本文整理汇总了C#中System.Security.AccessControl.DirectorySecurity.SetAccessRuleProtection方法的典型用法代码示例。如果您正苦于以下问题:C# DirectorySecurity.SetAccessRuleProtection方法的具体用法?C# DirectorySecurity.SetAccessRuleProtection怎么用?C# DirectorySecurity.SetAccessRuleProtection使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类System.Security.AccessControl.DirectorySecurity的用法示例。
在下文中一共展示了DirectorySecurity.SetAccessRuleProtection方法的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: Locations
static Locations()
{
if (WindowsUtils.IsWindowsNT)
{
_secureSharedAcl = new DirectorySecurity();
_secureSharedAcl.SetOwner(new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null));
_secureSharedAcl.SetAccessRuleProtection(isProtected: true, preserveInheritance: false);
_secureSharedAcl.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier("S-1-1-0" /*Everyone*/), FileSystemRights.ReadAndExecute, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
_secureSharedAcl.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null), FileSystemRights.ReadAndExecute, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
_secureSharedAcl.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null), FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
_secureSharedAcl.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null), FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
}
}示例2: SetAcl
private static void SetAcl(string path, SearchResult user, FileSystemRights right)
{
var userId = user.Properties["userPrincipalName"][0].ToString();
var fullUserName = user.Properties["name"][0].ToString();
var fullPath = path + fullUserName;
var dir = new DirectoryInfo(fullPath);
var ds = new DirectorySecurity();
ds.SetAccessRuleProtection(true, false);
var uacl = new FileSystemAccessRule(userId,
right,
InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
PropagationFlags.None,
AccessControlType.Allow);
ds.AddAccessRule(uacl);
var domainAdmins = new SecurityIdentifier(WellKnownSidType.AccountDomainAdminsSid, AppSettings.GeneralSettings.DomainSid);
var pacl = new FileSystemAccessRule(domainAdmins,
FileSystemRights.FullControl,
InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
PropagationFlags.None,
AccessControlType.Allow);
ds.AddAccessRule(pacl);
var system = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null);
var sacl = new FileSystemAccessRule(system,
FileSystemRights.FullControl,
InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
PropagationFlags.None,
AccessControlType.Allow);
ds.AddAccessRule(sacl);
dir.SetAccessControl(ds);
}示例3: CreateDirectory
internal static void CreateDirectory(string path, IsolatedStorageScope scope)
{
if (Directory.Exists(path))
return;
DirectoryInfo info = Directory.CreateDirectory(path);
if (IsMachine(scope) && RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
// Need to emulate COMIsolatedStorage::CreateDirectoryWithDacl(), which gives the following rights:
//
// World / Everyone (S-1-1-0 / SECURITY_WORLD_RID) -> (FILE_GENERIC_WRITE | FILE_GENERIC_READ) & (~WRITE_DAC)
// Creator Owner (S-1-3-0 / SECURITY_CREATOR_OWNER_RID) -> FILE_ALL_ACCESS
// Local Admins (S-1-5-32 / SECURITY_BUILTIN_DOMAIN_RID & DOMAIN_ALIAS_RID_ADMINS) -> FILE_ALL_ACCESS
//
// When looking at rights through the GUI it looks like this:
//
// "Everyone" -> Read, Write
// "Administrators" -> Full control
// "CREATOR OWNER" -> Full control
//
// With rights applying to "This folder, subfolders, and files". No inheritance from the parent folder.
//
// Note that trying to reset the rules for CREATOR OWNER leaves the current directory with the actual creator's SID.
// (But applies CREATOR OWNER as expected for items and subdirectories.) Setting up front when creating the directory
// doesn't exhibit this behavior, but as we can't currently do that we'll take the rough equivalent for now.
DirectorySecurity security = new DirectorySecurity();
// Don't inherit the existing rules
security.SetAccessRuleProtection(isProtected: true, preserveInheritance: false);
security.AddAccessRule(new FileSystemAccessRule(
identity: new SecurityIdentifier(WellKnownSidType.WorldSid, null),
fileSystemRights: FileSystemRights.Read | FileSystemRights.Write,
inheritanceFlags: InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
propagationFlags: PropagationFlags.None,
type: AccessControlType.Allow));
security.AddAccessRule(new FileSystemAccessRule(
identity: new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null),
fileSystemRights: FileSystemRights.FullControl,
inheritanceFlags: InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
propagationFlags: PropagationFlags.None,
type: AccessControlType.Allow));
security.AddAccessRule(new FileSystemAccessRule(
identity: new SecurityIdentifier(WellKnownSidType.CreatorOwnerSid, null),
fileSystemRights: FileSystemRights.FullControl,
inheritanceFlags: InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
propagationFlags: PropagationFlags.None,
type: AccessControlType.Allow));
info.SetAccessControl(security);
}
}示例4: GrantAccess
private void GrantAccess()
{
try
{
var dSecurity = new DirectorySecurity();
dSecurity.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.Modify | FileSystemRights.Synchronize,
InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
PropagationFlags.None, AccessControlType.Allow));
dSecurity.SetAccessRuleProtection(false, true);
Directory.CreateDirectory(_settingsPath, dSecurity);
}
catch (Exception e)
{
throw new Exception("Unable to GrantAccess()" + e);
}
}示例5: WriteParametersFile
private void WriteParametersFile(IEnumerable<string> keys)
{
if (!Directory.Exists(Destination()))
{
Directory.CreateDirectory(Destination());
}
var directorySecurity = new DirectorySecurity();
directorySecurity.SetAccessRuleProtection(true, false);
directorySecurity.SetAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null), FileSystemRights.FullControl, AccessControlType.Allow));
Directory.SetAccessControl(Destination(), directorySecurity);
var parameters = new Dictionary<string, string>();
foreach (string key in keys)
{
var value = Context.Parameters[key];
parameters.Add(key, value);
}
var javaScriptSerializer = new System.Web.Script.Serialization.JavaScriptSerializer();
string jsonString = javaScriptSerializer.Serialize(parameters);
var configFile = DestinationFilename("parameters.json");
File.WriteAllText(configFile, jsonString);
}示例6: ReplaceDirectorySecurity
public static Boolean ReplaceDirectorySecurity(string dir, string[] Account, FileSystemRights Rights, AccessControlType ControlType, InheritanceFlags Inherit, PropagationFlags Propagation)
{
DirectoryInfo dInfo = new DirectoryInfo(dir);
DirectorySecurity dSecurity = new DirectorySecurity();
try
{
dSecurity.SetAccessRuleProtection(true, false);
foreach (string account in Account)
{
dSecurity.ResetAccessRule(new FileSystemAccessRule(account, Rights, Inherit, Propagation, ControlType));
}
dInfo.SetAccessControl(dSecurity);
}
catch (Exception ex)
{
LibraryLogging.Error("unable to ReplaceDirectorySecurity for {0} error {1}", dir, ex.Message);
return false;
}
return true;
}示例7: GetDirectorySecurity
private static DirectorySecurity GetDirectorySecurity()
{
DirectorySecurity directorySecurity = new DirectorySecurity();
directorySecurity.SetAccessRuleProtection(true, false);
using (WindowsIdentity current = WindowsIdentity.GetCurrent())
{
directorySecurity.SetOwner((IdentityReference) current.User);
for (int index = 0; index < TemporaryDataStorage.DirectoryAccessRules.Length; ++index)
directorySecurity.AddAccessRule(TemporaryDataStorage.DirectoryAccessRules[index]);
if (!current.User.IsWellKnown(WellKnownSidType.LocalSystemSid) && !current.User.IsWellKnown(WellKnownSidType.NetworkServiceSid) && !current.User.IsWellKnown(WellKnownSidType.LocalServiceSid))
directorySecurity.AddAccessRule(new FileSystemAccessRule((IdentityReference) current.User, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
return directorySecurity;
}
}示例8: BlockInheritance
/// <summary>
/// Blocks inheritance on this directory.
/// </summary>
/// <param name="path">The path to the directory to block inheritance on.</param>
/// <param name="security">The DirectorySecurity object of the directory that will be changed.</param>
/// <param name="addInheritedPermissions">If true, copies the directory's inherited permissions as explicit permissions on the directory.</param>
/// <param name="commitChanges">Indicates whether changes should be commited to this entry. Useful when combining multiple commands.</param>
/// <returns>True if inheritance was blocked on the directory, false if the directory does not exist, or inheritance could not be
/// blocked.</returns>
public static bool BlockInheritance(string path, ref DirectorySecurity security, bool addInheritedPermissions, bool commitChanges)
{
// Check whether a path and security object were supplied.
if (!string.IsNullOrEmpty(path) && security != null)
{
// A path and security object were supplied.
// Check whether the directory exists.
if (SystemDirectory.Exists(path))
{
// The directory exists.
// Remove inheritance from the directory and copy inherited permissions if necessary.
try
{
security.SetAccessRuleProtection(true, addInheritedPermissions);
}
catch (InvalidOperationException)
{
// This method attempted to remove inherited rules from a non-canonical Discretionary Access Control List (DACL).
return false;
}
// Commit the changes if necessary.
if (commitChanges)
{
try
{
SystemDirectory.SetAccessControl(path, security);
}
catch (UnauthorizedAccessException)
{
// The current process does not have access to the directory specified by path.
// Or the current process does not have sufficient privilege to set the ACL entry.
return false;
}
catch (PlatformNotSupportedException)
{
// The current operating system is not Windows 2000 or later.
return false;
}
}
return true;
}
else
{
// The directory does not exist.
return false;
}
}
else
{
// A path or security object were not supplied.
return false;
}
}示例9: SetWritePermissions
private static void SetWritePermissions(string parentPath, string relativePath)
{
// Everyone, FullControl
string path = Path.Combine(parentPath, relativePath);
if (!Directory.Exists(path))
Directory.CreateDirectory(path);
SecurityIdentifier everyone = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
DirectorySecurity security = new DirectorySecurity();
security.SetAccessRuleProtection(true, false);
security.AddAccessRule(new FileSystemAccessRule(everyone, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
Directory.SetAccessControl(path, security);
}示例10: SetDownloadDirectoryAccessRights
/// <summary>It is neccessary to modify the download directory access rights, because as default only creator/owner has the right to change the newly created directory.
/// But of course we want to allow all authenticated users to download auto updates. Thus we modify the access to the download directory, so that authenticated users have the right to modify files/folders. </summary>
/// <param name="downloadDirectory">The download directory.</param>
private void SetDownloadDirectoryAccessRights(string downloadDirectory)
{
try
{
var authenticatedUser = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null);
var inheritance = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
var propagation = PropagationFlags.None;
var security = new DirectorySecurity();
security.AddAccessRule(new FileSystemAccessRule(authenticatedUser, FileSystemRights.Modify, inheritance, propagation, AccessControlType.Allow));
security.SetAccessRuleProtection(false, true);
Directory.SetAccessControl(downloadDirectory, security);
}
catch (Exception)
{
}
}