DirectoryInfo.GetAccessControl 메서드

정의

현재 디렉터리의 ACL(액세스 제어 목록) 항목을 가져옵니다.Gets the access control list (ACL) entries for the current directory.

오버로드

GetAccessControl()

현재 DirectorySecurity 개체에서 설명하는 디렉터리의 ACL(액세스 제어 목록) 항목을 캡슐화하는 DirectoryInfo 개체를 가져옵니다.Gets a DirectorySecurity object that encapsulates the access control list (ACL) entries for the directory described by the current DirectoryInfo object.

GetAccessControl(AccessControlSections)

현재 DirectorySecurity 개체에서 설명하는 디렉터리의 지정된 ACL(액세스 제어 목록) 항목 형식을 캡슐화하는 DirectoryInfo 개체를 가져옵니다.Gets a DirectorySecurity object that encapsulates the specified type of access control list (ACL) entries for the directory described by the current DirectoryInfo object.

설명

GetAccessControl 메서드를 사용 하 여 현재 파일에 대 한 ACL (액세스 제어 목록) 항목을 검색 합니다.Use GetAccessControl methods to retrieve the access control list (ACL) entries for the current file.

자세한 내용은 방법: Access Control 목록 항목 추가 또는 제거를 참조하세요.For more information, see How to: Add or Remove Access Control List Entries.

GetAccessControl()

현재 DirectorySecurity 개체에서 설명하는 디렉터리의 ACL(액세스 제어 목록) 항목을 캡슐화하는 DirectoryInfo 개체를 가져옵니다.Gets a DirectorySecurity object that encapsulates the access control list (ACL) entries for the directory described by the current DirectoryInfo object.

public:
 System::Security::AccessControl::DirectorySecurity ^ GetAccessControl();
public System.Security.AccessControl.DirectorySecurity GetAccessControl ();
member this.GetAccessControl : unit -> System.Security.AccessControl.DirectorySecurity
Public Function GetAccessControl () As DirectorySecurity

반환

DirectorySecurity

디렉터리의 액세스 제어 규칙을 캡슐화하는 DirectorySecurity 개체입니다.A DirectorySecurity object that encapsulates the access control rules for the directory.

예외

디렉터리를 찾거나 수정할 수 없는 경우The directory could not be found or modified.

디렉터리가 읽기 전용인 경우The directory is read-only.

-또는--or-

현재 플랫폼이 해당 작업을 지원하지 않는 경우This operation is not supported on the current platform.

-또는--or-

호출자에게 필요한 사용 권한이 없습니다.The caller does not have the required permission.

디렉터리를 여는 동안 I/O 오류가 발생한 경우An I/O error occurred while opening the directory.

예제

다음 예제에서는 GetAccessControlSetAccessControl 메서드를 사용 하 여 디렉터리에서 ACL (액세스 제어 목록) 항목을 추가 하 고 제거 합니다.The following example uses the GetAccessControl and SetAccessControl methods to add and then remove an access control list (ACL) entry from a directory.

using namespace System;
using namespace System::IO;
using namespace System::Security::AccessControl;

// Adds an ACL entry on the specified directory for the
// specified account.
void AddDirectorySecurity(String^ directoryName, String^ account, 
     FileSystemRights rights, AccessControlType controlType)
{
    // Create a new DirectoryInfo object.
    DirectoryInfo^ dInfo = gcnew DirectoryInfo(directoryName);

    // Get a DirectorySecurity object that represents the
    // current security settings.
    DirectorySecurity^ dSecurity = dInfo->GetAccessControl();

    // Add the FileSystemAccessRule to the security settings.
    dSecurity->AddAccessRule( gcnew FileSystemAccessRule(account,
        rights, controlType));

    // Set the new access settings.
    dInfo->SetAccessControl(dSecurity);
}

// Removes an ACL entry on the specified directory for the
// specified account.
void RemoveDirectorySecurity(String^ directoryName, String^ account,
     FileSystemRights rights, AccessControlType controlType)
{
    // Create a new DirectoryInfo object.
    DirectoryInfo^ dInfo = gcnew DirectoryInfo(directoryName);

    // Get a DirectorySecurity object that represents the
    // current security settings.
    DirectorySecurity^ dSecurity = dInfo->GetAccessControl();

    // Add the FileSystemAccessRule to the security settings.
    dSecurity->RemoveAccessRule(gcnew FileSystemAccessRule(account,
        rights, controlType));

    // Set the new access settings.
    dInfo->SetAccessControl(dSecurity);
}    

int main()
{
    String^ directoryName = "TestDirectory";
    String^ accountName = "MYDOMAIN\\MyAccount";
    if (!Directory::Exists(directoryName))
    {
        Console::WriteLine("The directory {0} could not be found.", 
            directoryName);
        return 0;
    }
    try
    {
        Console::WriteLine("Adding access control entry for {0}",
            directoryName);

        // Add the access control entry to the directory.
        AddDirectorySecurity(directoryName, accountName,
            FileSystemRights::ReadData, AccessControlType::Allow);

        Console::WriteLine("Removing access control entry from {0}",
            directoryName);

        // Remove the access control entry from the directory.
        RemoveDirectorySecurity(directoryName, accountName, 
            FileSystemRights::ReadData, AccessControlType::Allow);

        Console::WriteLine("Done.");
    }
    catch (UnauthorizedAccessException^)
    {
        Console::WriteLine("You are not authorised to carry" +
            " out this procedure.");
    }
    catch (System::Security::Principal::
        IdentityNotMappedException^)
    {
        Console::WriteLine("The account {0} could not be found.", accountName);
    }
}

using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class DirectoryExample
    {
        public static void Main()
        {
            try
            {
                string DirectoryName = "TestDirectory";

                Console.WriteLine("Adding access control entry for " + DirectoryName);

                // Add the access control entry to the directory.
                AddDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Removing access control entry from " + DirectoryName);

                // Remove the access control entry from the directory.
                RemoveDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Done.");
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }

            Console.ReadLine();
        }

        // Adds an ACL entry on the specified directory for the specified account.
        public static void AddDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
        {
            // Create a new DirectoryInfo object.
            DirectoryInfo dInfo = new DirectoryInfo(FileName);

            // Get a DirectorySecurity object that represents the
            // current security settings.
            DirectorySecurity dSecurity = dInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings.
            dSecurity.AddAccessRule(new FileSystemAccessRule(Account,
                                                            Rights,
                                                            ControlType));

            // Set the new access settings.
            dInfo.SetAccessControl(dSecurity);
        }

        // Removes an ACL entry on the specified directory for the specified account.
        public static void RemoveDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
        {
            // Create a new DirectoryInfo object.
            DirectoryInfo dInfo = new DirectoryInfo(FileName);

            // Get a DirectorySecurity object that represents the
            // current security settings.
            DirectorySecurity dSecurity = dInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings.
            dSecurity.RemoveAccessRule(new FileSystemAccessRule(Account,
                                                            Rights,
                                                            ControlType));

            // Set the new access settings.
            dInfo.SetAccessControl(dSecurity);
        }
    }
}

Imports System.IO
Imports System.Security.AccessControl



Module DirectoryExample

    Sub Main()
        Try
            Dim DirectoryName As String = "TestDirectory"

            Console.WriteLine("Adding access control entry for " + DirectoryName)

            ' Add the access control entry to the directory.
            AddDirectorySecurity(DirectoryName, "MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Removing access control entry from " + DirectoryName)

            ' Remove the access control entry from the directory.
            RemoveDirectorySecurity(DirectoryName, "MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Done.")
        Catch e As Exception
            Console.WriteLine(e)
        End Try

        Console.ReadLine()

    End Sub


    ' Adds an ACL entry on the specified directory for the specified account.
    Sub AddDirectorySecurity(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal ControlType As AccessControlType)
        ' Create a new DirectoryInfoobject.
        Dim dInfo As New DirectoryInfo(FileName)

        ' Get a DirectorySecurity object that represents the 
        ' current security settings.
        Dim dSecurity As DirectorySecurity = dInfo.GetAccessControl()

        ' Add the FileSystemAccessRule to the security settings. 
        dSecurity.AddAccessRule(New FileSystemAccessRule(Account, Rights, ControlType))

        ' Set the new access settings.
        dInfo.SetAccessControl(dSecurity)

    End Sub


    ' Removes an ACL entry on the specified directory for the specified account.
    Sub RemoveDirectorySecurity(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal ControlType As AccessControlType)
        ' Create a new DirectoryInfo object.
        Dim dInfo As New DirectoryInfo(FileName)

        ' Get a DirectorySecurity object that represents the 
        ' current security settings.
        Dim dSecurity As DirectorySecurity = dInfo.GetAccessControl()

        ' Add the FileSystemAccessRule to the security settings. 
        dSecurity.RemoveAccessRule(New FileSystemAccessRule(Account, Rights, ControlType))

        ' Set the new access settings.
        dInfo.SetAccessControl(dSecurity)

    End Sub
End Module

설명

이 메서드 오버 로드를 호출 하는 것은 GetAccessControl 메서드 오버 로드를 호출 하 고 AccessControlSections.Owner | | AccessControlSections.Group (AccessControlSections.AccessOrAccessControlSections.OwnerOr) AccessControlSections.Access 액세스 제어 섹션을 지정 하는 것과 같습니다.AccessControlSections.GroupCalling this method overload is equivalent to calling the GetAccessControl method overload and specifying the access control sections AccessControlSections.Access | AccessControlSections.Owner | AccessControlSections.Group (AccessControlSections.AccessOrAccessControlSections.OwnerOrAccessControlSections.Group in Visual Basic).

GetAccessControl 메서드를 사용 하 여 현재 파일에 대 한 ACL (액세스 제어 목록) 항목을 검색 합니다.Use the GetAccessControl method to retrieve the access control list (ACL) entries for the current file.

ACL에는 개인 및/또는 그룹 했거나 권한이 없는, 특정된 파일이 나 디렉터리에서 특정 작업을 설명 합니다.An ACL describes individuals and/or groups who have, or do not have, rights to specific actions on the given file or directory. 자세한 내용은 방법: Access Control 목록 항목 추가 또는 제거를 참조하세요.For more information, see How to: Add or Remove Access Control List Entries.

GetAccessControl(AccessControlSections)

현재 DirectorySecurity 개체에서 설명하는 디렉터리의 지정된 ACL(액세스 제어 목록) 항목 형식을 캡슐화하는 DirectoryInfo 개체를 가져옵니다.Gets a DirectorySecurity object that encapsulates the specified type of access control list (ACL) entries for the directory described by the current DirectoryInfo object.

public:
 System::Security::AccessControl::DirectorySecurity ^ GetAccessControl(System::Security::AccessControl::AccessControlSections includeSections);
public System.Security.AccessControl.DirectorySecurity GetAccessControl (System.Security.AccessControl.AccessControlSections includeSections);
member this.GetAccessControl : System.Security.AccessControl.AccessControlSections -> System.Security.AccessControl.DirectorySecurity
Public Function GetAccessControl (includeSections As AccessControlSections) As DirectorySecurity

매개 변수

includeSections
AccessControlSections

가져올 ACL(액세스 제어 목록) 정보의 형식을 지정하는 AccessControlSections 값 중 하나입니다.One of the AccessControlSections values that specifies the type of access control list (ACL) information to receive.

반환

DirectorySecurity

DirectorySecurity 매개 변수에 설명된 파일의 액세스 제어 규칙을 캡슐화하는 path 개체입니다.A DirectorySecurity object that encapsulates the access control rules for the file described by the path parameter.

예외Exceptions

예외 형식Exception type 조건Condition
SystemException 디렉터리를 찾거나 수정할 수 없는 경우The directory could not be found or modified.
UnauthorizedAccessException 현재 프로세스에 디렉터리를 열 수 있는 권한이 없는 경우The current process does not have access to open the directory.
IOException 디렉터리를 여는 동안 I/O 오류가 발생한 경우An I/O error occurred while opening the directory.
UnauthorizedAccessException 디렉터리가 읽기 전용인 경우The directory is read-only. -또는--or- 현재 플랫폼이 해당 작업을 지원하지 않는 경우This operation is not supported on the current platform. -또는--or- 호출자에게 필요한 사용 권한이 없습니다.The caller does not have the required permission.

설명

GetAccessControl 메서드를 사용 하 여 현재 파일에 대 한 ACL (액세스 제어 목록) 항목을 검색 합니다.Use the GetAccessControl method to retrieve the access control list (ACL) entries for the current file.

ACL에는 개인 및/또는 그룹 했거나 권한이 없는, 특정된 파일이 나 디렉터리에서 특정 작업을 설명 합니다.An ACL describes individuals and/or groups who have, or do not have, rights to specific actions on the given file or directory. 자세한 내용은 방법: Access Control 목록 항목 추가 또는 제거를 참조하세요.For more information, see How to: Add or Remove Access Control List Entries.

적용 대상