public static void RemoveFileSystemAuditRule(FileSystemInfo item, IdentityReference2 account, FileSystemRights2 rights, AuditFlags type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { FileSystemAuditRule ace = null; if (item is FileInfo) { var file = (FileInfo)item; var sd = file.GetAccessControl(AccessControlSections.Audit); ace = (FileSystemAuditRule)sd.AuditRuleFactory(account, (int)rights, false, inheritanceFlags, propagationFlags, type); sd.RemoveAuditRule(ace); file.SetAccessControl(sd); } else { DirectoryInfo directory = (DirectoryInfo)item; var sd = directory.GetAccessControl(AccessControlSections.Audit); ace = (FileSystemAuditRule)sd.AuditRuleFactory(account, (int)rights, false, inheritanceFlags, propagationFlags, type); sd.RemoveAuditRule(ace); directory.SetAccessControl(sd); } }
public SimpleFileSystemAccessRule(string path, IdentityReference2 account, FileSystemRights2 access, AccessControlType accessControlType) { fullName = path; accessRights = access; identity = account; type = accessControlType; }
public int GetEffectiveAccess(ObjectSecurity sd, IdentityReference2 identity, string serverName, out bool remoteServerAvailable, out Exception authzException) { int effectiveAccess = 0; remoteServerAvailable = false; authzException = null; try { GetEffectivePermissions_AuthzInitializeResourceManager(serverName, out remoteServerAvailable); try { GetEffectivePermissions_AuthzInitializeContextFromSid(identity); effectiveAccess = GetEffectivePermissions_AuthzAccessCheck(sd); } catch (Exception ex) { authzException = ex; } } catch { } finally { GetEffectivePermissions_FreeResouces(); } return(effectiveAccess); }
public static void SetOwner(FileSystemInfo item, IdentityReference2 account) { var sd = new FileSystemSecurity2(item, AccessControlSections.Owner); SetOwner(sd, account); sd.Write(); }
public override bool Equals(object obj) { //Instance cannot be null if (ReferenceEquals(obj, null)) { return(false); } //Instances are equal if (ReferenceEquals(this, obj)) { return(true); } SecurityIdentifier sid = obj as SecurityIdentifier; if (sid != null) { return(this.sid == sid); } var ntAccount = obj as NTAccount; if (ntAccount != null) { return(this.ntAccount == ntAccount); } IdentityReference2 ir2 = obj as IdentityReference2; if (ir2 != null) { return(this.sid == ir2.sid); } string value = obj as string; if (value != null) { if (this.sid.Value == value) { return(true); } if (this.ntAccount != null) { if (this.ntAccount.Value.ToLower() == value.ToLower()) { return(true); } } } return(false); }
public static void RemoveFileSystemAccessRule(string path, IdentityReference2 account, FileSystemRights2 rights, AccessControlType type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, bool removeSpecific = false) { if (File.Exists(path)) { var item = new FileInfo(path); RemoveFileSystemAccessRule(item, account, rights, type, inheritanceFlags, propagationFlags, removeSpecific); } else { var item = new DirectoryInfo(path); RemoveFileSystemAccessRule(item, account, rights, type, inheritanceFlags, propagationFlags, removeSpecific); } }
public static void RemoveFileSystemAuditRule(string path, IdentityReference2 account, FileSystemRights2 rights, AuditFlags type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { if (File.Exists(path)) { var item = new FileInfo(path); RemoveFileSystemAuditRule(item, account, rights, type, inheritanceFlags, propagationFlags); } else { var item = new DirectoryInfo(path); RemoveFileSystemAuditRule(item, account, rights, type, inheritanceFlags, propagationFlags); } }
public static FileSystemAuditRule2 AddFileSystemAuditRule(string path, IdentityReference2 account, FileSystemRights2 rights, AuditFlags type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { FileSystemAuditRule ace = null; if (File.Exists(path)) { var item = new FileInfo(path); ace = AddFileSystemAuditRule(item, account, rights, type, inheritanceFlags, propagationFlags); } else { var item = new DirectoryInfo(path); ace = AddFileSystemAuditRule(item, account, rights, type, inheritanceFlags, propagationFlags); } return(ace); }
public static void RemoveFileSystemAccessRule(FileSystemInfo item, IdentityReference2 account, FileSystemRights2 rights, AccessControlType type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, bool removeSpecific = false) { if (type == AccessControlType.Allow) { rights = rights | FileSystemRights2.Synchronize; } FileSystemAccessRule ace = null; if (item as FileInfo != null) { var file = (FileInfo)item; var sd = file.GetAccessControl(AccessControlSections.Access); ace = (FileSystemAccessRule)sd.AccessRuleFactory(account, (int)rights, false, inheritanceFlags, propagationFlags, type); if (removeSpecific) { sd.RemoveAccessRuleSpecific(ace); } else { sd.RemoveAccessRule(ace); } file.SetAccessControl(sd); } else { DirectoryInfo directory = (DirectoryInfo)item; var sd = directory.GetAccessControl(AccessControlSections.Access); ace = (FileSystemAccessRule)sd.AccessRuleFactory(account, (int)rights, false, inheritanceFlags, propagationFlags, type); if (removeSpecific) { sd.RemoveAccessRuleSpecific(ace); } else { sd.RemoveAccessRule(ace); } directory.SetAccessControl(sd); } }
public static EffectiveAccessInfo GetEffectiveAccess(FileSystemInfo item, IdentityReference2 id, string serverName) { bool remoteServerAvailable = false; Exception authzAccessCheckException = null; var win32 = new Win32(); var fss = new FileSystemSecurity2(item); var effectiveAccessMask = win32.GetEffectiveAccess(fss.SecurityDescriptor, id, serverName, out remoteServerAvailable, out authzAccessCheckException); var ace = new FileSystemAccessRule((SecurityIdentifier)id, (FileSystemRights)effectiveAccessMask, AccessControlType.Allow); return(new EffectiveAccessInfo( new FileSystemAccessRule2(ace, item), remoteServerAvailable, authzAccessCheckException)); }
public FileSystemEffectivePermissionEntry(IdentityReference2 identity, uint AccessMask, string FullName) { this.account = identity; this.accessMask = AccessMask; this.objectPath = FullName; this.accessAsString = new List <string>(); if (accessMask == 0) { accessAsString.Add("None"); } else { string tempString = ((FileSystemRights)this.accessMask).ToString(); foreach (var s in tempString.Split(',')) { this.accessAsString.Add(s); } } }
public static FileSystemAccessRule2 AddFileSystemAccessRule(string path, IdentityReference2 account, FileSystemRights2 rights, AccessControlType type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { if (type == AccessControlType.Allow) { rights = rights | FileSystemRights2.Synchronize; } FileSystemAccessRule ace = null; if (File.Exists(path)) { var item = new FileInfo(path); ace = AddFileSystemAccessRule(item, account, rights, type, inheritanceFlags, propagationFlags); } else { var item = new DirectoryInfo(path); ace = AddFileSystemAccessRule(item, account, rights, type, inheritanceFlags, propagationFlags); } return(ace); }
private void GetEffectivePermissions_AuthzInitializeContextFromSid(IdentityReference2 id) { var rawSid = id.GetBinaryForm(); // // Create an AuthZ context based on the user account // if (!AuthzInitializeContextFromSid( AuthzInitFlags.Default, rawSid, authzRM, IntPtr.Zero, Win32.LUID.NullLuid, IntPtr.Zero, out userClientCtxt)) { Win32Exception win32Expn = new Win32Exception(Marshal.GetLastWin32Error()); if (win32Expn.NativeErrorCode != Win32Error.RPC_S_SERVER_UNAVAILABLE) { throw win32Expn; } } }
public static FileSystemAuditRule2 AddFileSystemAuditRule(FileSystemInfo item, IdentityReference2 account, FileSystemRights2 rights, AuditFlags type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { var sd = new FileSystemSecurity2(item); var ace = AddFileSystemAuditRule(sd, account, rights, type, inheritanceFlags, propagationFlags); sd.Write(); return(ace); }
public static FileSystemAccessRule2 AddFileSystemAccessRule(FileSystemSecurity2 sd, IdentityReference2 account, FileSystemRights2 rights, AccessControlType type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { if (type == AccessControlType.Allow) { rights = rights | FileSystemRights2.Synchronize; } FileSystemAccessRule ace = null; if (sd.IsFile) { ace = (FileSystemAccessRule)sd.SecurityDescriptor.AccessRuleFactory(account, (int)rights, false, InheritanceFlags.None, PropagationFlags.None, type); ((FileSecurity)sd.SecurityDescriptor).AddAccessRule(ace); } else { ace = (FileSystemAccessRule)sd.SecurityDescriptor.AccessRuleFactory(account, (int)rights, false, inheritanceFlags, propagationFlags, type); ((DirectorySecurity)sd.SecurityDescriptor).AddAccessRule(ace); } return(ace); }
public static void SetOwner(FileSystemSecurity2 sd, IdentityReference2 account) { sd.SecurityDescriptor.SetOwner(account); }
private FileSystemOwner(FileSystemInfo item, IdentityReference2 owner) { this.item = item; this.owner = owner; }
public SimpleFileSystemAccessRule(string Path, IdentityReference2 account, FileSystemRights2 access) { this.fullName = Path; this.accessRights = access; this.identity = account; }
public static FileSystemAuditRule2 AddFileSystemAuditRule(FileSystemSecurity2 sd, IdentityReference2 account, FileSystemRights2 rights, AuditFlags type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { FileSystemAuditRule2 ace = null; if (sd.IsFile) { ace = (FileSystemAuditRule)sd.SecurityDescriptor.AuditRuleFactory(account, (int)rights, false, InheritanceFlags.None, PropagationFlags.None, type); ((FileSecurity)sd.SecurityDescriptor).AddAuditRule(ace); } else { ace = (FileSystemAuditRule)sd.SecurityDescriptor.AuditRuleFactory(account, (int)rights, false, inheritanceFlags, propagationFlags, type); ((DirectorySecurity)sd.SecurityDescriptor).AddAuditRule(ace); } return(ace); }
public static FileSystemAccessRule2 RemoveFileSystemAccessRule(FileSystemSecurity2 sd, IdentityReference2 account, FileSystemRights2 rights, AccessControlType type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, bool removeSpecific = false) { if (type == AccessControlType.Allow) { rights = rights | FileSystemRights2.Synchronize; } var ace = (FileSystemAccessRule)sd.SecurityDescriptor.AccessRuleFactory(account, (int)rights, false, inheritanceFlags, propagationFlags, type); if (sd.IsFile) { if (removeSpecific) { ((FileSecurity)sd.SecurityDescriptor).RemoveAccessRuleSpecific(ace); } else { ((FileSecurity)sd.SecurityDescriptor).RemoveAccessRule(ace); } } else { if (removeSpecific) { ((DirectorySecurity)sd.SecurityDescriptor).RemoveAccessRuleSpecific(ace); } else { ((DirectorySecurity)sd.SecurityDescriptor).RemoveAccessRule(ace); } } return(ace); }
public static FileSystemAuditRule2 RemoveFileSystemAuditRule(FileSystemSecurity2 sd, IdentityReference2 account, FileSystemRights2 rights, AuditFlags type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, bool removeSpecific = false) { var ace = (FileSystemAuditRule)sd.SecurityDescriptor.AuditRuleFactory(account, (int)rights, false, inheritanceFlags, propagationFlags, type); if (sd.IsFile) { if (removeSpecific) { ((FileSecurity)sd.SecurityDescriptor).RemoveAuditRuleSpecific(ace); } else { ((FileSecurity)sd.SecurityDescriptor).RemoveAuditRule(ace); } } else { if (removeSpecific) { ((DirectorySecurity)sd.SecurityDescriptor).RemoveAuditRuleSpecific(ace); } else { ((DirectorySecurity)sd.SecurityDescriptor).RemoveAuditRule(ace); } } return(ace); }
public static FileSystemAccessRule2 AddFileSystemAccessRule(FileSystemInfo item, IdentityReference2 account, FileSystemRights2 rights, AccessControlType type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags) { if (type == AccessControlType.Allow) { rights = rights | FileSystemRights2.Synchronize; } var sd = new FileSystemSecurity2(item); var ace = AddFileSystemAccessRule(sd, account, rights, type, inheritanceFlags, propagationFlags); sd.Write(); return(ace); }