public class PermissionManager { /// <summary> /// 为文件添加users,everyone用户组的完全控制权限 /// </summary> /// <param name="filePath"></param> public static voID AddSecurityControll2file(string filePath) { //获取文件信息 fileInfo fileInfo = new fileInfo(filePath); //获得该文件的访问权限 System.Security.AccessControl.fileSecurity fileSecurity = fileInfo.GetAccessControl(); //添加ereryone用户组的访问权限规则 完全控制权限 fileSecurity.AddAccessRule(new fileSystemAccessRule("Everyone",fileSystemRights.FullControl,AccessControlType.Allow)); //添加Users用户组的访问权限规则 完全控制权限 fileSecurity.AddAccessRule(new fileSystemAccessRule("Users",AccessControlType.Allow)); //设置访问权限 fileInfo.SetAccessControl(fileSecurity); } /// <summary> ///为文件夹添加users,everyone用户组的完全控制权限 /// </summary> /// <param name="dirPath"></param> public static voID AddSecurityControll2Folder(string dirPath) { //获取文件夹信息 DirectoryInfo dir = new DirectoryInfo(dirPath); //获得该文件夹的所有访问权限 System.Security.AccessControl.DirectorySecurity dirsecurity = dir.GetAccessControl(AccessControlSections.All); //设定文件ACL继承 inheritanceFlags inherits = inheritanceFlags.Containerinherit | inheritanceFlags.Objectinherit; //添加ereryone用户组的访问权限规则 完全控制权限 fileSystemAccessRule everyonefileSystemAccessRule = new fileSystemAccessRule("Everyone",inherits,PropagationFlags.None,AccessControlType.Allow); //添加Users用户组的访问权限规则 完全控制权限 fileSystemAccessRule usersfileSystemAccessRule = new fileSystemAccessRule("Users",AccessControlType.Allow); bool isModifIEd = false; dirsecurity.ModifyAccessRule(AccessControlModification.Add,everyonefileSystemAccessRule,out isModifIEd); dirsecurity.ModifyAccessRule(AccessControlModification.Add,usersfileSystemAccessRule,out isModifIEd); //设置访问权限 dir.SetAccessControl(dirsecurity); } /// <summary> /// 为文件夹移除某个用户的权限 /// </summary> /// <param name="dirname"></param> /// <param name="username"></param> static voID removePermissions(string dirname,string username) { string user = System.Environment.UserDomainname + "\" + username; DirectoryInfo dirinfo = new DirectoryInfo(dirname); DirectorySecurity dsec = dirinfo.GetAccessControl(AccessControlSections.All); AuthorizationRuleCollection rules = dsec.GetAccessRules(true,true,typeof(System.Security.Principal.NTAccount)); foreach (AccessRule rule in rules) { if (rule.IDentityReference.Value == user) { bool value; dsec.PurgeAccessRules(rule.IDentityReference); dsec.ModifyAccessRule(AccessControlModification.RemoveAll,rule,out value); } } } /// <summary> /// 项目中用,文件夹只保留everyone权限,其中允许用户读,但不允许写 /// by the way,代码结果是给文件夹一个特殊权限,点进去高级看,会发现这个特殊权限的子项和写入权限的子项是一样的 /// </summary> /// <param name="dirname"></param> public static voID OnlyKeepEveryonePermissionsWithWriteNotAllowed(string dirname) { DirectoryInfo dirinfo = new DirectoryInfo(dirname); DirectorySecurity obJsecObj = dirinfo.GetAccessControl(); AuthorizationRuleCollection acl = obJsecObj.GetAccessRules(true,true,typeof(System.Security.Principal.NTAccount)); obJsecObj.SetAccessRuleProtection(true,false); //to remove inherited permissions foreach (fileSystemAccessRule ace in acl) //to remove any other permission { obJsecObj.PurgeAccessRules(ace.IDentityReference); //same as use obJsecObj.RemoveAccessRuleSpecific(ace); } inheritanceFlags inherits = inheritanceFlags.Containerinherit | inheritanceFlags.Objectinherit; fileSystemAccessRule everyonefileSystemAccessRule = new fileSystemAccessRule("Everyone",fileSystemRights.ReadAndExecute | fileSystemRights.ListDirectory | fileSystemRights.Read,AccessControlType.Allow); fileSystemAccessRule everyonefileSystemAccessRule2 = new fileSystemAccessRule("Everyone",fileSystemRights.Write,AccessControlType.Deny); bool isModifIEd = false; obJsecObj.ModifyAccessRule(AccessControlModification.Add,everyonefileSystemAccessRule2,out isModifIEd); obJsecObj.ModifyAccessRule(AccessControlModification.Add,out isModifIEd); dirinfo.SetAccessControl(obJsecObj); } }
写入:
代码生成的特殊权限
其实权限是一样的
总结以上是内存溢出为你收集整理的c# 给文件/文件夹 管理用户权限全部内容,希望文章能够帮你解决c# 给文件/文件夹 管理用户权限所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)