目录权限设置问题。见如下代码
DirectoryInfo di = Directory.CreateDirectory(path);
DirectorySecurity ds = di.GetAccessControl();
ds.AddAccessRule(new FileSystemAccessRule("CREATOR OWNER", FileSystemRights.Modify, AccessControlType.Allow));
ds.AddAccessRule(new FileSystemAccessRule("NETWORK SERVICE", FileSystemRights.Modify, AccessControlType.Allow));
ds.AddAccessRule(new FileSystemAccessRule("SYSTEM", FileSystemRights.Modify, AccessControlType.Allow));
di.SetAccessControl(ds);
问题是,人员加进去了。权限全部是“特殊的权限”没有修改的权限。高手指点一二。
DirectoryInfo di = Directory.CreateDirectory(path);
DirectorySecurity ds = di.GetAccessControl();
ds.AddAccessRule(new FileSystemAccessRule("CREATOR OWNER", FileSystemRights.Modify, AccessControlType.Allow));
ds.AddAccessRule(new FileSystemAccessRule("NETWORK SERVICE", FileSystemRights.Modify, AccessControlType.Allow));
ds.AddAccessRule(new FileSystemAccessRule("SYSTEM", FileSystemRights.Modify, AccessControlType.Allow));
di.SetAccessControl(ds);
问题是,人员加进去了。权限全部是“特殊的权限”没有修改的权限。高手指点一二。
我想给目录加上三个权限 CREATOR OWNER、 NETWORK SERVICE 、 SYSTEM 允许修改
下面是msdn的内容
using System;
using System.IO;
using System.Security.AccessControl;namespace FileSystemExample
{
class FileExample
{
public static void Main()
{
try
{
string fileName = "test.xml"; Console.WriteLine("Adding access control entry for "
+ fileName); // Add the access control entry to the file.
AddFileSecurity(fileName, @"DomainName\AccountName",
FileSystemRights.ReadData, AccessControlType.Allow); Console.WriteLine("Removing access control entry from "
+ fileName); // Remove the access control entry from the file.
RemoveFileSecurity(fileName, @"DomainName\AccountName",
FileSystemRights.ReadData, AccessControlType.Allow); Console.WriteLine("Done.");
}
catch (Exception e)
{
Console.WriteLine(e);
}
} // Adds an ACL entry on the specified file for the specified account.
public static void AddFileSecurity(string fileName, string account,
FileSystemRights rights, AccessControlType controlType)
{
// Get a FileSecurity object that represents the
// current security settings.
FileSecurity fSecurity = File.GetAccessControl(fileName); // Add the FileSystemAccessRule to the security settings.
fSecurity.AddAccessRule(new FileSystemAccessRule(account,
rights, controlType)); // Set the new access settings.
File.SetAccessControl(fileName, fSecurity); } // Removes an ACL entry on the specified file for the specified account.
public static void RemoveFileSecurity(string fileName, string account,
FileSystemRights rights, AccessControlType controlType)
{ // Get a FileSecurity object that represents the
// current security settings.
FileSecurity fSecurity = File.GetAccessControl(fileName); // Add the FileSystemAccessRule to the security settings.
fSecurity.RemoveAccessRule(new FileSystemAccessRule(account,
rights, controlType)); // Set the new access settings.
File.SetAccessControl(fileName, fSecurity); }
}
}
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;using System.Collections;
using System.IO;
using System.Security.AccessControl;
namespace ForTest
{
public partial class Tester : Form
{
public Tester()
{
InitializeComponent();
} private void button1_Click(object sender, EventArgs e)
{
try
{
string filename = @"C:\11111\www_google_com"; //目标目录
string[] account = { @"IUSR_google", @"IUSR_sohu" };//用户名
string userrights = @"RWF";//权限字符串,自己定义的
AddDirectorySecurity(filename, account, userrights);
Console.ReadLine();
}
catch (Exception ex)
{
Console.WriteLine(ex);
Console.ReadLine();
} }
public void AddDirectorySecurity(string FileName, string[] Account, string UserRights)
{
FileSystemRights Rights = new FileSystemRights(); if (UserRights.IndexOf("R") >= 0)
{
Rights = Rights | FileSystemRights.Read;
}
if (UserRights.IndexOf("C") >= 0)
{
Rights = Rights | FileSystemRights.ChangePermissions;
}
if (UserRights.IndexOf("F") >= 0)
{
Rights = Rights | FileSystemRights.FullControl;
}
if (UserRights.IndexOf("W") >= 0)
{
Rights = Rights | FileSystemRights.Write;
} bool ok;
DirectoryInfo dInfo = new DirectoryInfo(FileName);
DirectorySecurity dSecurity = dInfo.GetAccessControl();
InheritanceFlags iFlags = new InheritanceFlags();
iFlags = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
FileSystemAccessRule AccessRule2 = null;
for (int ii = 0; ii < Account.Length; ii++)
{
AccessRule2 = new FileSystemAccessRule(Account[ii], Rights, iFlags, PropagationFlags.None, AccessControlType.Allow);
dSecurity.ModifyAccessRule(AccessControlModification.Add, AccessRule2, out ok);
} dInfo.SetAccessControl(dSecurity); //列出目标目录所具有的权限
DirectorySecurity sec = Directory.GetAccessControl(FileName, AccessControlSections.All);
foreach (FileSystemAccessRule rule in sec.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)))
{
Console.WriteLine("----------------------------------");
Console.WriteLine(rule.IdentityReference.Value);
if ((rule.FileSystemRights & FileSystemRights.Read) != 0)
Console.WriteLine(rule.FileSystemRights.ToString()); }
Console.Read();
} }
}