SemaphoreSecurity.RemoveAccessRule(SemaphoreAccessRule) メソッド

定義

指定した規則と同じユーザーと AccessControlType (許可または拒否)、および互換性のある継承フラグと反映フラグが指定されたアクセス制御規則が検索されます。このような規則が見つかると、指定したアクセス規則に含まれる権限がその規則から削除されます。Searches for an access control rule with the same user and AccessControlType (allow or deny) as the specified rule, and with compatible inheritance and propagation flags; if such a rule is found, the rights contained in the specified access rule are removed from it.

public:
 bool RemoveAccessRule(System::Security::AccessControl::SemaphoreAccessRule ^ rule);
public bool RemoveAccessRule (System.Security.AccessControl.SemaphoreAccessRule rule);
override this.RemoveAccessRule : System.Security.AccessControl.SemaphoreAccessRule -> bool
Public Function RemoveAccessRule (rule As SemaphoreAccessRule) As Boolean

パラメーター

rule
SemaphoreAccessRule

検索対象のユーザーと SemaphoreAccessRule、および一致する規則が見つかった場合にその規則と互換性のある継承フラグと反映フラグのセットを指定する AccessControlTypeA SemaphoreAccessRule that specifies the user and AccessControlType to search for, and a set of inheritance and propagation flags that a matching rule, if found, must be compatible with. 互換性のある規則が見つかった場合にその規則から削除する権限を指定します。Specifies the rights to remove from the compatible rule, if found.

戻り値

互換性のある規則が見つかった場合は true。それ以外の場合は falsetrue if a compatible rule is found; otherwise false.

例外

rulenull です。rule is null.

次のコード例では、RemoveAccessRule メソッドを使用して、SemaphoreSecurity オブジェクトの Allow ルールから権限を削除する方法を示します。The following code example demonstrates the use of the RemoveAccessRule method to remove rights from an Allow rule in a SemaphoreSecurity object. また、rule の他の権限が無視されることも示しています。It also shows that other rights in rule are ignored.

この例では、SemaphoreSecurity オブジェクトを作成し、現在のユーザーに対してさまざまな権限を許可および拒否するルールを追加します。The example creates a SemaphoreSecurity object and adds rules that allow and deny various rights for the current user. 許可される権限には、ModifyReadPermissions、および Synchronizeがあります。The rights allowed include Modify, ReadPermissions, and Synchronize. 次に、ReadPermissions および TakeOwnership 権限を含む現在のユーザーに対する新しいルールを作成し、そのルールを RemoveAccessRule メソッドと共に使用して、Allow オブジェクトの SemaphoreSecurity ルールから ReadPermissions を削除します。The example then creates a new rule for the current user, including ReadPermissions and TakeOwnership rights, and uses that rule with the RemoveAccessRule method to remove ReadPermissions from the Allow rule in the SemaphoreSecurity object. rule 内の余分な TakeOwnership 権限は無視されます。The extraneous TakeOwnership right in rule is ignored.

注意

この例では、Semaphore オブジェクトにセキュリティオブジェクトをアタッチしません。This example does not attach the security object to a Semaphore object. セキュリティオブジェクトをアタッチする例については、Semaphore.GetAccessControlSemaphore.SetAccessControlを参照してください。Examples that attach security objects can be found in Semaphore.GetAccessControl and Semaphore.SetAccessControl.

using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;

public class Example
{
    public static void Main()
    {
        // Create a string representing the current user.
        string user = Environment.UserDomainName + "\\" + 
            Environment.UserName;

        // Create a security object that grants no access.
        SemaphoreSecurity mSec = new SemaphoreSecurity();

        // Add a rule that grants the current user the 
        // right to enter or release the semaphore and read the
        // permissions on the semaphore.
        SemaphoreAccessRule rule = new SemaphoreAccessRule(user, 
            SemaphoreRights.Synchronize | SemaphoreRights.Modify
                | SemaphoreRights.ReadPermissions, 
            AccessControlType.Allow);
        mSec.AddAccessRule(rule);

        // Add a rule that denies the current user the 
        // right to change permissions on the semaphore.
        rule = new SemaphoreAccessRule(user, 
            SemaphoreRights.ChangePermissions, 
            AccessControlType.Deny);
        mSec.AddAccessRule(rule);

        // Display the rules in the security object.
        ShowSecurity(mSec);

        // Create a rule that grants the current user 
        // the right to read permissions on the semaphore, and
        // take ownership of the semaphore. Use this rule to 
        // remove the right to read permissions from the 
        // Allow rule for the current user. The inclusion 
        // of the right to take ownership has no effect.
        rule = new SemaphoreAccessRule(user, 
            SemaphoreRights.TakeOwnership | 
                SemaphoreRights.ReadPermissions, 
            AccessControlType.Allow);
        mSec.RemoveAccessRule(rule);

        ShowSecurity(mSec);
    }

    private static void ShowSecurity(SemaphoreSecurity security)
    {
        Console.WriteLine("\r\nCurrent access rules:\r\n");

        foreach(SemaphoreAccessRule ar in 
            security.GetAccessRules(true, true, typeof(NTAccount)))
        {
            Console.WriteLine("        User: {0}", ar.IdentityReference);
            Console.WriteLine("        Type: {0}", ar.AccessControlType);
            Console.WriteLine("      Rights: {0}", ar.SemaphoreRights);
            Console.WriteLine();
        }
    }
}

/*This code example produces output similar to following:

Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, ReadPermissions, Synchronize


Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, Synchronize
 */
Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal

Public Class Example

    Public Shared Sub Main()

        ' Create a string representing the current user.
        Dim user As String = Environment.UserDomainName _ 
            & "\" & Environment.UserName

        ' Create a security object that grants no access.
        Dim mSec As New SemaphoreSecurity()

        ' Add a rule that grants the current user the 
        ' right to enter or release the semaphore, and to 
        ' read its permissions.
        Dim rule As New SemaphoreAccessRule(user, _
            SemaphoreRights.Synchronize _
            Or SemaphoreRights.Modify _
            Or SemaphoreRights.ReadPermissions, _
            AccessControlType.Allow)
        mSec.AddAccessRule(rule)

        ' Add a rule that denies the current user the 
        ' right to change permissions on the semaphore.
        rule = New SemaphoreAccessRule(user, _
            SemaphoreRights.ChangePermissions, _
            AccessControlType.Deny)
        mSec.AddAccessRule(rule)

        ' Display the rules in the security object.
        ShowSecurity(mSec)

        ' Create a rule that grants the current user 
        ' the right to read permissions on the semaphore, and
        ' take ownership of the semaphore. Use this rule to 
        ' remove the right to read permissions from the 
        ' Allow rule for the current user. The inclusion 
        ' of the right to take ownership has no effect.
        rule = New SemaphoreAccessRule(user, _
            SemaphoreRights.TakeOwnership _
            Or SemaphoreRights.ReadPermissions, _
            AccessControlType.Allow)
        mSec.RemoveAccessRule(rule)

        ShowSecurity(mSec)
        
    End Sub 

    Private Shared Sub ShowSecurity(ByVal security As SemaphoreSecurity)
        Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)

        For Each ar As SemaphoreAccessRule In _
            security.GetAccessRules(True, True, GetType(NTAccount))

            Console.WriteLine("        User: {0}", ar.IdentityReference)
            Console.WriteLine("        Type: {0}", ar.AccessControlType)
            Console.WriteLine("      Rights: {0}", ar.SemaphoreRights)
            Console.WriteLine()
        Next

    End Sub
End Class 

'This code example produces output similar to following:
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: Modify, ReadPermissions, Synchronize
'
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: Modify, Synchronize

注釈

現在の SemaphoreSecurity は、同じユーザーと ruleと同じ AccessControlType 値を持つルールを検索します。The current SemaphoreSecurity is searched for a rule that has the same user and the same AccessControlType value as rule. このようなルールが見つからない場合、アクションは実行されず、メソッドは falseを返します。If no such rule is found, no action is taken, and the method returns false. 一致規則が見つかった場合は、その継承と互換性フラグが ruleで指定されたフラグとの互換性をチェックされます。If matching rules are found, their inheritance and compatibility flags are checked for compatibility with the flags specified in rule. 互換性のある規則が見つからない場合、アクションは実行されず、メソッドは falseを返します。If no compatible rule is found, no action is taken, and the method returns false. 互換性のあるフラグを持つ規則が見つかった場合は、rule で指定された権限が互換性のあるルールから削除され、メソッドが trueを返します。If a rule with compatible flags is found, the rights specified in rule are removed from the compatible rule, and the method returns true. 互換性のある規則に含まれていない権限が rule 指定されている場合は、それらの権限に関して何も行われません。If rule specifies rights not contained in the compatible rule, no action is taken with respect to those rights. すべての権限が互換性のあるルールから削除されると、ルール全体が現在の SemaphoreSecurity オブジェクトから削除されます。If all rights are removed from the compatible rule, the entire rule is removed from the current SemaphoreSecurity object.

重要

セマフォアクセス規則の継承フラグと反映フラグは、AccessRuleFactory メソッドを使用して作成することによって指定できますが、この方法はお勧めしません。Although you can specify inheritance and propagation flags for semaphore access rules, by creating them with the AccessRuleFactory method, this is not recommended. 継承と伝達は名前付きセマフォには意味がなく、アクセス規則の保守がより複雑になります。Inheritance and propagation have no meaning for named semaphores, and they make the maintenance of access rules more complicated.

適用対象