public class ACL
{
private DirectoryInfo dInfo = null;
private NativeObjectSecurity secInfo = null;
private bool isAclSet = false;
public ACL(string path)//, [System.Runtime.InteropServices.OptionalAttribute, System.Runtime.InteropServices.DefaultParameterValueAttribute(false)] // ERROR: Optional parameters aren't supported in C# bool isRegistryPath)
{
this.dInfo = new DirectoryInfo(path);
if (!dInfo.Exists)
throw new ApplicationException("Path " + path + " not found");
this.secInfo = dInfo.GetAccessControl(AccessControlSections.Access);
}
public bool CanAccess(string idName)
{
NTAccount userAcc = new NTAccount(idName);
AuthorizationRuleCollection authRules = this.secInfo.GetAccessRules(true, true, typeof(NTAccount));
bool allowAccess = false;
bool denyAccess = false;
foreach (FileSystemAccessRule authRule in authRules)
{
if (authRule.IdentityReference.Equals(userAcc))
{
if (authRule.AccessControlType.Equals(AccessControlType.Deny))
denyAccess = (authRule.FileSystemRights & FileSystemRights.FullControl).Equals(FileSystemRights.FullControl);
else if (authRule.AccessControlType.Equals(AccessControlType.Allow))
allowAccess = (authRule.FileSystemRights & FileSystemRights.FullControl).Equals(FileSystemRights.FullControl);
}
}
return (allowAccess & !denyAccess);
}
public void SetAccessible(string idName)
{
this.SetAccess(idName);
this.isAclSet = true;
}
public void SetAccessibleToCurrentUser()
{
string currentUser = WindowsIdentity.GetCurrent().Name;
this.SetAccessible(currentUser);
}
public void SetAccessibleToEveryone()
{
this.SetAccessible("EVERYONE");
}
private void SetAccess(string idName)
{
FileSystemAccessRule rule = new FileSystemAccessRule(idName, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.NoPropagateInherit, AccessControlType.Allow);
DirectorySecurity dSecInfo = (DirectorySecurity)this.secInfo;
dSecInfo.RemoveAccessRule(rule);
this.dInfo.SetAccessControl(dSecInfo);
foreach (FileInfo info in this.dInfo.GetFiles())
{
FileSecurity fsec = info.GetAccessControl(AccessControlSections.Access);
info.SetAccessControl(fsec);
}
}
public void ResetAccessible(string idName)
{
if (this.isAclSet)
{
this.SetAccess(idName);
this.isAclSet = false;
}
}
public void ResetAccessibleToCurrentUser()
{
string currentUser = WindowsIdentity.GetCurrent().Name;
this.ResetAccessible(currentUser);
}
public void ResetAccessibleToEveryone()
{
this.ResetAccessible("EVERYONE");
}
public void RemoveReadonlyAttribute()
{
//' remove readonly attributes from inner directories
foreach (DirectoryInfo di in this.dInfo.GetDirectories("*", SearchOption.AllDirectories))
if ((di.Attributes & FileAttributes.ReadOnly) == FileAttributes.ReadOnly)
di.Attributes = (di.Attributes & ~FileAttributes.ReadOnly);
//' remove readonly attributes from inner files
foreach (FileInfo fi in this.dInfo.GetFiles("*.*", SearchOption.AllDirectories))
if ((fi.Attributes & FileAttributes.ReadOnly) == FileAttributes.ReadOnly)
fi.Attributes = (fi.Attributes & ~FileAttributes.ReadOnly);
//' remove readonly attributes from top level directory
if ((this.dInfo.Attributes & FileAttributes.ReadOnly) == FileAttributes.ReadOnly)
this.dInfo.Attributes = (this.dInfo.Attributes & ~FileAttributes.ReadOnly);
}
}
Allow Access Control before accessing File System
Đăng ký:
Đăng Nhận xét (Atom)
Không có nhận xét nào:
Đăng nhận xét