RegistryRights RegistryRights RegistryRights RegistryRights Enum

Définition

Spécifie les droits de contrôle d'accès qui peuvent s'appliquer aux objets de Registre.Specifies the access control rights that can be applied to registry objects.

Cette énumération a un attribut FlagsAttribute qui permet une combinaison au niveau du bit de ses valeurs membres.

public enum class RegistryRights
[System.Flags]
public enum RegistryRights
type RegistryRights = 
Public Enum RegistryRights
Héritage
RegistryRightsRegistryRightsRegistryRightsRegistryRights
Attributs

Champs

ChangePermissions ChangePermissions ChangePermissions ChangePermissions 262144

Droit de modifier les règles d'accès et d'audit associées à une clé de Registre.The right to change the access rules and audit rules associated with a registry key.

32

Réservé au système.Reserved for system use.

CreateSubKey CreateSubKey CreateSubKey CreateSubKey 4

Droit de créer des sous-clés d'une clé de Registre.The right to create subkeys of a registry key.

Delete Delete Delete Delete 65536

Droit de supprimer une clé de Registre.The right to delete a registry key.

EnumerateSubKeys EnumerateSubKeys EnumerateSubKeys EnumerateSubKeys 8

Droit de répertorier les sous-clés d'une clé de Registre.The right to list the subkeys of a registry key.

ExecuteKey ExecuteKey ExecuteKey ExecuteKey 131097

Comme pour ReadKey.Same as ReadKey.

FullControl FullControl FullControl FullControl 983103

Droit d'exercer un contrôle total sur une clé de Registre et d'en modifier les règles d'accès et d'audit.The right to exert full control over a registry key, and to modify its access rules and audit rules.

Notify Notify Notify Notify 16

Droit de demander la notification des modifications apportées à une clé de Registre.The right to request notification of changes on a registry key.

QueryValues QueryValues QueryValues QueryValues 1

Droit d'interroger les paires nom/valeur d'une clé de Registre.The right to query the name/value pairs in a registry key.

ReadKey ReadKey ReadKey ReadKey 131097

Droit d'interroger les paires nom/valeur d'une clé de Registre, de demander la notification des modifications, d'énumérer les sous-clés et de lire les règles d'accès et d'audit.The right to query the name/value pairs in a registry key, to request notification of changes, to enumerate its subkeys, and to read its access rules and audit rules.

ReadPermissions ReadPermissions ReadPermissions ReadPermissions 131072

Droit d'ouvrir et de copier les règles d'accès et d'audit d'une clé de Registre.The right to open and copy the access rules and audit rules for a registry key.

SetValue SetValue SetValue SetValue 2

Droit de créer, supprimer ou définir des paires nom/valeur d'une clé de Registre.The right to create, delete, or set name/value pairs in a registry key.

TakeOwnership TakeOwnership TakeOwnership TakeOwnership 524288

Droit de modifier le propriétaire d'une clé de Registre.The right to change the owner of a registry key.

WriteKey WriteKey WriteKey WriteKey 131078

Droit de créer, supprimer et définir les paires nom/valeur d'une clé de Registre, de créer ou de supprimer des sous-clés, de demander notification des modifications, d'énumérer les sous-clés et de lire les règles d'accès et d'audit.The right to create, delete, and set the name/value pairs in a registry key, to create or delete subkeys, to request notification of changes, to enumerate its subkeys, and to read its access rules and audit rules.

Exemples

L’exemple de code suivant illustre l’utilisation de la RegistryRights énumération.The following code example demonstrates the use of the RegistryRights enumeration. Le code crée une clé de test, permettant à l’utilisateur actuel ReadKey et accès en suppression rights : droits, mais l’interdiction de ChangePermissions et WriteKey.The code creates a test key, allowing the current user ReadKey and Delete access rights but denying ChangePermissions and WriteKey rights. Lors, toute tentative de manipulation de la clé réussissent ou échouent en fonction de ces autorisations.Subsequent attempts to manipulate the key succeed or fail depending on these permissions.

Avant la suppression de la clé, le code s’interrompt.Before the key is deleted, the code pauses. Vous pouvez basculer vers l’Éditeur du Registre (Regedit.exe ou Regedt32.exe) et vérifier que les droits d’accès s’appliquent lorsque la clé est accédée à l’aide de l’Éditeur du Registre.You can switch to the Registry Editor (Regedit.exe or Regedt32.exe) and verify that the same access rights apply when the key is accessed using the Registry Editor.

Cet exemple fonctionne mieux si vous utilisez RunAs à partir de la ligne de commande pour exécuter l’Éditeur du Registre et l’exemple de code en tant qu’utilisateur local sans droits d’administrateur.This example works best if you use RunAs from the command line to run the Registry Editor and the sample code as a local user without administrator rights. Par exemple, si vous avez défini un utilisateur local nommé TestUser, la commande runas /user:TestUser cmd ouvre une fenêtre de commande à partir de laquelle vous pouvez exécuter l’Éditeur du Registre, puis l’exemple de code.For example, if you have defined a local user named TestUser, the command runas /user:TestUser cmd opens a command window from which you can run the Registry Editor and then the example code.

using namespace System;
using namespace System::Reflection;
using namespace Microsoft::Win32;
using namespace System::Security::AccessControl;
using namespace System::Security;

int main()
{
    // Delete the example key if it exists.
    try
    {
        Registry::CurrentUser->DeleteSubKey("RegistryRightsExample");
        Console::WriteLine("Example key has been deleted.");
    }
    catch (ArgumentException^)
    {
        // ArgumentException is thrown if the key does not exist. In
        // this case, there is no reason to display a message.
    }
    catch (InvalidOperationException^ ex)
    {
        Console::WriteLine(
            "{0}Unable to delete key: it appears to have child subkeys:{0}{1}", 
            Environment::NewLine, ex);
        return 0;
    }
    catch (SecurityException^ ex)
    {
        Console::WriteLine("{0}You do not have the permissions required " +
            "to delete this key:{0}{1}", Environment::NewLine, ex);
        return 0;
    }

    String^ user = Environment::UserDomainName + "\\" + Environment::UserName;

    RegistrySecurity^ regSecurity = gcnew RegistrySecurity();

    // Allow the current user to read and delete the key.
    //
    regSecurity->AddAccessRule(gcnew RegistryAccessRule(user,
        RegistryRights::ReadKey | RegistryRights::Delete,
        InheritanceFlags::None,
        PropagationFlags::None,
        AccessControlType::Allow));

    // Prevent the current user from writing or changing the
    // permission set of the key. Note that if Delete permission
    // were not allowed in the previous access rule, denying
    // WriteKey permission would prevent the user from deleting the
    // key.
    regSecurity->AddAccessRule(gcnew RegistryAccessRule(user,
        RegistryRights::WriteKey | RegistryRights::ChangePermissions,
        InheritanceFlags::None,
        PropagationFlags::None,
        AccessControlType::Deny));

    // Create the example key with registry security.
    RegistryKey^ createdKey = nullptr;
    try
    {
        createdKey = Registry::CurrentUser->CreateSubKey(
            "RegistryRightsExample", RegistryKeyPermissionCheck::Default,
            regSecurity);
        Console::WriteLine("{0}Example key created.", Environment::NewLine);
        createdKey->SetValue("ValueName", "StringValue");
    }
    catch (SecurityException^ ex)
    {
        Console::WriteLine("{0}You do not have the permissions required " +
            "to create the example key:{0}{1}", Environment::NewLine, ex);
        return 0;
    }
    if (createdKey != nullptr)
    {
        createdKey->Close();
    }

    RegistryKey^ openedKey;

    // Open the key with read access.
    openedKey = Registry::CurrentUser->OpenSubKey("RegistryRightsExample",
        false);
    Console::WriteLine("{0}Retrieved value: {1}",
        Environment::NewLine, openedKey->GetValue("ValueName"));
    openedKey->Close();

    // Attempt to open the key with write access.
    try
    {
        openedKey = Registry::CurrentUser->OpenSubKey("RegistryRightsExample",
            true);
    }
    catch (SecurityException^ ex)
    {
        Console::WriteLine("{0}You do not have the permissions required " +
            "to write to the example key:{0}{1}", Environment::NewLine, ex);
    }
    if (openedKey != nullptr)
    {
        openedKey->Close();
    }

    // Attempt to change permissions for the key.
    try
    {
        regSecurity = gcnew RegistrySecurity();
        regSecurity->AddAccessRule(gcnew RegistryAccessRule(user,
            RegistryRights::WriteKey,
            InheritanceFlags::None,
            PropagationFlags::None,
            AccessControlType::Allow));
        openedKey = Registry::CurrentUser->OpenSubKey("RegistryRightsExample",
            false);
        openedKey->SetAccessControl(regSecurity);
        Console::WriteLine("{0}Example key permissions were changed.", 
            Environment::NewLine);
    }
    catch (UnauthorizedAccessException^ ex)
    {
        Console::WriteLine("{0}You are not authorized to change " +
            "permissions for the example key:{0}{1}", Environment::NewLine, ex);
    }
    if (openedKey != nullptr)
    {
        openedKey->Close();
    }

    Console::WriteLine("{0}Press Enter to delete the example key.", 
        Environment::NewLine);
    Console::ReadLine();

    try
    {
        Registry::CurrentUser->DeleteSubKey("RegistryRightsExample");
        Console::WriteLine("Example key was deleted.");
    }
    catch(SecurityException^ ex)
    {
        Console::WriteLine("{0}You do not have the permissions required to "
            + "delete the example key:{0}{1}", Environment::NewLine, ex);
    }
}
using System;
using System.Reflection;
using System.Security;
using System.Security.AccessControl;
using Microsoft.Win32;

public class Example
{
    public static void Main()
    {
        // Delete the example key if it exists.
        try
        {
            Registry.CurrentUser.DeleteSubKey("RegistryRightsExample");
            Console.WriteLine("Example key has been deleted.");
        }
        catch (ArgumentException)
        {
            // ArgumentException is thrown if the key does not exist. In
            // this case, there is no reason to display a message.
        }
        catch (Exception ex)
        {
            Console.WriteLine("Unable to delete the example key: {0}", ex);
            return;
        }

        string user = Environment.UserDomainName + "\\" + Environment.UserName;

        RegistrySecurity rs = new RegistrySecurity();

        // Allow the current user to read and delete the key.
        //
        rs.AddAccessRule(new RegistryAccessRule(user, 
            RegistryRights.ReadKey | RegistryRights.Delete, 
            InheritanceFlags.None, 
            PropagationFlags.None, 
            AccessControlType.Allow));

        // Prevent the current user from writing or changing the
        // permission set of the key. Note that if Delete permission
        // were not allowed in the previous access rule, denying
        // WriteKey permission would prevent the user from deleting the 
        // key.
        rs.AddAccessRule(new RegistryAccessRule(user, 
            RegistryRights.WriteKey | RegistryRights.ChangePermissions, 
            InheritanceFlags.None, 
            PropagationFlags.None, 
            AccessControlType.Deny));

        // Create the example key with registry security.
        RegistryKey rk = null;
        try
        {
            rk = Registry.CurrentUser.CreateSubKey("RegistryRightsExample", 
                RegistryKeyPermissionCheck.Default, rs);
            Console.WriteLine("\r\nExample key created.");
            rk.SetValue("ValueName", "StringValue");
        }
        catch (Exception ex)
        {
            Console.WriteLine("\r\nUnable to create the example key: {0}", ex);
        }
        if (rk != null) rk.Close();

        rk = Registry.CurrentUser;

        RegistryKey rk2;
        
        // Open the key with read access.
        rk2 = rk.OpenSubKey("RegistryRightsExample", false);
        Console.WriteLine("\r\nRetrieved value: {0}", rk2.GetValue("ValueName"));
        rk2.Close();

        // Attempt to open the key with write access.
        try
        {
            rk2 = rk.OpenSubKey("RegistryRightsExample", true);
        }
        catch (SecurityException ex)
        {
            Console.WriteLine("\nUnable to write to the example key." +
                " Caught SecurityException: {0}", ex.Message);
        }
        if (rk2 != null) rk2.Close();

        // Attempt to change permissions for the key.
        try
        {
            rs = new RegistrySecurity();
            rs.AddAccessRule(new RegistryAccessRule(user, 
                RegistryRights.WriteKey, 
                InheritanceFlags.None, 
                PropagationFlags.None, 
                AccessControlType.Allow));
            rk2 = rk.OpenSubKey("RegistryRightsExample", false);
            rk2.SetAccessControl(rs);
            Console.WriteLine("\r\nExample key permissions were changed.");
        }
        catch (UnauthorizedAccessException ex)
        {
            Console.WriteLine("\nUnable to change permissions for the example key." +
                " Caught UnauthorizedAccessException: {0}", ex.Message);
        }
        if (rk2 != null) rk2.Close();

        Console.WriteLine("\r\nPress Enter to delete the example key.");
        Console.ReadLine();

        try
        {
            rk.DeleteSubKey("RegistryRightsExample");
            Console.WriteLine("Example key was deleted.");
        }
        catch(Exception ex)
        {
            Console.WriteLine("Unable to delete the example key: {0}", ex);
        }

        rk.Close();
    }
}

/* This code example produces the following output:

Example key created.

Retrieved value: StringValue

Unable to write to the example key. Caught SecurityException: Requested registry access is not allowed.

Unable to change permissions for the example key. Caught UnauthorizedAccessException: Cannot write to the registry key.

Press Enter to delete the example key.

Example key was deleted.
 */
Imports System
Imports System.Reflection
Imports System.Security
Imports System.Security.AccessControl
Imports Microsoft.Win32

Public Class Example
    Public Shared Sub Main()
        ' Delete the example key if it exists.
        Try
            Registry.CurrentUser.DeleteSubKey("RegistryRightsExample")
            Console.WriteLine("Example key has been deleted.")
        Catch ex As ArgumentException
            ' ArgumentException is thrown if the key does not exist. In
            ' this case, there is no reason to display a message.
        Catch ex As Exception
            Console.WriteLine("Unable to delete the example key: {0}", ex)
            Return
        End Try

        Dim user As String = Environment.UserDomainName & "\" & Environment.UserName

        Dim rs As New RegistrySecurity()

        ' Allow the current user to read and delete the key.
        '
        rs.AddAccessRule(new RegistryAccessRule(user, _
            RegistryRights.ReadKey Or RegistryRights.Delete, _
            InheritanceFlags.None, _
            PropagationFlags.None, _
            AccessControlType.Allow))

        ' Prevent the current user from writing or changing the
        ' permission set of the key. Note that if Delete permission
        ' were not allowed in the previous access rule, denying
        ' WriteKey permission would prevent the user from deleting the 
        ' key.
        rs.AddAccessRule(new RegistryAccessRule(user, _
            RegistryRights.WriteKey Or RegistryRights.ChangePermissions, _
            InheritanceFlags.None, _
            PropagationFlags.None, _
            AccessControlType.Deny))

        ' Create the example key with registry security.
        Dim rk As RegistryKey = Nothing
        Try
            rk = Registry.CurrentUser.CreateSubKey("RegistryRightsExample", _
                RegistryKeyPermissionCheck.Default, rs)
            Console.WriteLine(vbCrLf & "Example key created.")
            rk.SetValue("ValueName", "StringValue")
        Catch ex As Exception
            Console.WriteLine(vbCrLf & "Unable to create the example key: {0}", ex)
        End Try

        If rk IsNot Nothing Then rk.Close()

        rk = Registry.CurrentUser

        Dim rk2 As RegistryKey
        
        ' Open the key with read access.
        rk2 = rk.OpenSubKey("RegistryRightsExample", False)
        Console.WriteLine(vbCrLf & "Retrieved value: {0}", rk2.GetValue("ValueName"))
        rk2.Close()

        ' Attempt to open the key with write access.
        Try
            rk2 = rk.OpenSubKey("RegistryRightsExample", True)
        Catch ex As SecurityException
            Console.WriteLine(vbCrLf & "Unable to write to the example key." _
                & " Caught SecurityException: {0}", ex.Message)
        End Try
        If rk2 IsNot Nothing Then rk2.Close()

        ' Attempt to change permissions for the key.
        Try
            rs = New RegistrySecurity()
            rs.AddAccessRule(new RegistryAccessRule(user, _
                RegistryRights.WriteKey, _
                InheritanceFlags.None, _
                PropagationFlags.None, _
                AccessControlType.Allow))
            rk2 = rk.OpenSubKey("RegistryRightsExample", False)
            rk2.SetAccessControl(rs)
            Console.WriteLine(vbCrLf & "Example key permissions were changed.")
        Catch ex As UnauthorizedAccessException
            Console.WriteLine(vbCrLf & "Unable to change permissions for the example key." _
                & " Caught UnauthorizedAccessException: {0}", ex.Message)
        End Try
        If rk2 IsNot Nothing Then rk2.Close()

        Console.WriteLine(vbCrLf & "Press Enter to delete the example key.")
        Console.ReadLine()

        Try
            rk.DeleteSubKey("RegistryRightsExample")
            Console.WriteLine("Example key was deleted.")
        Catch ex As Exception
            Console.WriteLine("Unable to delete the example key: {0}", ex)
        End Try

        rk.Close()
    End Sub
End Class

' This code produces the following output:
'
'Example key created.
'
'Retrieved value: StringValue
'
'Unable to write to the example key. Caught SecurityException: Requested registry access is not allowed.
'
'Unable to change permissions for the example key. Caught UnauthorizedAccessException: Cannot write to the registry key.
'
'Press Enter to delete the example key.
'
'Example key was deleted.

Remarques

Utilisez le RegistryRights lorsque vous créez des droits de l’énumération pour spécifier l’accès au Registre RegistrySecurity objets.Use the RegistryRights enumeration to specify registry access rights when you create RegistrySecurity objects. Pour appliquer des droits d’accès à une clé de Registre, tout d’abord ajouter RegistryAccessRule des objets sur un RegistrySecurity de l’objet, puis attachez le RegistrySecurity objet à la clé à l’aide la RegistryKey.SetAccessControl (méthode), ou une surcharge appropriée de la RegistryKey.CreateSubKey (méthode).To apply access rights to a registry key, first add RegistryAccessRule objects to a RegistrySecurity object, then attach the RegistrySecurity object to the key using the RegistryKey.SetAccessControl method, or an appropriate overload of the RegistryKey.CreateSubKey method.

S’applique à

Voir aussi