentifier) == 0)
{
if (fileSystemRights == rule.FileSystemRights)
{
return(true); // Validation complete
}
}
}
return(false);
}
catch (Exception ex)
{
string msg = "Error validating permissions set on " + folder.FullName + " for the Account \"" + windowsAccount + "\"";
Logger.ReportException(msg, ex);
MessageBox.Show(msg);
return(false);
}
}
public override bool Equals(object obj)
{
if (obj == null)
{
return(false);
}
if (this.GetType() != obj.GetType())
{
return(false);
}
Account other = (Account)obj;
SecurityIdentifier lSid = new SecurityIdentifier(m_Sid.BinarySid, 0);
SecurityIdentifier rSid = new SecurityIdentifier(other.m_Sid.BinarySid, 0);
return(lSid.CompareTo(rSid) == 0);
}
public int CompareTo(object obj)
{
const int result = 1;
var user = obj as User;
if (user != null)
{
var u = user;
if (u.Sid != null)
{
return(Sid.CompareTo(u.Sid));
}
return(!string.IsNullOrWhiteSpace(u.Guid.ToString())
? Guid.CompareTo(u.Guid)
: String.Compare(Cn, u.Cn, StringComparison.Ordinal));
}
return(result);
}
private bool CanReadDirectory(string folder, string user)
{
bool hasAccess = false;
//Step 1. Get the user
NTAccount acc = new NTAccount(user);
SecurityIdentifier secId = acc.Translate(typeof(SecurityIdentifier)) as SecurityIdentifier;
DirectorySecurity dirSec = Directory.GetAccessControl(folder);
//Step 2. Get directory permission details for each user/group
AuthorizationRuleCollection authRules = dirSec.GetAccessRules(true, true, typeof(SecurityIdentifier));
foreach (FileSystemAccessRule ar in authRules)
{
if (secId.CompareTo(ar.IdentityReference as SecurityIdentifier) == 0)
{
var fileSystemRights = ar.FileSystemRights;
// *** ERROR: BRÜCKSICHTIGT NICHT DASS DENY ALLE ANDEREN RECHTE ÜBERSTIMMT **************************
//Step 3. Check file system rights here, read / write as required
if ((fileSystemRights == FileSystemRights.Read ||
fileSystemRights == FileSystemRights.ReadAndExecute ||
fileSystemRights == FileSystemRights.ReadData ||
fileSystemRights == FileSystemRights.ListDirectory) && (ar.AccessControlType != AccessControlType.Deny))
{
hasAccess = true;
}
if ((fileSystemRights == (FileSystemRights.ReadAndExecute | FileSystemRights.Synchronize)) && (ar.AccessControlType != AccessControlType.Deny))
{
hasAccess = true;
}
// DENY übersteuert alle anderen Rechte
if (ar.AccessControlType == AccessControlType.Deny)
{
hasAccess = false;
break;
}
}
}
return(hasAccess);
}
/// <summary>
/// Method to check whther user has the permission to read/write the file or not.
/// </summary>
/// <param name="folderName"></param>
/// <param name="userNetworkLoginName"></param>
/// <returns></returns>
public static bool HasWriteAccessToFolder(string folderName, string userNetworkLoginName)
{
object obj = new object();
NTAccount acc = new NTAccount(userNetworkLoginName);
SecurityIdentifier secId = acc.Translate(typeof(SecurityIdentifier)) as SecurityIdentifier;
DirectoryInfo dInfo = new DirectoryInfo(folderName);
DirectorySecurity dSecurity = dInfo.GetAccessControl();
AuthorizationRuleCollection rules = dSecurity.GetAccessRules(true, true, typeof(SecurityIdentifier));
foreach (FileSystemAccessRule ar in rules)
{
if (secId.CompareTo(ar.IdentityReference as SecurityIdentifier) == 0)
{
if (ar.FileSystemRights.ToString().Contains("Write") || ar.FileSystemRights.ToString().Contains("Modify") || ar.FileSystemRights.ToString().Contains("FullControl"))
{
return(true);
}
}
}
return(false);
}
public void CompareToNull()
{
SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null);
sid.CompareTo((SecurityIdentifier)null);
}