Procedimiento Agregar o quitar entradas de la lista de control de acceso (solo .NET Framework)How to: Add or remove Access Control List entries (.NET Framework only)

Para agregar o quitar entradas de la lista de control de acceso (ACL) en un archivo o directorio o quitarlas de él, obtenga el objeto FileSecurity o DirectorySecurity a partir del archivo o directorio.To add or remove Access Control List (ACL) entries to or from a file or directory, get the FileSecurity or DirectorySecurity object from the file or directory. Modifique el objeto y, a continuación, vuelva a aplicarlo al archivo o directorio.Modify the object, and then apply it back to the file or directory.

Agregar una entrada de la ACL a un archivo o quitarla de élAdd or remove an ACL entry from a file

  1. Llame al método File.GetAccessControl para obtener un objeto FileSecurity que contenga las entradas de la ACL actuales de un archivo.Call the File.GetAccessControl method to get a FileSecurity object that contains the current ACL entries of a file.

  2. Agregue las entradas de la ACL al objeto FileSecurity devuelto desde el paso 1 o quite dichas entradas de dicho objeto.Add or remove ACL entries from the FileSecurity object returned from step 1.

  3. Para aplicar los cambios, pase el objeto FileSecurity al método File.SetAccessControl.To apply the changes, pass the FileSecurity object to the File.SetAccessControl method.

Agregar una entrada de la ACL a un directorio o quitarla de élAdd or remove an ACL entry from a directory

  1. Llame al método Directory.GetAccessControl para obtener un objeto DirectorySecurity que contenga las entradas de la ACL actuales de un directorio.Call the Directory.GetAccessControl method to get a DirectorySecurity object that contains the current ACL entries of a directory.

  2. Agregue las entradas de la ACL al objeto DirectorySecurity devuelto desde el paso 1 o quite dichas entradas de dicho objeto.Add or remove ACL entries from the DirectorySecurity object returned from step 1.

  3. Para aplicar los cambios, pase el objeto DirectorySecurity al método Directory.SetAccessControl.To apply the changes, pass the DirectorySecurity object to the Directory.SetAccessControl method.

EjemploExample

Para ejecutar este ejemplo, debe usar una cuenta de usuario o grupo válida.You must use a valid user or group account to run this example. En el ejemplo se usa un objeto File.The example uses a File object. Use el mismo procedimiento para las clases FileInfo, Directory y DirectoryInfo.Use the same procedure for the FileInfo, Directory, and DirectoryInfo classes.

using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class FileExample
    {
        public static void Main()
        {
            try
            {
                string fileName = "test.xml";

                Console.WriteLine("Adding access control entry for "
                    + fileName);

                // Add the access control entry to the file.
                AddFileSecurity(fileName, @"DomainName\AccountName",
                    FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Removing access control entry from "
                    + fileName);

                // Remove the access control entry from the file.
                RemoveFileSecurity(fileName, @"DomainName\AccountName",
                    FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Done.");
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }
        }

        // Adds an ACL entry on the specified file for the specified account.
        public static void AddFileSecurity(string fileName, string account,
            FileSystemRights rights, AccessControlType controlType)
        {


            // Get a FileSecurity object that represents the
            // current security settings.
            FileSecurity fSecurity = File.GetAccessControl(fileName);

            // Add the FileSystemAccessRule to the security settings.
            fSecurity.AddAccessRule(new FileSystemAccessRule(account,
                rights, controlType));

            // Set the new access settings.
            File.SetAccessControl(fileName, fSecurity);

        }

        // Removes an ACL entry on the specified file for the specified account.
        public static void RemoveFileSecurity(string fileName, string account,
            FileSystemRights rights, AccessControlType controlType)
        {

            // Get a FileSecurity object that represents the
            // current security settings.
            FileSecurity fSecurity = File.GetAccessControl(fileName);

            // Remove the FileSystemAccessRule from the security settings.
            fSecurity.RemoveAccessRule(new FileSystemAccessRule(account,
                rights, controlType));

            // Set the new access settings.
            File.SetAccessControl(fileName, fSecurity);

        }
    }
}
Imports System.IO
Imports System.Security.AccessControl



Module FileExample

    Sub Main()
        Try
            Dim fileName As String = "test.xml"

            Console.WriteLine("Adding access control entry for " & fileName)

            ' Add the access control entry to the file.
            AddFileSecurity(fileName, "DomainName\AccountName", _
                FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Removing access control entry from " & fileName)

            ' Remove the access control entry from the file.
            RemoveFileSecurity(fileName, "DomainName\AccountName", _
                FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Done.")
        Catch e As Exception
            Console.WriteLine(e)
        End Try

    End Sub


    ' Adds an ACL entry on the specified file for the specified account.
    Sub AddFileSecurity(ByVal fileName As String, ByVal account As String, _
        ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)
  
        ' Get a FileSecurity object that represents the 
        ' current security settings.
        Dim fSecurity As FileSecurity = File.GetAccessControl(fileName)

        ' Add the FileSystemAccessRule to the security settings. 
        Dim accessRule As FileSystemAccessRule = _
            New FileSystemAccessRule(account, rights, controlType)

        fSecurity.AddAccessRule(accessRule)

        ' Set the new access settings.
        File.SetAccessControl(fileName, fSecurity)

    End Sub


    ' Removes an ACL entry on the specified file for the specified account.
    Sub RemoveFileSecurity(ByVal fileName As String, ByVal account As String, _
        ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)

        ' Get a FileSecurity object that represents the 
        ' current security settings.
        Dim fSecurity As FileSecurity = File.GetAccessControl(fileName)

        ' Remove the FileSystemAccessRule from the security settings. 
        fSecurity.RemoveAccessRule(New FileSystemAccessRule(account, _
            rights, controlType))

        ' Set the new access settings.
        File.SetAccessControl(fileName, fSecurity)

    End Sub
End Module