FileInfo.SetAccessControl(FileSecurity) 方法
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
将 FileSecurity 对象所描述的访问控制列表 (ACL) 项应用于当前 FileInfo 对象所描述的文件。
public:
void SetAccessControl(System::Security::AccessControl::FileSecurity ^ fileSecurity);
public void SetAccessControl (System.Security.AccessControl.FileSecurity fileSecurity);
member this.SetAccessControl : System.Security.AccessControl.FileSecurity -> unit
Public Sub SetAccessControl (fileSecurity As FileSecurity)
参数
- fileSecurity
- FileSecurity
一个 FileSecurity 对象,该对象描述要应用于当前文件的访问控制列表 (ACL) 项。
例外
fileSecurity
参数为 null
。
未能找到或修改该文件。
当前进程不具有打开该文件的权限。
示例
下面的代码示例使用 GetAccessControl 方法和 SetAccessControl 方法从文件中添加和删除 ACL 条目。 你必须提供有效的用户或组帐户以运行此示例。
#using <System.Security.dll>
using namespace System;
using namespace System::IO;
using namespace System::Security::AccessControl;
using namespace System::Security::Principal;
// Adds an ACL entry on the specified file for the specified account.
static void AddFileSecurity(String^ fileName, String^ account,
FileSystemRights^ rights,
AccessControlType^ controlType)
{
// Create a new FileInfo object.
FileInfo^ fInfo = gcnew FileInfo(fileName);
if (!fInfo->Exists)
{
fInfo->Create();
}
// Get a FileSecurity object that represents the
// current security settings.
FileSecurity^ fSecurity = fInfo->GetAccessControl();
// Add the FileSystemAccessRule to the security settings.
fSecurity->AddAccessRule(gcnew FileSystemAccessRule(account,
*rights, *controlType));
// Set the new access settings.
fInfo->SetAccessControl(fSecurity);
}
// Removes an ACL entry on the specified file for the specified account.
static void RemoveFileSecurity(String^ fileName, String^ account,
FileSystemRights^ rights,
AccessControlType^ controlType)
{
// Create a new FileInfo object.
FileInfo^ fInfo = gcnew FileInfo(fileName);
if (!fInfo->Exists)
{
fInfo->Create();
}
// Get a FileSecurity object that represents the
// current security settings.
FileSecurity^ fSecurity = fInfo->GetAccessControl();
// Remove the FileSystemAccessRule from the security settings.
fSecurity->RemoveAccessRule(gcnew FileSystemAccessRule(account,
*rights, *controlType));
// Set the new access settings.
fInfo->SetAccessControl(fSecurity);
}
int main()
{
try
{
String^ fileName = "c:\\test.xml";
Console::WriteLine("Adding access control entry for " +
fileName);
// Add the access control entry to the file.
// Before compiling this snippet, change MyDomain to your
// domain name and MyAccessAccount to the name
// you use to access your domain.
AddFileSecurity(fileName, "MyDomain\\MyAccessAccount",
FileSystemRights::ReadData, AccessControlType::Allow);
Console::WriteLine("Removing access control entry from " +
fileName);
// Remove the access control entry from the file.
// Before compiling this snippet, change MyDomain to your
// domain name and MyAccessAccount to the name
// you use to access your domain.
RemoveFileSecurity(fileName, "MyDomain\\MyAccessAccount",
FileSystemRights::ReadData, AccessControlType::Allow);
Console::WriteLine("Done.");
}
catch (Exception^ e)
{
Console::WriteLine(e);
}
}
//This code produces output similar to the following;
//results may vary based on the computer/file structure/etc.:
//
//Adding access control entry for c:\test.xml
//Removing access control entry from c:\test.xml
//Done.
//
using System;
using System.IO;
using System.Security.AccessControl;
namespace FileSystemExample
{
class FileExample
{
public static void Main()
{
try
{
string FileName = "c:/test.xml";
Console.WriteLine("Adding access control entry for " + FileName);
// Add the access control entry to the file.
// Before compiling this snippet, change MyDomain to your
// domain name and MyAccessAccount to the name
// you use to access your domain.
AddFileSecurity(FileName, @"MyDomain\MyAccessAccount", FileSystemRights.ReadData, AccessControlType.Allow);
Console.WriteLine("Removing access control entry from " + FileName);
// Remove the access control entry from the file.
// Before compiling this snippet, change MyDomain to your
// domain name and MyAccessAccount to the name
// you use to access your domain.
RemoveFileSecurity(FileName, @"MyDomain\MyAccessAccount", FileSystemRights.ReadData, AccessControlType.Allow);
Console.WriteLine("Done.");
}
catch (Exception e)
{
Console.WriteLine(e);
}
}
// Adds an ACL entry on the specified file for the specified account.
public static void AddFileSecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
{
// Create a new FileInfo object.
FileInfo fInfo = new FileInfo(FileName);
// Get a FileSecurity object that represents the
// current security settings.
FileSecurity fSecurity = fInfo.GetAccessControl();
// Add the FileSystemAccessRule to the security settings.
fSecurity.AddAccessRule(new FileSystemAccessRule(Account,
Rights,
ControlType));
// Set the new access settings.
fInfo.SetAccessControl(fSecurity);
}
// Removes an ACL entry on the specified file for the specified account.
public static void RemoveFileSecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
{
// Create a new FileInfo object.
FileInfo fInfo = new FileInfo(FileName);
// Get a FileSecurity object that represents the
// current security settings.
FileSecurity fSecurity = fInfo.GetAccessControl();
// Add the FileSystemAccessRule to the security settings.
fSecurity.RemoveAccessRule(new FileSystemAccessRule(Account,
Rights,
ControlType));
// Set the new access settings.
fInfo.SetAccessControl(fSecurity);
}
}
}
//This code produces output similar to the following;
//results may vary based on the computer/file structure/etc.:
//
//Adding access control entry for c:\test.xml
//Removing access control entry from c:\test.xml
//Done.
//
Imports System.IO
Imports System.Security.AccessControl
Module FileExample
Sub Main()
Try
Dim FileName As String = "c:\test.xml"
Console.WriteLine("Adding access control entry for " & FileName)
' Add the access control entry to the file.
' Before compiling this snippet, change MyDomain to your
' domain name and MyAccessAccount to the name
' you use to access your domain.
AddFileSecurity(FileName, "MyDomain\\MyAccessAccount", FileSystemRights.ReadData, AccessControlType.Allow)
Console.WriteLine("Removing access control entry from " & FileName)
' Remove the access control entry from the file.
' Before compiling this snippet, change MyDomain to your
' domain name and MyAccessAccount to the name
' you use to access your domain.
RemoveFileSecurity(FileName, "MyDomain\\MyAccessAccount", FileSystemRights.ReadData, AccessControlType.Allow)
Console.WriteLine("Done.")
Catch e As Exception
Console.WriteLine(e)
End Try
End Sub
' Adds an ACL entry on the specified file for the specified account.
Sub AddFileSecurity(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal ControlType As AccessControlType)
' Create a new FileInfo object.
Dim fInfo As New FileInfo(FileName)
' Get a FileSecurity object that represents the
' current security settings.
Dim fSecurity As FileSecurity = fInfo.GetAccessControl()
' Add the FileSystemAccessRule to the security settings.
fSecurity.AddAccessRule(New FileSystemAccessRule(Account, Rights, ControlType))
' Set the new access settings.
fInfo.SetAccessControl(fSecurity)
End Sub
' Removes an ACL entry on the specified file for the specified account.
Sub RemoveFileSecurity(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal ControlType As AccessControlType)
' Create a new FileInfo object.
Dim fInfo As New FileInfo(FileName)
' Get a FileSecurity object that represents the
' current security settings.
Dim fSecurity As FileSecurity = fInfo.GetAccessControl()
' Add the FileSystemAccessRule to the security settings.
fSecurity.RemoveAccessRule(New FileSystemAccessRule(Account, Rights, ControlType))
' Set the new access settings.
fInfo.SetAccessControl(fSecurity)
End Sub
End Module
'This code produces output similar to the following;
'results may vary based on the computer/file structure/etc.:
'
'Adding access control entry for c:\test.xml
'Removing access control entry from c:\test.xml
'Done.
'
注解
方法 SetAccessControl 将访问控制列表 (ACL) 项应用于表示非遗传 ACL 列表的当前文件。
SetAccessControl每当需要添加或删除文件中的 ACL 条目时,请使用 方法。
注意
为 fileSecurity
参数指定的 ACL 替换文件的现有 ACL。 若要为新用户添加权限,请使用 GetAccessControl 方法获取现有 ACL,对其进行修改,然后使用 SetAccessControl 将其应用回文件。
ACL 描述对给定文件具有或没有特定操作权限的个人和/或组。 有关详细信息,请参阅如何:添加或删除访问控制列表条目。
方法 SetAccessControl 仅 FileSecurity 保留创建对象后已修改的对象。 FileSecurity如果对象尚未修改,则不会将其保存到文件中。 因此,无法从一个文件检索对象并将同一 FileSecurity 对象重新应用到另一个文件。
将 ACL 信息从一个文件复制到另一个文件:
GetAccessControl使用 方法从源文件中检索 FileSecurity 对象。
Create目标文件的新FileSecurity对象。
GetSecurityDescriptorBinaryForm使用源FileSecurity对象的 或 GetSecurityDescriptorSddlForm 方法检索 ACL 信息。
SetSecurityDescriptorBinaryForm使用 或 SetSecurityDescriptorSddlForm 方法将步骤 3 中检索到的信息复制到目标FileSecurity对象。
使用 SetAccessControl 方法将目标FileSecurity对象设置为目标文件。
适用于
反馈
https://aka.ms/ContentUserFeedback。
即将发布:在整个 2024 年,我们将逐步淘汰作为内容反馈机制的“GitHub 问题”,并将其取代为新的反馈系统。 有关详细信息,请参阅:提交和查看相关反馈