File.SetAccessControl(String, FileSecurity) File.SetAccessControl(String, FileSecurity) File.SetAccessControl(String, FileSecurity) Method

Definición

Aplica al archivo especificado las entradas de la lista de control de acceso (ACL) descritas por un objeto FileSecurity.Applies access control list (ACL) entries described by a FileSecurity object to the specified file.

public:
 static void SetAccessControl(System::String ^ path, System::Security::AccessControl::FileSecurity ^ fileSecurity);
public static void SetAccessControl (string path, System.Security.AccessControl.FileSecurity fileSecurity);
static member SetAccessControl : string * System.Security.AccessControl.FileSecurity -> unit

Parámetros

path
String String String

Archivo al que se van a agregar o del que se van a quitar entradas de la lista de control de acceso (ACL).A file to add or remove access control list (ACL) entries from.

fileSecurity
FileSecurity FileSecurity FileSecurity

Objeto FileSecurity que describe una entrada de ACL que se aplica al archivo descrito por el parámetro path.A FileSecurity object that describes an ACL entry to apply to the file described by the path parameter.

Excepciones

Se produjo un error de E/S al abrir el archivo.An I/O error occurred while opening the file.

El parámetro path es null.The path parameter is null.

No se encuentra el archivo.The file could not be found.

El parámetro path especificó un archivo que es de solo lectura.The path parameter specified a file that is read-only.

o bien-or- Esta operación no es compatible con la plataforma actual.This operation is not supported on the current platform.

o bien-or- El parámetro path especificó un directorio.The path parameter specified a directory.

O bien-or- El llamador no dispone del permiso requerido.The caller does not have the required permission.

El parámetro fileSecurity es null.The fileSecurity parameter is null.

Ejemplos

En el ejemplo de código siguiente GetAccessControl se SetAccessControl usan los métodos y para agregar y quitar una entrada de la lista de control de acceso (ACL) de un archivo.The following code example uses the GetAccessControl and SetAccessControl methods to add and then remove an access control list (ACL) entry from a file. Para ejecutar este ejemplo, debe proporcionar una cuenta de usuario o grupo válida.You must supply a valid user or group account to run this example.

using namespace System;
using namespace System::IO;
using namespace System::Security::AccessControl;

// Adds an ACL entry on the specified file for the specified account.

void AddFileSecurity(String^ fileName, String^ account, 
                        FileSystemRights rights, AccessControlType controlType)
{
    // Get a FileSecurity object that represents the 
    // current security settings.
    FileSecurity^ fSecurity = File::GetAccessControl(fileName);

    // Add the FileSystemAccessRule to the security settings. 
    fSecurity->AddAccessRule(gcnew FileSystemAccessRule
                                   (account,rights, controlType));

    // Set the new access settings.
    File::SetAccessControl(fileName, fSecurity);
}

// Removes an ACL entry on the specified file for the specified account.

void RemoveFileSecurity(String^ fileName, String^ account, 
                        FileSystemRights rights, AccessControlType controlType)
{

    // Get a FileSecurity object that represents the 
    // current security settings.
    FileSecurity^ fSecurity = File::GetAccessControl(fileName);

    // Remove the FileSystemAccessRule from the security settings. 
    fSecurity->RemoveAccessRule(gcnew FileSystemAccessRule
                                      (account,rights, controlType));

    // Set the new access settings.
    File::SetAccessControl(fileName, fSecurity);
}

int main()
{
    try
    {
        String^ fileName = "test.xml";

        Console::WriteLine("Adding access control entry for " + fileName);

        // Add the access control entry to the file.
        AddFileSecurity(fileName, "MYDOMAIN\\MyAccount", 
            FileSystemRights::ReadData, AccessControlType::Allow);

        Console::WriteLine("Removing access control entry from " + fileName);

        // Remove the access control entry from the file.
        RemoveFileSecurity(fileName, "MYDOMAIN\\MyAccount", 
            FileSystemRights::ReadData, AccessControlType::Allow);

        Console::WriteLine("Done.");
    }
    catch (Exception^ ex)
    {
        Console::WriteLine(ex->Message);
    }
}

using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class FileExample
    {
        public static void Main()
        {
            try
            {
                string fileName = "test.xml";

                Console.WriteLine("Adding access control entry for "
                    + fileName);

                // Add the access control entry to the file.
                AddFileSecurity(fileName, @"DomainName\AccountName",
                    FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Removing access control entry from "
                    + fileName);

                // Remove the access control entry from the file.
                RemoveFileSecurity(fileName, @"DomainName\AccountName",
                    FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Done.");
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }
        }

        // Adds an ACL entry on the specified file for the specified account.
        public static void AddFileSecurity(string fileName, string account,
            FileSystemRights rights, AccessControlType controlType)
        {


            // Get a FileSecurity object that represents the
            // current security settings.
            FileSecurity fSecurity = File.GetAccessControl(fileName);

            // Add the FileSystemAccessRule to the security settings.
            fSecurity.AddAccessRule(new FileSystemAccessRule(account,
                rights, controlType));

            // Set the new access settings.
            File.SetAccessControl(fileName, fSecurity);

        }

        // Removes an ACL entry on the specified file for the specified account.
        public static void RemoveFileSecurity(string fileName, string account,
            FileSystemRights rights, AccessControlType controlType)
        {

            // Get a FileSecurity object that represents the
            // current security settings.
            FileSecurity fSecurity = File.GetAccessControl(fileName);

            // Remove the FileSystemAccessRule from the security settings.
            fSecurity.RemoveAccessRule(new FileSystemAccessRule(account,
                rights, controlType));

            // Set the new access settings.
            File.SetAccessControl(fileName, fSecurity);

        }
    }
}
Imports System.IO
Imports System.Security.AccessControl



Module FileExample

    Sub Main()
        Try
            Dim fileName As String = "test.xml"

            Console.WriteLine("Adding access control entry for " & fileName)

            ' Add the access control entry to the file.
            AddFileSecurity(fileName, "DomainName\AccountName", _
                FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Removing access control entry from " & fileName)

            ' Remove the access control entry from the file.
            RemoveFileSecurity(fileName, "DomainName\AccountName", _
                FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Done.")
        Catch e As Exception
            Console.WriteLine(e)
        End Try

    End Sub


    ' Adds an ACL entry on the specified file for the specified account.
    Sub AddFileSecurity(ByVal fileName As String, ByVal account As String, _
        ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)
  
        ' Get a FileSecurity object that represents the 
        ' current security settings.
        Dim fSecurity As FileSecurity = File.GetAccessControl(fileName)

        ' Add the FileSystemAccessRule to the security settings. 
        Dim accessRule As FileSystemAccessRule = _
            New FileSystemAccessRule(account, rights, controlType)

        fSecurity.AddAccessRule(accessRule)

        ' Set the new access settings.
        File.SetAccessControl(fileName, fSecurity)

    End Sub


    ' Removes an ACL entry on the specified file for the specified account.
    Sub RemoveFileSecurity(ByVal fileName As String, ByVal account As String, _
        ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)

        ' Get a FileSecurity object that represents the 
        ' current security settings.
        Dim fSecurity As FileSecurity = File.GetAccessControl(fileName)

        ' Remove the FileSystemAccessRule from the security settings. 
        fSecurity.RemoveAccessRule(New FileSystemAccessRule(account, _
            rights, controlType))

        ' Set the new access settings.
        File.SetAccessControl(fileName, fSecurity)

    End Sub
End Module

Comentarios

El SetAccessControl método aplica las entradas de la lista de control de acceso (ACL) a un archivo que representa la lista ACL no heredada.The SetAccessControl method applies access control list (ACL) entries to a file that represents the noninherited ACL list.

Precaución

La ACL especificada para el fileSecurity parámetro reemplaza la ACL existente para el archivo.The ACL specified for the fileSecurity parameter replaces the existing ACL for the file. Para agregar permisos para un nuevo usuario, use el GetAccessControl método para obtener la ACL existente, modifíquela y, a continuación, SetAccessControl use para volver a aplicarla al archivo.To add permissions for a new user, use the GetAccessControl method to obtain the existing ACL, modify it, and then use SetAccessControl to apply it back to the file.

Una ACL describe los usuarios o grupos que tienen o no tienen derechos sobre acciones específicas en el archivo especificado.An ACL describes individuals and/or groups who have, or do not have, rights to specific actions on the given file. Para más información, consulte How to: Add or Remove Access Control List Entries (Cómo: Agregar o quitar entradas de la lista de control de acceso).For more information, see How to: Add or Remove Access Control List Entries.

El SetAccessControl método conserva solo FileSecurity los objetos que se han modificado después de la creación del objeto.The SetAccessControl method persists only FileSecurity objects that have been modified after object creation. Si un FileSecurity objeto no se ha modificado, no se conservará en un archivo.If a FileSecurity object has not been modified, it will not be persisted to a file. Por lo tanto, no es posible recuperar un FileSecurity objeto de un archivo y volver a aplicar el mismo objeto a otro archivo.Therefore, it is not possible to retrieve a FileSecurity object from one file and reapply the same object to another file.

Para copiar la información de la ACL de un archivo a otro:To copy ACL information from one file to another:

  1. Use el GetAccessControl método para recuperar el FileSecurity objeto del archivo de código fuente.Use the GetAccessControl method to retrieve the FileSecurity object from the source file.

  2. Cree un nuevo FileSecurity objeto para el archivo de destino.Create a new FileSecurity object for the destination file.

  3. Use el GetSecurityDescriptorBinaryForm método GetSecurityDescriptorSddlForm o del objeto de FileSecurity origen para recuperar la información de la ACL.Use the GetSecurityDescriptorBinaryForm or GetSecurityDescriptorSddlForm method of the source FileSecurity object to retrieve the ACL information.

  4. Use el SetSecurityDescriptorBinaryForm método SetSecurityDescriptorSddlForm o para copiar la información recuperada en el paso 3 en FileSecurity el objeto de destino.Use the SetSecurityDescriptorBinaryForm or SetSecurityDescriptorSddlForm method to copy the information retrieved in step 3 to the destination FileSecurity object.

  5. Establezca el objeto FileSecurity de destino en el archivo de destino SetAccessControl mediante el método.Set the destination FileSecurity object to the destination file using the SetAccessControl method.

En entornos NTFS, ReadAttributes y ReadExtendedAttributes se conceden al usuario si el usuario tiene ListDirectory derechos en la carpeta principal.In NTFS environments, ReadAttributes and ReadExtendedAttributes are granted to the user if the user has ListDirectory rights on the parent folder. Para ReadAttributes denegar ReadExtendedAttributesy, ListDirectory denegar en el directorio principal.To deny ReadAttributes and ReadExtendedAttributes, deny ListDirectory on the parent directory.

Seguridad

FileIOPermission
permiso para obtener acceso al archivo.for permission to access the file. Acción de seguridad: Bajo.Security action: Demand. Enumeraciones asociadas: NoAccess,ChangeAssociated enumerations: NoAccess, Change

Se aplica a

Consulte también: