MessageQueue.SetPermissions 方法

定义

将权限添加到当前集合中。Adds permissions to the current set. 这样可控制谁对队列中的队列属性和消息具有访问权限。This controls who has access rights to queue properties and messages in the queue.

重载

SetPermissions(AccessControlList)

基于访问控制列表的内容将访问权限分配给队列。Assigns access rights to the queue based on the contents of an access control list.

SetPermissions(MessageQueueAccessControlEntry)

基于访问控制项的内容将访问权限分配给队列。Assigns access rights to the queue based on the contents of an access control entry.

SetPermissions(String, MessageQueueAccessRights)

给予计算机、组或用户指定的访问权限。Gives a computer, group, or user the specified access rights.

SetPermissions(String, MessageQueueAccessRights, AccessControlEntryType)

利用指定的访问控制类型(允许、拒绝、撤消或设置),给予计算机、组或用户指定的访问权限。Gives a computer, group, or user the specified access rights, with the specified access control type (allow, deny, revoke, or set).

SetPermissions(AccessControlList)

基于访问控制列表的内容将访问权限分配给队列。Assigns access rights to the queue based on the contents of an access control list.

public:
 void SetPermissions(System::Messaging::AccessControlList ^ dacl);
public void SetPermissions (System.Messaging.AccessControlList dacl);
member this.SetPermissions : System.Messaging.AccessControlList -> unit
Public Sub SetPermissions (dacl As AccessControlList)

参数

dacl
AccessControlList

AccessControlList,包含一个或多个指定受信者和要授予的权限的访问控制项。A AccessControlList that contains one or more access control entries that specify the trustees and the permissions to grant.

异常

访问“消息队列”方法时出错。An error occurred when accessing a Message Queuing method.

示例

以下代码示例演示了 SetPermissions(AccessControlList) 的用法。The following code example demonstrates the use of SetPermissions(AccessControlList).


// Connect to a queue on the local computer.
MessageQueue^ queue = gcnew MessageQueue(".\\exampleQueue");

// Create an AccessControlList.
AccessControlList^ list = gcnew AccessControlList();

// Create a new trustee to represent the "Everyone" user group.
Trustee^ tr = gcnew Trustee("Everyone");

// Create an AccessControlEntry, granting the trustee read access to
// the queue.
AccessControlEntry^ entry = gcnew AccessControlEntry(
    tr, GenericAccessRights::Read,
    StandardAccessRights::Read,
    AccessControlEntryType::Allow);

// Add the AccessControlEntry to the AccessControlList.
list->Add(entry);

// Apply the AccessControlList to the queue.
queue->SetPermissions(list);

queue->Close();


// Connect to a queue on the local computer.
MessageQueue queue = new MessageQueue(".\\exampleQueue");

// Create an AccessControlList.
AccessControlList list = new AccessControlList();

// Create a new trustee to represent the "Everyone" user group.
Trustee tr = new Trustee("Everyone");

// Create an AccessControlEntry, granting the trustee read access to
// the queue.
AccessControlEntry entry = new AccessControlEntry(
    tr, GenericAccessRights.Read,
    StandardAccessRights.Read,
    AccessControlEntryType.Allow);

// Add the AccessControlEntry to the AccessControlList.
list.Add(entry);

// Apply the AccessControlList to the queue.
queue.SetPermissions(list);

注解

使用此重载可通过使用访问控制项的集合指定受信者和权限信息来授予、拒绝或撤消权限。Use this overload to grant, deny, or revoke rights by using a collection of access control entries to specify trustee and permissions information. 例如,使用此项可以同时向多个用户授予权限。This is used, for example, to grant permissions to multiple users at the same time.

构造 ace 参数时指定的受信者可以是单个用户、用户组或计算机。The trustee you specify when you construct the ace parameter can be an individual user, a group of users, or a computer. 如果受信者是个人,请使用格式 DOMAIN\userIf the trustee is an individual, use the format DOMAIN\user. 您可以为受信者指定 ".",以指示本地计算机。You can specify "." for the trustee to indicate the local computer.

通过 SetPermissions 向现有列表添加权限来分配权限。The permissions you assign through SetPermissions add rights to the existing list. 默认情况下,公用或专用队列的创建者具有 "完全控制" 权限,而 "域组" 有权获取队列属性、获取权限和写入队列。By default, the creator of a public or private queue has full control, and the domain group Everyone has permission to get queue properties, get permissions, and write to the queue. 调用 SetPermissions时,用户和权限信息将追加到现有列表的底部。When you call SetPermissions, the user and permissions information is appended to the bottom of the existing list.

系统会按顺序检查每个 AccessControlEntry,直到发生以下事件之一:The system examines each AccessControlEntry in sequence until one of the following events occurs:

  • 拒绝访问 AccessControlEntry 明确拒绝对线程的访问令牌中列出的某个受信者的任何请求的访问权限。An access-denied AccessControlEntry explicitly denies any of the requested access rights to one of the trustees listed in the thread's access token.

  • 线程的访问令牌中列出的受信者的一个或多个允许访问 AccessControlEntry 项显式授予所有请求的访问权限。One or more access-allowed AccessControlEntry items for trustees listed in the thread's access token explicitly grant all the requested access rights.

  • 已检查所有 AccessControlEntry 项,但至少有一个请求的访问权限尚未显式允许,在这种情况下,将隐式拒绝访问。All AccessControlEntry items have been checked and there is still at least one requested access right that has not been explicitly allowed, in which case, access is implicitly denied.

构造 dacl 参数时,请将 AccessControlEntry 实例添加到 AccessControlList 集合。When you construct the dacl parameter, you add AccessControlEntry instances to your AccessControlList collection. 构造每个访问控制项时,可以指定常规或标准访问权限。When you construct each access control entry, you can specify generic or standard access rights. 队列的权限可以是以下各项的任意组合:The rights to a queue can be any combination of the following:

  • 删除Delete

  • 读取安全Read Security

  • 写入安全性Write Security

  • 同步Synchronize

  • 修改所有者Modify Owner

  • 读取Read

  • WriteWrite

  • 执行Execute

  • 必需Required

  • 全部All

  • NoneNone

这些权限是可使用或按位运算符组合的一组位标志。These rights are a set of bit flags that you can combine using the OR bitwise operator.

  • 完全控制Full Control

  • 删除消息Delete Message

  • 接收消息Receive Message

  • 速览消息Peek Message

  • 接收日志消息Receive Journal Message

  • 获取队列属性Get Queue Properties

  • 设置队列属性Set Queue Properties

  • 获取权限Get Permissions

  • 设置权限Set Permissions

  • 获取队列所有权Take Queue Ownership

  • 写入消息Write Message

下表显示了此方法是否在各种工作组模式下可用。The following table shows whether this method is available in various Workgroup modes.

工作组模式Workgroup mode 可用Available
本地计算机Local computer Yes
本地计算机和直接格式名称Local computer and direct format name Yes
远程计算机Remote computer NoNo
远程计算机和直接格式名称Remote computer and direct format name NoNo

另请参阅

SetPermissions(MessageQueueAccessControlEntry)

基于访问控制项的内容将访问权限分配给队列。Assigns access rights to the queue based on the contents of an access control entry.

public:
 void SetPermissions(System::Messaging::MessageQueueAccessControlEntry ^ ace);
public void SetPermissions (System.Messaging.MessageQueueAccessControlEntry ace);
member this.SetPermissions : System.Messaging.MessageQueueAccessControlEntry -> unit
Public Sub SetPermissions (ace As MessageQueueAccessControlEntry)

参数

ace
MessageQueueAccessControlEntry

指定用户、访问类型和权限类型的 MessageQueueAccessControlEntryA MessageQueueAccessControlEntry that specifies a user, an access type, and a permission type.

异常

访问“消息队列”方法时出错。An error occurred when accessing a Message Queuing method.

示例

以下代码示例演示了 SetPermissions(MessageQueueAccessControlEntry) 的用法。The following code example demonstrates the use of SetPermissions(MessageQueueAccessControlEntry).


// Connect to a queue on the local computer.
MessageQueue^ queue = gcnew MessageQueue(".\\exampleQueue");

// Create a new trustee to represent the "Everyone" user group.
Trustee^ tr = gcnew Trustee("Everyone");

// Create a MessageQueueAccessControlEntry, granting the trustee the
// right to receive messages from the queue.
MessageQueueAccessControlEntry^ entry = gcnew
    MessageQueueAccessControlEntry(
    tr, MessageQueueAccessRights::ReceiveMessage,
    AccessControlEntryType::Allow);

// Apply the MessageQueueAccessControlEntry to the queue.
queue->SetPermissions(entry);

queue->Close();


// Connect to a queue on the local computer.
MessageQueue queue = new MessageQueue(".\\exampleQueue");

// Create a new trustee to represent the "Everyone" user group.
Trustee tr = new Trustee("Everyone");

// Create a MessageQueueAccessControlEntry, granting the trustee the
// right to receive messages from the queue.
MessageQueueAccessControlEntry entry = new
    MessageQueueAccessControlEntry(
    tr, MessageQueueAccessRights.ReceiveMessage,
    AccessControlEntryType.Allow);

// Apply the MessageQueueAccessControlEntry to the queue.
queue.SetPermissions(entry);

注解

使用此重载通过访问控制项指定受信者和权限信息来授予、拒绝或撤消权限。Use this overload to grant, deny, or revoke rights by using an access control entry to specify trustee and rights information.

构造 ace 参数时指定的受信者可以是单个用户、用户组或计算机。The trustee you specify when you construct the ace parameter can be an individual user, a group of users, or a computer. 如果受信者是个人,请使用格式 DOMAIN\userIf the trustee is an individual, use the format DOMAIN\user. 您可以为受信者指定 ".",以指示本地计算机。You can specify "." for the trustee to indicate the local computer.

通过 SetPermissions 向现有列表添加权限来分配权限。The permissions you assign through SetPermissions add rights to the existing list. 默认情况下,公用或专用队列的创建者具有 "完全控制" 权限,而 "域组" 有权获取队列属性、获取权限和写入队列。By default, the creator of a public or private queue has full control, and the domain group Everyone has permission to get queue properties, get permissions, and write to the queue. 调用 SetPermissions时,用户和权限信息将追加到现有列表的底部。When you call SetPermissions, the user and permissions information is appended to the bottom of the existing list.

系统会按顺序检查每个 AccessControlEntry,直到发生以下事件之一:The system examines each AccessControlEntry in sequence until one of the following events occurs:

  • 拒绝访问 AccessControlEntry 明确拒绝对线程的访问令牌中列出的某个受信者的任何请求的访问权限。An access-denied AccessControlEntry explicitly denies any of the requested access rights to one of the trustees listed in the thread's access token.

  • 线程的访问令牌中列出的受信者的一个或多个允许访问 AccessControlEntry 项显式授予所有请求的访问权限。One or more access-allowed AccessControlEntry items for trustees listed in the thread's access token explicitly grant all the requested access rights.

  • 已检查所有 AccessControlEntry 项,但至少有一个请求的访问权限尚未显式允许,在这种情况下,将隐式拒绝访问。All AccessControlEntry items have been checked and there is still at least one requested access right that has not been explicitly allowed, in which case, access is implicitly denied.

用于在构造 MessageQueueAccessControlEntry时在 rights 参数中指定的队列的权限,可以是以下任意组合:The rights to a queue, which you specify in the rights parameter when you construct your MessageQueueAccessControlEntry, can be any combination of the following:

  • 完全控制Full Control

  • 删除消息Delete Message

  • 接收消息Receive Message

  • 速览消息Peek Message

  • 接收日志消息Receive Journal Message

  • 获取队列属性Get Queue Properties

  • 设置队列属性Set Queue Properties

  • 获取权限Get Permissions

  • 设置权限Set Permissions

  • 获取队列所有权Take Queue Ownership

  • 写入消息Write Message

ace 参数的构造函数中指定的 rights 参数是 MessageQueueAccessRights 枚举的标志。The rights parameter you specify in the constructor for the ace parameter is a flag of the MessageQueueAccessRights enumeration. 它表示一组可以使用按位运算符组合或在生成 rights 参数时使用的位标志。It represents a set of bit flags that you can combine using the bitwise operator OR when you build the rights parameter.

下表显示了此方法是否在各种工作组模式下可用。The following table shows whether this method is available in various Workgroup modes.

工作组模式Workgroup mode 可用Available
本地计算机Local computer Yes
本地计算机和直接格式名称Local computer and direct format name Yes
远程计算机Remote computer NoNo
远程计算机和直接格式名称Remote computer and direct format name NoNo

另请参阅

SetPermissions(String, MessageQueueAccessRights)

给予计算机、组或用户指定的访问权限。Gives a computer, group, or user the specified access rights.

public:
 void SetPermissions(System::String ^ user, System::Messaging::MessageQueueAccessRights rights);
public void SetPermissions (string user, System.Messaging.MessageQueueAccessRights rights);
member this.SetPermissions : string * System.Messaging.MessageQueueAccessRights -> unit
Public Sub SetPermissions (user As String, rights As MessageQueueAccessRights)

参数

user
String

获取对队列的附加权限的个人、组或计算机。The individual, group, or computer that gets additional rights to the queue.

rights
MessageQueueAccessRights

MessageQueueAccessRights,指示对“消息队列”分配给传入的 user 的队列权限集。A MessageQueueAccessRights that indicates the set of rights to the queue that Message Queuing assigns to the user passed in.

异常

usernullThe user is null.

访问“消息队列”方法时出错。An error occurred when accessing a Message Queuing method.

示例

以下代码示例演示了 SetPermissions(String, MessageQueueAccessRights) 的用法。The following code example demonstrates the use of SetPermissions(String, MessageQueueAccessRights).


// Connect to a queue on the local computer.
MessageQueue^ queue = gcnew MessageQueue(".\\exampleQueue");

// Grant all users in the "Everyone" user group the right to receive
// messages from the queue.
queue->SetPermissions("Everyone",
    MessageQueueAccessRights::ReceiveMessage);

queue->Close();


// Connect to a queue on the local computer.
MessageQueue queue = new MessageQueue(".\\exampleQueue");

// Grant all users in the "Everyone" user group the right to receive
// messages from the queue.
queue.SetPermissions("Everyone", MessageQueueAccessRights.ReceiveMessage);

注解

使用此重载将指定的权限授予单个用户。Use this overload to grant specified rights to an individual user. 用户可以是任何有效的受信者,其中包括个人用户、用户组或计算机。The user can be any valid trustee, which includes individual users, groups of users, or a computer. 如果用户是个人,则使用 user 参数 DOMAIN\user 格式。If the user is an individual, use the format DOMAIN\user for the user parameter. 可以为 user 参数指定 ".",以指示本地计算机。You can specify "." for the user parameter to indicate the local computer.

通过 SetPermissions 向现有列表添加权限来分配权限。The permissions you assign through SetPermissions add rights to the existing list. 默认情况下,公用或专用队列的创建者具有 "完全控制" 权限,而 "域组" 有权获取队列属性、获取权限和写入队列。By default, the creator of a public or private queue has full control, and the domain group Everyone has permission to get queue properties, get permissions, and write to the queue. 调用 SetPermissions时,用户和权限信息将追加到现有列表的底部。When you call SetPermissions, the user and permissions information is appended to the bottom of the existing list.

系统会按顺序检查每个 AccessControlEntry,直到发生以下事件之一:The system examines each AccessControlEntry in sequence until one of the following events occurs:

  • 拒绝访问 AccessControlEntry 明确拒绝对线程的访问令牌中列出的某个受信者的任何请求的访问权限。An access-denied AccessControlEntry explicitly denies any of the requested access rights to one of the trustees listed in the thread's access token.

  • 线程的访问令牌中列出的受信者的一个或多个允许访问 AccessControlEntry 项显式授予所有请求的访问权限。One or more access-allowed AccessControlEntry items for trustees listed in the thread's access token explicitly grant all the requested access rights.

  • 已检查所有 AccessControlEntry 项,但至少有一个请求的访问权限尚未显式允许,在这种情况下,将隐式拒绝访问。All AccessControlEntry items have been checked and there is still at least one requested access right that has not been explicitly allowed, in which case, access is implicitly denied.

rights 参数中指定的队列的权限可以是以下任意组合:The rights to a queue, specified in the rights parameter, can be any combination of the following:

  • 完全控制Full Control

  • 删除消息Delete Message

  • 接收消息Receive Message

  • 速览消息Peek Message

  • 接收日志消息Receive Journal Message

  • 获取队列属性Get Queue Properties

  • 设置队列属性Set Queue Properties

  • 获取权限Get Permissions

  • 设置权限Set Permissions

  • 获取队列所有权Take Queue Ownership

  • 写入消息Write Message

MessageQueueAccessRights 枚举表示一组可以使用按位运算符组合的位标志,或用于生成 rights 参数。The MessageQueueAccessRights enumeration represents a set of bit flags that you can combine using the bitwise operator OR to build the rights parameter.

利用此重载,只能授予权限;不能撤消或拒绝它们。With this overload, you can only grant permissions; you cannot revoke or deny them. 必须使用其他重载显式授予除 Allow以外的任何 AccessControlEntryTypeYou must use a different overload to explicitly grant any AccessControlEntryType other than Allow.

下表显示了此方法是否在各种工作组模式下可用。The following table shows whether this method is available in various Workgroup modes.

工作组模式Workgroup mode 可用Available
本地计算机Local computer Yes
本地计算机和直接格式名称Local computer and direct format name Yes
远程计算机Remote computer NoNo
远程计算机和直接格式名称Remote computer and direct format name NoNo

另请参阅

SetPermissions(String, MessageQueueAccessRights, AccessControlEntryType)

利用指定的访问控制类型(允许、拒绝、撤消或设置),给予计算机、组或用户指定的访问权限。Gives a computer, group, or user the specified access rights, with the specified access control type (allow, deny, revoke, or set).

public:
 void SetPermissions(System::String ^ user, System::Messaging::MessageQueueAccessRights rights, System::Messaging::AccessControlEntryType entryType);
public void SetPermissions (string user, System.Messaging.MessageQueueAccessRights rights, System.Messaging.AccessControlEntryType entryType);
member this.SetPermissions : string * System.Messaging.MessageQueueAccessRights * System.Messaging.AccessControlEntryType -> unit
Public Sub SetPermissions (user As String, rights As MessageQueueAccessRights, entryType As AccessControlEntryType)

参数

user
String

获取对队列的附加权限的个人、组或计算机。The individual, group, or computer that gets additional rights to the queue.

rights
MessageQueueAccessRights

MessageQueueAccessRights,指示对“消息队列”分配给传入的 user 的队列权限集。A MessageQueueAccessRights that indicates the set of rights to the queue that Message Queuing assigns to the user passed in.

entryType
AccessControlEntryType

AccessControlEntryType,指定授予、拒绝还是撤消 rights 参数指定的权限。A AccessControlEntryType that specifies whether to grant, deny, or revoke the permissions specified by the rights parameter.

异常

访问“消息队列”方法时出错。An error occurred when accessing a Message Queuing method.

示例

以下代码示例演示了 SetPermissions(String, MessageQueueAccessRights, AccessControlEntryType) 的用法。The following code example demonstrates the use of SetPermissions(String, MessageQueueAccessRights, AccessControlEntryType).


// Connect to a queue on the local computer.
MessageQueue^ queue = gcnew MessageQueue(".\\exampleQueue");

// Grant all users in the "Everyone" user group the right to receive
// messages from the queue.
queue->SetPermissions("Everyone",
    MessageQueueAccessRights::ReceiveMessage,
    AccessControlEntryType::Allow);

queue->Close();


// Connect to a queue on the local computer.
MessageQueue queue = new MessageQueue(".\\exampleQueue");

// Grant all users in the "Everyone" user group the right to receive
// messages from the queue.
queue.SetPermissions("Everyone", MessageQueueAccessRights.ReceiveMessage,
    AccessControlEntryType.Allow);

注解

使用此重载可为单个用户授予、拒绝或撤消指定的权限。Use this overload to grant, deny, or revoke specified rights for an individual user. 用户可以是任何有效的受信者,其中包括个人用户、用户组或计算机。The user can be any valid trustee, which includes individual users, groups of users, or a computer. 如果用户是个人,则使用 user 参数 DOMAIN\user 格式。If the user is an individual, use the format DOMAIN\user for the user parameter. 可以为 user 参数指定 ".",以指示本地计算机。You can specify "." for the user parameter to indicate the local computer.

通过 SetPermissions 向现有列表添加权限来分配权限。The permissions you assign through SetPermissions add rights to the existing list. 默认情况下,公用或专用队列的创建者具有 "完全控制" 权限,而 "域组" 有权获取队列属性、获取权限和写入队列。By default, the creator of a public or private queue has full control, and the domain group Everyone has permission to get queue properties, get permissions, and write to the queue. 调用 SetPermissions时,用户和权限信息将追加到现有列表的底部。When you call SetPermissions, the user and permissions information is appended to the bottom of the existing list.

系统会按顺序检查每个 AccessControlEntry,直到发生以下事件之一:The system examines each AccessControlEntry in sequence until one of the following events occurs:

  • 拒绝访问 AccessControlEntry 明确拒绝对线程的访问令牌中列出的某个受信者的任何请求的访问权限。An access-denied AccessControlEntry explicitly denies any of the requested access rights to one of the trustees listed in the thread's access token.

  • 线程的访问令牌中列出的受信者的一个或多个允许访问 AccessControlEntry 项显式授予所有请求的访问权限。One or more access-allowed AccessControlEntry items for trustees listed in the thread's access token explicitly grant all the requested access rights.

  • 已检查所有 AccessControlEntry 项,但至少有一个请求的访问权限尚未显式允许,在这种情况下,将隐式拒绝访问。All AccessControlEntry items have been checked and there is still at least one requested access right that has not been explicitly allowed, in which case, access is implicitly denied.

rights 参数中指定的队列的权限可以是以下任意组合:The rights to a queue, specified in the rights parameter, can be any combination of the following:

  • 完全控制Full Control

  • 删除消息Delete Message

  • 接收消息Receive Message

  • 速览消息Peek Message

  • 接收日志消息Receive Journal Message

  • 获取队列属性Get Queue Properties

  • 设置队列属性Set Queue Properties

  • 获取权限Get Permissions

  • 设置权限Set Permissions

  • 获取队列所有权Take Queue Ownership

  • 写入消息Write Message

MessageQueueAccessRights 枚举表示一组可以使用按位运算符组合的位标志,或用于生成 rights 参数。The MessageQueueAccessRights enumeration represents a set of bit flags that you can combine using the bitwise operator OR to build the rights parameter.

下表显示了此方法是否在各种工作组模式下可用。The following table shows whether this method is available in various Workgroup modes.

工作组模式Workgroup mode 可用Available
本地计算机Local computer Yes
本地计算机和直接格式名称Local computer and direct format name Yes
远程计算机Remote computer NoNo
远程计算机和直接格式名称Remote computer and direct format name NoNo

另请参阅

适用于