RegistrySecurity.ResetAccessRule(RegistryAccessRule) RegistrySecurity.ResetAccessRule(RegistryAccessRule) RegistrySecurity.ResetAccessRule(RegistryAccessRule) RegistrySecurity.ResetAccessRule(RegistryAccessRule) Method

Définition

Supprime toutes les règles de contrôle d'accès ayant le même utilisateur que la règle spécifiée, indépendamment de AccessControlType, puis ajoute la règle spécifiée.Removes all access control rules with the same user as the specified rule, regardless of AccessControlType, and then adds the specified rule.

public:
 void ResetAccessRule(System::Security::AccessControl::RegistryAccessRule ^ rule);
public void ResetAccessRule (System.Security.AccessControl.RegistryAccessRule rule);
override this.ResetAccessRule : System.Security.AccessControl.RegistryAccessRule -> unit
Public Sub ResetAccessRule (rule As RegistryAccessRule)

Paramètres

rule
RegistryAccessRule RegistryAccessRule RegistryAccessRule RegistryAccessRule

RegistryAccessRule à ajouter.The RegistryAccessRule to add. L'utilisateur spécifié par cette règle détermine les règles à supprimer avant l'ajout de celle-ci.The user specified by this rule determines the rules to remove before this rule is added.

Exemples

Le code suivant montre l’exemple comment la ResetAccessRule méthode remplace toutes les règles de l’utilisateur correspondant à la règle de correspondance spécifiée.The following code example shows how the ResetAccessRule method replaces all rules for the matching user with the rule specified for the match.

L’exemple crée un RegistrySecurity de l’objet et ajoute des règles qui accordent et refusent divers droits à l’utilisateur actuel, avec différents indicateurs d’héritage et de propagation.The example creates a RegistrySecurity object and adds rules that allow and deny various rights for the current user, with different inheritance and propagation flags. L’exemple crée ensuite une nouvelle règle qui autorise l’utilisateur actuel uniquement lire la clé et utilise le ResetAccessRule méthode pour supprimer toutes les règles de l’utilisateur et les remplacer par la nouvelle règle.The example then creates a new rule that allows the current user only to read the key, and uses the ResetAccessRule method to remove the all rules for the user and replace them with the new rule.

Notes

Cet exemple ne s’attache pas l’objet de sécurité à un RegistryKey objet.This example does not attach the security object to a RegistryKey object. Consultez le RegistryKey.GetAccessControl (méthode) et le RegistryKey.SetAccessControl (méthode).See the RegistryKey.GetAccessControl method and the RegistryKey.SetAccessControl method.


using System;
using System.Security.AccessControl;
using System.Security.Principal;
using System.Security;
using Microsoft.Win32;

public class Example
{
    public static void Main()
    {
        string user = Environment.UserDomainName + "\\"
            + Environment.UserName;

        // Create a security object that grants no access.
        RegistrySecurity mSec = new RegistrySecurity();

        // Add a rule that grants the current user the right
        // to read and enumerate the name/value pairs in a key, 
        // to read its access and audit rules, to enumerate
        // its subkeys, to create subkeys, and to delete the key. 
        // The rule is inherited by all contained subkeys.
        //
        RegistryAccessRule rule = new RegistryAccessRule(user, 
            RegistryRights.ReadKey | RegistryRights.WriteKey
                | RegistryRights.Delete, 
            InheritanceFlags.ContainerInherit, 
            PropagationFlags.None, 
            AccessControlType.Allow);
        mSec.AddAccessRule(rule);

        // Add a rule that allows the current user the right
        // right to set the name/value pairs in a key. 
        // This rule is inherited by contained subkeys, but
        // propagation flags limit it to immediate child 
        // subkeys.
        rule = new RegistryAccessRule(user, 
            RegistryRights.ChangePermissions,
            InheritanceFlags.ContainerInherit,
            PropagationFlags.InheritOnly | PropagationFlags.NoPropagateInherit, 
            AccessControlType.Allow);
        mSec.AddAccessRule(rule);

        // Add a rule that denies the current user the right
        // to set the name/value pairs in a key. This rule
        // has no inheritance or propagation flags, so it 
        // affects only the key itself.
        rule = new RegistryAccessRule(user,
            RegistryRights.SetValue,
            AccessControlType.Deny);
        mSec.AddAccessRule(rule);

        // Display the rules in the security object.
        ShowSecurity(mSec);

        // Create a rule that allows the current user  
        // only read access to a key, with no inheritance 
        // or propagation flags. ResetAccessRule removes
        // all the existing rules for the current user, 
        // replacing them with this rule.
        rule = new RegistryAccessRule(user, 
            RegistryRights.ReadKey, 
            AccessControlType.Allow);
        mSec.ResetAccessRule(rule);

        // Display the rules in the security object.
        // removed.
        ShowSecurity(mSec);
    }

    private static void ShowSecurity(RegistrySecurity security)
    {
        Console.WriteLine("\r\nCurrent access rules:\r\n");

        foreach( RegistryAccessRule ar in 
            security.GetAccessRules(true, true, typeof(NTAccount)) )
        {
            Console.WriteLine("        User: {0}", ar.IdentityReference);
            Console.WriteLine("        Type: {0}", ar.AccessControlType);
            Console.WriteLine("      Rights: {0}", ar.RegistryRights);
            Console.WriteLine(" Inheritance: {0}", ar.InheritanceFlags);
            Console.WriteLine(" Propagation: {0}", ar.PropagationFlags);
            Console.WriteLine("   Inherited? {0}", ar.IsInherited);
            Console.WriteLine();
        }
    }
}

/* This code example produces output similar to following:

Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: SetValue
 Inheritance: None
 Propagation: None
   Inherited? False

        User: TestDomain\TestUser
        Type: Allow
      Rights: SetValue, CreateSubKey, Delete, ReadKey
 Inheritance: ContainerInherit
 Propagation: None
   Inherited? False

        User: TestDomain\TestUser
        Type: Allow
      Rights: ChangePermissions
 Inheritance: ContainerInherit
 Propagation: NoPropagateInherit, InheritOnly
   Inherited? False


Current access rules:

        User: TestDomain\TestUser
        Type: Allow
      Rights: ReadKey
 Inheritance: None
 Propagation: None
   Inherited? False
*/
Option Explicit
Imports System
Imports System.Security.AccessControl
Imports System.Security.Principal
Imports System.Security
Imports Microsoft.Win32

Public Class Example

    Public Shared Sub Main()

        Dim user As String = Environment.UserDomainName _ 
            & "\" & Environment.UserName

        ' Create a security object that grants no access.
        Dim mSec As New RegistrySecurity()

        ' Add a rule that grants the current user the right
        ' to read and enumerate the name/value pairs in a key, 
        ' to read its access and audit rules, to enumerate
        ' its subkeys, to create subkeys, and to delete the key. 
        ' The rule is inherited by all contained subkeys.
        '
        Dim rule As New RegistryAccessRule(user, _
            RegistryRights.ReadKey Or RegistryRights.WriteKey _
                Or RegistryRights.Delete, _
            InheritanceFlags.ContainerInherit, _
            PropagationFlags.None, _
            AccessControlType.Allow)
        mSec.AddAccessRule(rule)

        ' Add a rule that allows the current user the right
        ' right to set the name/value pairs in a key. 
        ' This rule is inherited by contained subkeys, but
        ' propagation flags limit it to immediate child 
        ' subkeys.
        rule = New RegistryAccessRule(user, _
            RegistryRights.ChangePermissions, _
            InheritanceFlags.ContainerInherit, _
            PropagationFlags.InheritOnly Or PropagationFlags.NoPropagateInherit, _
            AccessControlType.Allow)
        mSec.AddAccessRule(rule)

        ' Add a rule that denies the current user the right
        ' to set the name/value pairs in a key. This rule
        ' has no inheritance or propagation flags, so it 
        ' affects only the key itself.
        rule = New RegistryAccessRule(user, _
            RegistryRights.SetValue, _
            AccessControlType.Deny)
        mSec.AddAccessRule(rule)

        ' Display the rules in the security object.
        ShowSecurity(mSec)

        ' Create a rule that allows the current user  
        ' only read access to a key, with no inheritance 
        ' or propagation flags. ResetAccessRule removes
        ' all the existing rules for the current user, 
        ' replacing them with this rule.
        rule = New RegistryAccessRule(user, _
            RegistryRights.ReadKey, _
            AccessControlType.Allow)
        mSec.ResetAccessRule(rule)

        ' Display the rules in the security object.
        ShowSecurity(mSec)

    End Sub 

    Private Shared Sub ShowSecurity(ByVal security As RegistrySecurity)
        Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)

        For Each ar As RegistryAccessRule In _
            security.GetAccessRules(True, True, GetType(NTAccount))

            Console.WriteLine("        User: {0}", ar.IdentityReference)
            Console.WriteLine("        Type: {0}", ar.AccessControlType)
            Console.WriteLine("      Rights: {0}", ar.RegistryRights)
            Console.WriteLine(" Inheritance: {0}", ar.InheritanceFlags)
            Console.WriteLine(" Propagation: {0}", ar.PropagationFlags)
            Console.WriteLine("   Inherited? {0}", ar.IsInherited)
            Console.WriteLine()
        Next

    End Sub
End Class 

'This code example produces output similar to following:
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: SetValue
' Inheritance: None
' Propagation: None
'   Inherited? False
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: SetValue, CreateSubKey, Delete, ReadKey
' Inheritance: ContainerInherit
' Propagation: None
'   Inherited? False
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: ChangePermissions
' Inheritance: ContainerInherit
' Propagation: NoPropagateInherit, InheritOnly
'   Inherited? False
'
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: ReadKey
' Inheritance: None
' Propagation: None
'   Inherited? False

Remarques

Si aucune règle d’accès dont l’utilisateur correspond à la règle spécifiée, rule est ajouté.If there are no access rules whose user matches the specified rule, rule is added.

S’applique à