public static IEnumerable <FileSystemAuditRule2> GetFileSystemAuditRules(FileSystemSecurity2 sd, bool includeExplicit, bool includeInherited, bool getInheritedFrom = false)
{
List <FileSystemAuditRule2> aceList = new List <FileSystemAuditRule2>();
List <string> inheritedFrom = null;
if (getInheritedFrom)
{
inheritedFrom = Win32.GetInheritedFrom(sd.Item, sd.SecurityDescriptor);
}
var aceCounter = 0;
var acl = !sd.IsFile ?
((DirectorySecurity)sd.SecurityDescriptor).GetAuditRules(includeExplicit, includeInherited, typeof(SecurityIdentifier)) :
((FileSecurity)sd.SecurityDescriptor).GetAuditRules(includeExplicit, includeInherited, typeof(SecurityIdentifier));
foreach (FileSystemAuditRule ace in acl)
{
var ace2 = new FileSystemAuditRule2(ace)
{
FullName = sd.Item.FullName, InheritanceEnabled = !sd.SecurityDescriptor.AreAccessRulesProtected
};
if (getInheritedFrom)
{
ace2.inheritedFrom = string.IsNullOrEmpty(inheritedFrom[aceCounter]) ? "" : inheritedFrom[aceCounter].Substring(0, inheritedFrom[aceCounter].Length - 1);
aceCounter++;
}
aceList.Add(ace2);
}
return(aceList);
}
public static void AddFileSystemAuditRule(FileSystemAuditRule2 rule)
{
AddFileSystemAuditRule(rule.fullName,
rule.Account,
rule.AccessRights,
rule.AuditFlags,
rule.InheritanceFlags,
rule.PropagationFlags);
}
public static FileSystemAuditRule2 AddFileSystemAuditRule(FileSystemSecurity2 sd, IdentityReference2 account, FileSystemRights2 rights, AuditFlags type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
{
FileSystemAuditRule2 ace = null;
if (sd.IsFile)
{
ace = (FileSystemAuditRule)sd.SecurityDescriptor.AuditRuleFactory(account, (int)rights, false, InheritanceFlags.None, PropagationFlags.None, type);
((FileSecurity)sd.SecurityDescriptor).AddAuditRule(ace);
}
else
{
ace = (FileSystemAuditRule)sd.SecurityDescriptor.AuditRuleFactory(account, (int)rights, false, inheritanceFlags, propagationFlags, type);
((DirectorySecurity)sd.SecurityDescriptor).AddAuditRule(ace);
}
return(ace);
}
