private void File_SetAccessControl(bool isNetwork) { using (var tempRoot = new TemporaryDirectory(isNetwork)) { var file = tempRoot.CreateFile(); Console.WriteLine("Input File Path: [{0}]", file.FullName); var sysIO = System.IO.File.GetAccessControl(file.FullName); var sysIOaccessRules = sysIO.GetAccessRules(true, true, typeof(NTAccount)); var alphaFS = Alphaleonis.Win32.Filesystem.File.GetAccessControl(file.FullName); var alphaFSaccessRules = alphaFS.GetAccessRules(true, true, typeof(NTAccount)); Console.WriteLine("\n\tSystem.IO rules found: [{0}]\n\tAlphaFS rules found : [{1}]", sysIOaccessRules.Count, alphaFSaccessRules.Count); Assert.AreEqual(sysIOaccessRules.Count, alphaFSaccessRules.Count); // Sanity check. UnitTestConstants.TestAccessRules(sysIO, alphaFS); // Remove inherited properties. // Passing true for first parameter protects the new permission from inheritance, // and second parameter removes the existing inherited permissions Console.WriteLine("\n\tRemove inherited properties and persist it."); alphaFS.SetAccessRuleProtection(true, false); Alphaleonis.Win32.Filesystem.File.SetAccessControl(file.FullName, alphaFS, AccessControlSections.Access); // Re-read, using instance methods. var sysIOfi = new System.IO.FileInfo(file.FullName); var alphaFSfi = new Alphaleonis.Win32.Filesystem.FileInfo(file.FullName); sysIO = sysIOfi.GetAccessControl(AccessControlSections.Access); alphaFS = alphaFSfi.GetAccessControl(AccessControlSections.Access); // Sanity check. UnitTestConstants.TestAccessRules(sysIO, alphaFS); // Restore inherited properties. Console.WriteLine("\n\tRestore inherited properties and persist it."); alphaFS.SetAccessRuleProtection(false, true); Alphaleonis.Win32.Filesystem.File.SetAccessControl(file.FullName, alphaFS, AccessControlSections.Access); // Re-read. sysIO = System.IO.File.GetAccessControl(file.FullName, AccessControlSections.Access); alphaFS = Alphaleonis.Win32.Filesystem.File.GetAccessControl(file.FullName, AccessControlSections.Access); // Sanity check. UnitTestConstants.TestAccessRules(sysIO, alphaFS); } }
//Returns the filename if successfull otherwise null public static string RetrieveFileSecuritySDDL(string strFilePath, TextBox tbSecurityInfo) { string strFullFileName = strFilePath; try { System.IO.FileInfo fiSelectedFile = new System.IO.FileInfo(strFullFileName); System.Security.AccessControl.FileSecurity fsSelectedFile = fiSelectedFile.GetAccessControl(); tbSecurityInfo.Text = fiSelectedFile.FullName + "\r\n"; tbSecurityInfo.Text += fsSelectedFile.GetSecurityDescriptorSddlForm(System.Security.AccessControl.AccessControlSections.All); } catch (Exception eFailure) { Console.WriteLine(eFailure.Data.ToString()); return(null); } return(strFullFileName); }
public FileSystemFile(FileSystemDirectory directory, System.IO.FileInfo file) { this.Directory = directory; // alle filenames in lowercase! this.Name = file.Name.ToLower(); this.Extension = file.Extension.ToLower(); this.Size = file.Length; this.DateCreate = file.CreationTime; this.DateWrite = file.LastWriteTime; this.DateAccess = file.LastAccessTime; System.Security.Principal.SecurityIdentifier sid = null; try { System.Security.AccessControl.FileSecurity fileSecurity = file.GetAccessControl(); sid = fileSecurity.GetOwner(typeof(System.Security.Principal.SecurityIdentifier)) as System.Security.Principal.SecurityIdentifier; System.Security.Principal.NTAccount ntAccount = sid.Translate(typeof(System.Security.Principal.NTAccount)) as System.Security.Principal.NTAccount; this.Owner = ntAccount.Value; } catch (System.Security.Principal.IdentityNotMappedException ex) { if (sid != null) { this.Owner = sid.ToString(); } else { this.Owner = "unknown"; } } catch (Exception ex) { this.Owner = "error:" + ex.ToString(); } }
/// <span class="code-SummaryComment"><summary></span> /// Supply the path to the file or directory and a user or group. /// Access checks are done /// during instantiation to ensure we always have a valid object /// <span class="code-SummaryComment"></summary></span> /// <span class="code-SummaryComment"><param name="path"></param></span> /// <span class="code-SummaryComment"><param name="principal"></param></span> public UserFileAccessRights(string path, System.Security.Principal.WindowsIdentity principal) { this._path = path; this._principal = principal; try { System.IO.FileInfo fi = new System.IO.FileInfo(_path); AuthorizationRuleCollection acl = fi.GetAccessControl().GetAccessRules (true, true, typeof(SecurityIdentifier)); for (int i = 0; i < acl.Count; i++) { System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i]; if (_principal.User.Equals(rule.IdentityReference)) { if (System.Security.AccessControl.AccessControlType.Deny.Equals (rule.AccessControlType)) { if (contains(FileSystemRights.AppendData, rule)) { _denyAppendData = true; } if (contains(FileSystemRights.ChangePermissions, rule)) { _denyChangePermissions = true; } if (contains(FileSystemRights.CreateDirectories, rule)) { _denyCreateDirectories = true; } if (contains(FileSystemRights.CreateFiles, rule)) { _denyCreateFiles = true; } if (contains(FileSystemRights.Delete, rule)) { _denyDelete = true; } if (contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) { _denyDeleteSubdirectoriesAndFiles = true; } if (contains(FileSystemRights.ExecuteFile, rule)) { _denyExecuteFile = true; } if (contains(FileSystemRights.FullControl, rule)) { _denyFullControl = true; } if (contains(FileSystemRights.ListDirectory, rule)) { _denyListDirectory = true; } if (contains(FileSystemRights.Modify, rule)) { _denyModify = true; } if (contains(FileSystemRights.Read, rule)) { _denyRead = true; } if (contains(FileSystemRights.ReadAndExecute, rule)) { _denyReadAndExecute = true; } if (contains(FileSystemRights.ReadAttributes, rule)) { _denyReadAttributes = true; } if (contains(FileSystemRights.ReadData, rule)) { _denyReadData = true; } if (contains(FileSystemRights.ReadExtendedAttributes, rule)) { _denyReadExtendedAttributes = true; } if (contains(FileSystemRights.ReadPermissions, rule)) { _denyReadPermissions = true; } if (contains(FileSystemRights.Synchronize, rule)) { _denySynchronize = true; } if (contains(FileSystemRights.TakeOwnership, rule)) { _denyTakeOwnership = true; } if (contains(FileSystemRights.Traverse, rule)) { _denyTraverse = true; } if (contains(FileSystemRights.Write, rule)) { _denyWrite = true; } if (contains(FileSystemRights.WriteAttributes, rule)) { _denyWriteAttributes = true; } if (contains(FileSystemRights.WriteData, rule)) { _denyWriteData = true; } if (contains(FileSystemRights.WriteExtendedAttributes, rule)) { _denyWriteExtendedAttributes = true; } } else if (System.Security.AccessControl.AccessControlType. Allow.Equals(rule.AccessControlType)) { if (contains(FileSystemRights.AppendData, rule)) { _allowAppendData = true; } if (contains(FileSystemRights.ChangePermissions, rule)) { _allowChangePermissions = true; } if (contains(FileSystemRights.CreateDirectories, rule)) { _allowCreateDirectories = true; } if (contains(FileSystemRights.CreateFiles, rule)) { _allowCreateFiles = true; } if (contains(FileSystemRights.Delete, rule)) { _allowDelete = true; } if (contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) { _allowDeleteSubdirectoriesAndFiles = true; } if (contains(FileSystemRights.ExecuteFile, rule)) { _allowExecuteFile = true; } if (contains(FileSystemRights.FullControl, rule)) { _allowFullControl = true; } if (contains(FileSystemRights.ListDirectory, rule)) { _allowListDirectory = true; } if (contains(FileSystemRights.Modify, rule)) { _allowModify = true; } if (contains(FileSystemRights.Read, rule)) { _allowRead = true; } if (contains(FileSystemRights.ReadAndExecute, rule)) { _allowReadAndExecute = true; } if (contains(FileSystemRights.ReadAttributes, rule)) { _allowReadAttributes = true; } if (contains(FileSystemRights.ReadData, rule)) { _allowReadData = true; } if (contains(FileSystemRights.ReadExtendedAttributes, rule)) { _allowReadExtendedAttributes = true; } if (contains(FileSystemRights.ReadPermissions, rule)) { _allowReadPermissions = true; } if (contains(FileSystemRights.Synchronize, rule)) { _allowSynchronize = true; } if (contains(FileSystemRights.TakeOwnership, rule)) { _allowTakeOwnership = true; } if (contains(FileSystemRights.Traverse, rule)) { _allowTraverse = true; } if (contains(FileSystemRights.Write, rule)) { _allowWrite = true; } if (contains(FileSystemRights.WriteAttributes, rule)) { _allowWriteAttributes = true; } if (contains(FileSystemRights.WriteData, rule)) { _allowWriteData = true; } if (contains(FileSystemRights.WriteExtendedAttributes, rule)) { _allowWriteExtendedAttributes = true; } } } } IdentityReferenceCollection groups = _principal.Groups; for (int j = 0; j < groups.Count; j++) { for (int i = 0; i < acl.Count; i++) { System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i]; if (groups[j].Equals(rule.IdentityReference)) { if (System.Security.AccessControl.AccessControlType. Deny.Equals(rule.AccessControlType)) { if (contains(FileSystemRights.AppendData, rule)) { _denyAppendData = true; } if (contains(FileSystemRights.ChangePermissions, rule)) { _denyChangePermissions = true; } if (contains(FileSystemRights.CreateDirectories, rule)) { _denyCreateDirectories = true; } if (contains(FileSystemRights.CreateFiles, rule)) { _denyCreateFiles = true; } if (contains(FileSystemRights.Delete, rule)) { _denyDelete = true; } if (contains(FileSystemRights. DeleteSubdirectoriesAndFiles, rule)) { _denyDeleteSubdirectoriesAndFiles = true; } if (contains(FileSystemRights.ExecuteFile, rule)) { _denyExecuteFile = true; } if (contains(FileSystemRights.FullControl, rule)) { _denyFullControl = true; } if (contains(FileSystemRights.ListDirectory, rule)) { _denyListDirectory = true; } if (contains(FileSystemRights.Modify, rule)) { _denyModify = true; } if (contains(FileSystemRights.Read, rule)) { _denyRead = true; } if (contains(FileSystemRights.ReadAndExecute, rule)) { _denyReadAndExecute = true; } if (contains(FileSystemRights.ReadAttributes, rule)) { _denyReadAttributes = true; } if (contains(FileSystemRights.ReadData, rule)) { _denyReadData = true; } if (contains(FileSystemRights. ReadExtendedAttributes, rule)) { _denyReadExtendedAttributes = true; } if (contains(FileSystemRights.ReadPermissions, rule)) { _denyReadPermissions = true; } if (contains(FileSystemRights.Synchronize, rule)) { _denySynchronize = true; } if (contains(FileSystemRights.TakeOwnership, rule)) { _denyTakeOwnership = true; } if (contains(FileSystemRights.Traverse, rule)) { _denyTraverse = true; } if (contains(FileSystemRights.Write, rule)) { _denyWrite = true; } if (contains(FileSystemRights.WriteAttributes, rule)) { _denyWriteAttributes = true; } if (contains(FileSystemRights.WriteData, rule)) { _denyWriteData = true; } if (contains(FileSystemRights. WriteExtendedAttributes, rule)) { _denyWriteExtendedAttributes = true; } } else if (System.Security.AccessControl.AccessControlType. Allow.Equals(rule.AccessControlType)) { if (contains(FileSystemRights.AppendData, rule)) { _allowAppendData = true; } if (contains(FileSystemRights.ChangePermissions, rule)) { _allowChangePermissions = true; } if (contains(FileSystemRights.CreateDirectories, rule)) { _allowCreateDirectories = true; } if (contains(FileSystemRights.CreateFiles, rule)) { _allowCreateFiles = true; } if (contains(FileSystemRights.Delete, rule)) { _allowDelete = true; } if (contains(FileSystemRights. DeleteSubdirectoriesAndFiles, rule)) { _allowDeleteSubdirectoriesAndFiles = true; } if (contains(FileSystemRights.ExecuteFile, rule)) { _allowExecuteFile = true; } if (contains(FileSystemRights.FullControl, rule)) { _allowFullControl = true; } if (contains(FileSystemRights.ListDirectory, rule)) { _allowListDirectory = true; } if (contains(FileSystemRights.Modify, rule)) { _allowModify = true; } if (contains(FileSystemRights.Read, rule)) { _allowRead = true; } if (contains(FileSystemRights.ReadAndExecute, rule)) { _allowReadAndExecute = true; } if (contains(FileSystemRights.ReadAttributes, rule)) { _allowReadAttributes = true; } if (contains(FileSystemRights.ReadData, rule)) { _allowReadData = true; } if (contains(FileSystemRights. ReadExtendedAttributes, rule)) { _allowReadExtendedAttributes = true; } if (contains(FileSystemRights.ReadPermissions, rule)) { _allowReadPermissions = true; } if (contains(FileSystemRights.Synchronize, rule)) { _allowSynchronize = true; } if (contains(FileSystemRights.TakeOwnership, rule)) { _allowTakeOwnership = true; } if (contains(FileSystemRights.Traverse, rule)) { _allowTraverse = true; } if (contains(FileSystemRights.Write, rule)) { _allowWrite = true; } if (contains(FileSystemRights.WriteAttributes, rule)) { _allowWriteAttributes = true; } if (contains(FileSystemRights.WriteData, rule)) { _allowWriteData = true; } if (contains(FileSystemRights.WriteExtendedAttributes, rule)) { _allowWriteExtendedAttributes = true; } } } } } } catch (Exception e) { //Deal with IO exceptions if you want throw e; } }
/// <summary> /// Gets a FileSecurity object that encapsulates the access control list (ACL) entries for the file described by the current FileInfo object. /// </summary> /// <returns></returns> /// <exception cref="System.IO.IOException">An I/O error occurred while opening the file.</exception> /// <exception cref="System.PlatformNotSupportedException">The current operating system is not Microsoft Windows 2000 or later.</exception> /// <exception cref="System.Security.AccessControl.PrivilegeNotHeldException">The current system account does not have administrative privileges.</exception> /// <exception cref="System.SystemException">The file could not be found.</exception> /// <exception cref="System.UnauthorizedAccessException"> /// This operation is not supported on the current platform. /// -or- /// The caller does not have the required permission.</exception> public System.Security.AccessControl.FileSecurity GetAccessControl() { return(_fileInfo.GetAccessControl()); }
public System.Security.AccessControl.FileSecurity GetAccessControl() { return(inner.GetAccessControl()); }
/// <summary> /// Supply the path to the file or directory and a user or group. /// Access checks are done /// during instantiation to ensure we always have a valid object /// </summary> /// <param name="path"></param> /// <param name="principal"></param> public CheckUserFileAccessRights(string path, System.Security.Principal.WindowsIdentity principal) { this._path = path; this._principal = principal; try { System.IO.FileInfo fi = new System.IO.FileInfo(_path); AuthorizationRuleCollection acl = fi.GetAccessControl().GetAccessRules (true, true, typeof(SecurityIdentifier)); for (int i = 0; i < acl.Count; i++) { System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i]; if (_principal.User.Equals(rule.IdentityReference)) { if (System.Security.AccessControl.AccessControlType.Deny.Equals (rule.AccessControlType)) { AuthorizationDenyAccess(rule); } else if (System.Security.AccessControl.AccessControlType. Allow.Equals(rule.AccessControlType)) { AuthorizationAllowAccess(rule); } } } IdentityReferenceCollection groups = _principal.Groups; for (int j = 0; j < groups.Count; j++) { for (int i = 0; i < acl.Count; i++) { System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i]; if (groups[j].Equals(rule.IdentityReference)) { if (System.Security.AccessControl.AccessControlType. Deny.Equals(rule.AccessControlType)) { IdentityDenyAccess(rule); } else if (System.Security.AccessControl.AccessControlType. Allow.Equals(rule.AccessControlType)) { IdentityAllowAccess(rule); } } } } } catch (Exception e) { //Deal with IO exceptions if you want //throw e; AccessDenied(); } }
private void File_SetAccessControl(bool isNetwork) { UnitTestConstants.PrintUnitTestHeader(isNetwork); var tempPath = System.IO.Path.GetTempPath(); if (isNetwork) { tempPath = Alphaleonis.Win32.Filesystem.Path.LocalToUnc(tempPath); } using (var rootDir = new TemporaryDirectory(tempPath, "File.SetAccessControl")) { var file = rootDir.RandomFileFullPath + ".txt"; using (System.IO.File.Create(file)) {} var sysIO = System.IO.File.GetAccessControl(file); var sysIOaccessRules = sysIO.GetAccessRules(true, true, typeof(NTAccount)); var alphaFS = Alphaleonis.Win32.Filesystem.File.GetAccessControl(file); var alphaFSaccessRules = alphaFS.GetAccessRules(true, true, typeof(NTAccount)); Console.WriteLine("\nInput File Path: [{0}]", file); Console.WriteLine("\n\tSystem.IO rules found: [{0}]\n\tAlphaFS rules found : [{1}]", sysIOaccessRules.Count, alphaFSaccessRules.Count); Assert.AreEqual(sysIOaccessRules.Count, alphaFSaccessRules.Count); // Sanity check. UnitTestConstants.TestAccessRules(sysIO, alphaFS); // Remove inherited properties. // Passing true for first parameter protects the new permission from inheritance, // and second parameter removes the existing inherited permissions Console.WriteLine("\n\tRemove inherited properties and persist it."); alphaFS.SetAccessRuleProtection(true, false); Alphaleonis.Win32.Filesystem.File.SetAccessControl(file, alphaFS, AccessControlSections.Access); // Re-read, using instance methods. var sysIOfi = new System.IO.FileInfo(file); var alphaFSfi = new Alphaleonis.Win32.Filesystem.FileInfo(file); sysIO = sysIOfi.GetAccessControl(AccessControlSections.Access); alphaFS = alphaFSfi.GetAccessControl(AccessControlSections.Access); // Sanity check. UnitTestConstants.TestAccessRules(sysIO, alphaFS); // Restore inherited properties. Console.WriteLine("\n\tRestore inherited properties and persist it."); alphaFS.SetAccessRuleProtection(false, true); Alphaleonis.Win32.Filesystem.File.SetAccessControl(file, alphaFS, AccessControlSections.Access); // Re-read. sysIO = System.IO.File.GetAccessControl(file, AccessControlSections.Access); alphaFS = Alphaleonis.Win32.Filesystem.File.GetAccessControl(file, AccessControlSections.Access); // Sanity check. UnitTestConstants.TestAccessRules(sysIO, alphaFS); } }
/// <summary> /// Supply the path to the file or directory and a user or group. /// Access checks are done /// during instantiation to ensure we always have a valid object /// </summary> /// <param name="path"></param> /// <param name="principal"></param> public UserFileAccessRights(string path, System.Security.Principal.WindowsIdentity principal) { this._path = path; this._principal = principal; string username = _principal.Name; string domain = _principal.Name.Contains('\\') ? _principal.Name.Substring(0, _principal.Name.IndexOf('\\')) : ""; try { System.IO.FileInfo fi = new System.IO.FileInfo(_path); AuthorizationRuleCollection acl = fi.GetAccessControl().GetAccessRules (true, true, typeof(NTAccount)); for (int i = 0; i < acl.Count; i++) { System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i]; if (rule.IdentityReference.Value.ToLower() == username.ToLower()) { if (System.Security.AccessControl.AccessControlType.Deny.Equals (rule.AccessControlType)) { if (contains(FileSystemRights.AppendData, rule)) { _denyAppendData = true; } if (contains(FileSystemRights.CreateDirectories, rule)) { _denyCreateDirectories = true; } if (contains(FileSystemRights.CreateFiles, rule)) { _denyCreateFiles = true; } if (contains(FileSystemRights.Delete, rule)) { _denyDelete = true; } if (contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) { _denyDeleteSubdirectoriesAndFiles = true; } if (contains(FileSystemRights.ExecuteFile, rule)) { _denyExecuteFile = true; } if (contains(FileSystemRights.FullControl, rule)) { _denyFullControl = true; } if (contains(FileSystemRights.ListDirectory, rule)) { _denyListDirectory = true; } if (contains(FileSystemRights.Modify, rule)) { _denyModify = true; } if (contains(FileSystemRights.Read, rule)) { _denyRead = true; } if (contains(FileSystemRights.ReadAndExecute, rule)) { _denyReadAndExecute = true; } if (contains(FileSystemRights.ReadAttributes, rule)) { _denyReadAttributes = true; } if (contains(FileSystemRights.ReadData, rule)) { _denyReadData = true; } if (contains(FileSystemRights.ReadExtendedAttributes, rule)) { _denyReadExtendedAttributes = true; } if (contains(FileSystemRights.Traverse, rule)) { _denyTraverse = true; } if (contains(FileSystemRights.Write, rule)) { _denyWrite = true; } if (contains(FileSystemRights.WriteAttributes, rule)) { _denyWriteAttributes = true; } if (contains(FileSystemRights.WriteData, rule)) { _denyWriteData = true; } if (contains(FileSystemRights.WriteExtendedAttributes, rule)) { _denyWriteExtendedAttributes = true; } } else if (System.Security.AccessControl.AccessControlType. Allow.Equals(rule.AccessControlType)) { if (contains(FileSystemRights.AppendData, rule)) { _allowAppendData = true; } if (contains(FileSystemRights.CreateDirectories, rule)) { _allowCreateDirectories = true; } if (contains(FileSystemRights.CreateFiles, rule)) { _allowCreateFiles = true; } if (contains(FileSystemRights.Delete, rule)) { _allowDelete = true; } if (contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) { _allowDeleteSubdirectoriesAndFiles = true; } if (contains(FileSystemRights.ExecuteFile, rule)) { _allowExecuteFile = true; } if (contains(FileSystemRights.FullControl, rule)) { _allowFullControl = true; } if (contains(FileSystemRights.ListDirectory, rule)) { _allowListDirectory = true; } if (contains(FileSystemRights.Modify, rule)) { _allowModify = true; } if (contains(FileSystemRights.Read, rule)) { _allowRead = true; } if (contains(FileSystemRights.ReadAndExecute, rule)) { _allowReadAndExecute = true; } if (contains(FileSystemRights.ReadAttributes, rule)) { _allowReadAttributes = true; } if (contains(FileSystemRights.ReadData, rule)) { _allowReadData = true; } if (contains(FileSystemRights.ReadExtendedAttributes, rule)) { _allowReadExtendedAttributes = true; } if (contains(FileSystemRights.Traverse, rule)) { _allowTraverse = true; } if (contains(FileSystemRights.Write, rule)) { _allowWrite = true; } if (contains(FileSystemRights.WriteAttributes, rule)) { _allowWriteAttributes = true; } if (contains(FileSystemRights.WriteData, rule)) { _allowWriteData = true; } if (contains(FileSystemRights.WriteExtendedAttributes, rule)) { _allowWriteExtendedAttributes = true; } } } } string[] groups = Roles.GetRolesForUser(_principal.Name); for (int j = 0; j < groups.Length; j++) { for (int i = 0; i < acl.Count; i++) { System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i]; if (rule.IdentityReference.Value.ToLower().EndsWith(groups[j] == "Authenticated Users" || groups[j] == "Administrators" ? groups[j].ToLower() : (domain.ToLower() + '\\' + groups[j].ToLower()))) { if (System.Security.AccessControl.AccessControlType. Deny.Equals(rule.AccessControlType)) { if (contains(FileSystemRights.AppendData, rule)) { _denyAppendData = true; } if (contains(FileSystemRights.CreateDirectories, rule)) { _denyCreateDirectories = true; } if (contains(FileSystemRights.CreateFiles, rule)) { _denyCreateFiles = true; } if (contains(FileSystemRights.Delete, rule)) { _denyDelete = true; } if (contains(FileSystemRights. DeleteSubdirectoriesAndFiles, rule)) { _denyDeleteSubdirectoriesAndFiles = true; } if (contains(FileSystemRights.ExecuteFile, rule)) { _denyExecuteFile = true; } if (contains(FileSystemRights.FullControl, rule)) { _denyFullControl = true; } if (contains(FileSystemRights.ListDirectory, rule)) { _denyListDirectory = true; } if (contains(FileSystemRights.Modify, rule)) { _denyModify = true; } if (contains(FileSystemRights.Read, rule)) { _denyRead = true; } if (contains(FileSystemRights.ReadAndExecute, rule)) { _denyReadAndExecute = true; } if (contains(FileSystemRights.ReadAttributes, rule)) { _denyReadAttributes = true; } if (contains(FileSystemRights.ReadData, rule)) { _denyReadData = true; } if (contains(FileSystemRights.ReadExtendedAttributes, rule)) { _denyReadExtendedAttributes = true; } if (contains(FileSystemRights.Traverse, rule)) { _denyTraverse = true; } if (contains(FileSystemRights.Write, rule)) { _denyWrite = true; } if (contains(FileSystemRights.WriteAttributes, rule)) { _denyWriteAttributes = true; } if (contains(FileSystemRights.WriteData, rule)) { _denyWriteData = true; } if (contains(FileSystemRights. WriteExtendedAttributes, rule)) { _denyWriteExtendedAttributes = true; } } else if (System.Security.AccessControl.AccessControlType. Allow.Equals(rule.AccessControlType)) { if (contains(FileSystemRights.AppendData, rule)) { _allowAppendData = true; } if (contains(FileSystemRights.CreateDirectories, rule)) { _allowCreateDirectories = true; } if (contains(FileSystemRights.CreateFiles, rule)) { _allowCreateFiles = true; } if (contains(FileSystemRights.Delete, rule)) { _allowDelete = true; } if (contains(FileSystemRights. DeleteSubdirectoriesAndFiles, rule)) { _allowDeleteSubdirectoriesAndFiles = true; } if (contains(FileSystemRights.ExecuteFile, rule)) { _allowExecuteFile = true; } if (contains(FileSystemRights.FullControl, rule)) { _allowFullControl = true; } if (contains(FileSystemRights.ListDirectory, rule)) { _allowListDirectory = true; } if (contains(FileSystemRights.Modify, rule)) { _allowModify = true; } if (contains(FileSystemRights.Read, rule)) { _allowRead = true; } if (contains(FileSystemRights.ReadAndExecute, rule)) { _allowReadAndExecute = true; } if (contains(FileSystemRights.ReadAttributes, rule)) { _allowReadAttributes = true; } if (contains(FileSystemRights.ReadData, rule)) { _allowReadData = true; } if (contains(FileSystemRights. ReadExtendedAttributes, rule)) { _allowReadExtendedAttributes = true; } if (contains(FileSystemRights.Traverse, rule)) { _allowTraverse = true; } if (contains(FileSystemRights.Write, rule)) { _allowWrite = true; } if (contains(FileSystemRights.WriteAttributes, rule)) { _allowWriteAttributes = true; } if (contains(FileSystemRights.WriteData, rule)) { _allowWriteData = true; } if (contains(FileSystemRights.WriteExtendedAttributes, rule)) { _allowWriteExtendedAttributes = true; } } } } } } catch (Exception e) { //Deal with IO exceptions if you want throw e; } }
public UserAccessRights(string path, string UserId) { if ((!String.IsNullOrEmpty(UserId)) && !String.IsNullOrEmpty(path)) { NTAccount n = new NTAccount(UserId); _principalSid = (SecurityIdentifier)n.Translate(typeof(SecurityIdentifier)); this._path = path; System.IO.FileInfo fi = new System.IO.FileInfo(_path); AuthorizationRuleCollection acl = fi.GetAccessControl().GetAccessRules(true, true, typeof(SecurityIdentifier)); for (int i = 0; i < acl.Count; i++) { System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i]; if (_principalSid.Equals(rule.IdentityReference)) { if (System.Security.AccessControl.AccessControlType.Deny.Equals(rule.AccessControlType)) { if (Contains(FileSystemRights.AppendData, rule)) { _denyAppendData = true; } if (Contains(FileSystemRights.ChangePermissions, rule)) { _denyChangePermissions = true; } if (Contains(FileSystemRights.CreateDirectories, rule)) { _denyCreateDirectories = true; } if (Contains(FileSystemRights.CreateFiles, rule)) { _denyCreateFiles = true; } if (Contains(FileSystemRights.Delete, rule)) { _denyDelete = true; } if (Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) { _denyDeleteSubdirectoriesAndFiles = true; } if (Contains(FileSystemRights.ExecuteFile, rule)) { _denyExecuteFile = true; } if (Contains(FileSystemRights.FullControl, rule)) { _denyFullControl = true; } if (Contains(FileSystemRights.ListDirectory, rule)) { _denyListDirectory = true; } if (Contains(FileSystemRights.Modify, rule)) { _denyModify = true; } if (Contains(FileSystemRights.Read, rule)) { _denyRead = true; } if (Contains(FileSystemRights.ReadAndExecute, rule)) { _denyReadAndExecute = true; } if (Contains(FileSystemRights.ReadAttributes, rule)) { _denyReadAttributes = true; } if (Contains(FileSystemRights.ReadData, rule)) { _denyReadData = true; } if (Contains(FileSystemRights.ReadExtendedAttributes, rule)) { _denyReadExtendedAttributes = true; } if (Contains(FileSystemRights.ReadPermissions, rule)) { _denyReadPermissions = true; } if (Contains(FileSystemRights.Synchronize, rule)) { _denySynchronize = true; } if (Contains(FileSystemRights.TakeOwnership, rule)) { _denyTakeOwnership = true; } if (Contains(FileSystemRights.Traverse, rule)) { _denyTraverse = true; } if (Contains(FileSystemRights.Write, rule)) { _denyWrite = true; } if (Contains(FileSystemRights.WriteAttributes, rule)) { _denyWriteAttributes = true; } if (Contains(FileSystemRights.WriteData, rule)) { _denyWriteData = true; } if (Contains(FileSystemRights.WriteExtendedAttributes, rule)) { _denyWriteExtendedAttributes = true; } } else if (System.Security.AccessControl.AccessControlType.Allow.Equals(rule.AccessControlType)) { if (Contains(FileSystemRights.AppendData, rule)) { _allowAppendData = true; } if (Contains(FileSystemRights.ChangePermissions, rule)) { _allowChangePermissions = true; } if (Contains(FileSystemRights.CreateDirectories, rule)) { _allowCreateDirectories = true; } if (Contains(FileSystemRights.CreateFiles, rule)) { _allowCreateFiles = true; } if (Contains(FileSystemRights.Delete, rule)) { _allowDelete = true; } if (Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) { _allowDeleteSubdirectoriesAndFiles = true; } if (Contains(FileSystemRights.ExecuteFile, rule)) { _allowExecuteFile = true; } if (Contains(FileSystemRights.FullControl, rule)) { _allowFullControl = true; } if (Contains(FileSystemRights.ListDirectory, rule)) { _allowListDirectory = true; } if (Contains(FileSystemRights.Modify, rule)) { _allowModify = true; } if (Contains(FileSystemRights.Read, rule)) { _allowRead = true; } if (Contains(FileSystemRights.ReadAndExecute, rule)) { _allowReadAndExecute = true; } if (Contains(FileSystemRights.ReadAttributes, rule)) { _allowReadAttributes = true; } if (Contains(FileSystemRights.ReadData, rule)) { _allowReadData = true; } if (Contains(FileSystemRights.ReadExtendedAttributes, rule)) { _allowReadExtendedAttributes = true; } if (Contains(FileSystemRights.ReadPermissions, rule)) { _allowReadPermissions = true; } if (Contains(FileSystemRights.Synchronize, rule)) { _allowSynchronize = true; } if (Contains(FileSystemRights.TakeOwnership, rule)) { _allowTakeOwnership = true; } if (Contains(FileSystemRights.Traverse, rule)) { _allowTraverse = true; } if (Contains(FileSystemRights.Write, rule)) { _allowWrite = true; } if (Contains(FileSystemRights.WriteAttributes, rule)) { _allowWriteAttributes = true; } if (Contains(FileSystemRights.WriteData, rule)) { _allowWriteData = true; } if (Contains(FileSystemRights.WriteExtendedAttributes, rule)) { _allowWriteExtendedAttributes = true; } } } } /* * IdentityReferenceCollection groups = _principal.Groups; * for (int j = 0; j < groups.Count; j++) * { * for (int i = 0; i < acl.Count; i++) * { * System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i]; * if (groups[j].Equals(rule.IdentityReference)) * { * if (System.Security.AccessControl.AccessControlType.Deny.Equals(rule.AccessControlType)) * { * if (Contains(FileSystemRights.AppendData, rule)) _denyAppendData = true; * if (Contains(FileSystemRights.ChangePermissions, rule)) _denyChangePermissions = true; * if (Contains(FileSystemRights.CreateDirectories, rule)) _denyCreateDirectories = true; * if (Contains(FileSystemRights.CreateFiles, rule)) _denyCreateFiles = true; * if (Contains(FileSystemRights.Delete, rule)) _denyDelete = true; * if (Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) _denyDeleteSubdirectoriesAndFiles = true; * if (Contains(FileSystemRights.ExecuteFile, rule)) _denyExecuteFile = true; * if (Contains(FileSystemRights.FullControl, rule)) _denyFullControl = true; * if (Contains(FileSystemRights.ListDirectory, rule)) _denyListDirectory = true; * if (Contains(FileSystemRights.Modify, rule)) _denyModify = true; * if (Contains(FileSystemRights.Read, rule)) _denyRead = true; * if (Contains(FileSystemRights.ReadAndExecute, rule)) _denyReadAndExecute = true; * if (Contains(FileSystemRights.ReadAttributes, rule)) _denyReadAttributes = true; * if (Contains(FileSystemRights.ReadData, rule)) _denyReadData = true; * if (Contains(FileSystemRights.ReadExtendedAttributes, rule)) _denyReadExtendedAttributes = true; * if (Contains(FileSystemRights.ReadPermissions, rule)) _denyReadPermissions = true; * if (Contains(FileSystemRights.Synchronize, rule)) _denySynchronize = true; * if (Contains(FileSystemRights.TakeOwnership, rule)) _denyTakeOwnership = true; * if (Contains(FileSystemRights.Traverse, rule)) _denyTraverse = true; * if (Contains(FileSystemRights.Write, rule)) _denyWrite = true; * if (Contains(FileSystemRights.WriteAttributes, rule)) _denyWriteAttributes = true; * if (Contains(FileSystemRights.WriteData, rule)) _denyWriteData = true; * if (Contains(FileSystemRights.WriteExtendedAttributes, rule)) _denyWriteExtendedAttributes = true; * } * else if (System.Security.AccessControl.AccessControlType.Allow.Equals(rule.AccessControlType)) * { * if (Contains(FileSystemRights.AppendData, rule)) _allowAppendData = true; * if (Contains(FileSystemRights.ChangePermissions, rule)) _allowChangePermissions = true; * if (Contains(FileSystemRights.CreateDirectories, rule)) _allowCreateDirectories = true; * if (Contains(FileSystemRights.CreateFiles, rule)) _allowCreateFiles = true; * if (Contains(FileSystemRights.Delete, rule)) _allowDelete = true; * if (Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule)) _allowDeleteSubdirectoriesAndFiles = true; * if (Contains(FileSystemRights.ExecuteFile, rule)) _allowExecuteFile = true; * if (Contains(FileSystemRights.FullControl, rule)) _allowFullControl = true; * if (Contains(FileSystemRights.ListDirectory, rule)) _allowListDirectory = true; * if (Contains(FileSystemRights.Modify, rule)) _allowModify = true; * if (Contains(FileSystemRights.Read, rule)) _allowRead = true; * if (Contains(FileSystemRights.ReadAndExecute, rule)) _allowReadAndExecute = true; * if (Contains(FileSystemRights.ReadAttributes, rule)) _allowReadAttributes = true; * if (Contains(FileSystemRights.ReadData, rule)) _allowReadData = true; * if (Contains(FileSystemRights.ReadExtendedAttributes, rule)) _allowReadExtendedAttributes = true; * if (Contains(FileSystemRights.ReadPermissions, rule)) _allowReadPermissions = true; * if (Contains(FileSystemRights.Synchronize, rule)) _allowSynchronize = true; * if (Contains(FileSystemRights.TakeOwnership, rule)) _allowTakeOwnership = true; * if (Contains(FileSystemRights.Traverse, rule)) _allowTraverse = true; * if (Contains(FileSystemRights.Write, rule)) _allowWrite = true; * if (Contains(FileSystemRights.WriteAttributes, rule)) _allowWriteAttributes = true; * if (Contains(FileSystemRights.WriteData, rule)) _allowWriteData = true; * if (Contains(FileSystemRights.WriteExtendedAttributes, rule)) _allowWriteExtendedAttributes = true; * } * } * } * } */ } }
/// <summary> /// Supply the path to the file or directory and a user or group. /// Access checks are done /// during instantiation to ensure we always have a valid object /// </summary> /// <param name="path"></param> /// <param name="principal"></param> public CheckUserFileAccessRights(string path, System.Security.Principal.WindowsIdentity principal) { this._path = path; this._principal = principal; try { System.IO.FileInfo fi = new System.IO.FileInfo(_path); AuthorizationRuleCollection acl = fi.GetAccessControl().GetAccessRules (true, true, typeof(SecurityIdentifier)); for (int i = 0; i < acl.Count; i++) { System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i]; if (_principal.User.Equals(rule.IdentityReference)) { if (System.Security.AccessControl.AccessControlType.Deny.Equals (rule.AccessControlType)) { AuthorizationDenyAccess(rule); } else if (System.Security.AccessControl.AccessControlType. Allow.Equals(rule.AccessControlType)) { AuthorizationAllowAccess(rule); } } } IdentityReferenceCollection groups = _principal.Groups; for (int j = 0; j < groups.Count; j++) { for (int i = 0; i < acl.Count; i++) { System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i]; if (groups[j].Equals(rule.IdentityReference)) { if (System.Security.AccessControl.AccessControlType. Deny.Equals(rule.AccessControlType)) { IdentityDenyAccess(rule); } else if (System.Security.AccessControl.AccessControlType. Allow.Equals(rule.AccessControlType)) { IdentityAllowAccess(rule); } } } } } catch (Exception e) { //Deal with IO exceptions if you want //throw e; Console.WriteLine(e.Message); AccessDenied(); } }