FileSystemRights FileSystemRights FileSystemRights FileSystemRights Enum

定义

定义要创建访问和审核规则时使用的访问权限。Defines the access rights to use when creating access and audit rules.

此枚举有一个 FlagsAttribute 属性,允许按位组合成员值。

public enum class FileSystemRights
[System.Flags]
[System.Security.SecurityCritical]
public enum FileSystemRights
type FileSystemRights = 
Public Enum FileSystemRights
继承
FileSystemRightsFileSystemRightsFileSystemRightsFileSystemRights
属性

字段

AppendData AppendData AppendData AppendData 4

指定要追加到文件末尾的数据的权限。Specifies the right to append data to the end of a file.

ChangePermissions ChangePermissions ChangePermissions ChangePermissions 262144

指定更改的安全和审核规则关联的文件或文件夹的权限。Specifies the right to change the security and audit rules associated with a file or folder.

CreateDirectories CreateDirectories CreateDirectories CreateDirectories 4

指定创建此权限的文件夹的权限需要同步值。Specifies the right to create a folder This right requires the Synchronize value.

CreateFiles CreateFiles CreateFiles CreateFiles 2

指定要创建的文件的权限。Specifies the right to create a file. 此权限要求同步值。This right requires the Synchronize value.

Delete Delete Delete Delete 65536

指定删除文件夹或文件的权限。Specifies the right to delete a folder or file.

DeleteSubdirectoriesAndFiles DeleteSubdirectoriesAndFiles DeleteSubdirectoriesAndFiles DeleteSubdirectoriesAndFiles 64

指定删除文件夹,然后在该文件夹中包含的任何文件的权限。Specifies the right to delete a folder and any files contained within that folder.

ExecuteFile ExecuteFile ExecuteFile ExecuteFile 32

指定要运行应用程序文件的权限。Specifies the right to run an application file.

FullControl FullControl FullControl FullControl 2032127

指定对文件夹或文件,进行完全控制并进行修改访问控制和审核规则的权限。Specifies the right to exert full control over a folder or file, and to modify access control and audit rules. 此值表示允许对文件进行任何操作的权限,并且它是此枚举中的所有权限的组合。This value represents the right to do anything with a file and is the combination of all rights in this enumeration.

ListDirectory ListDirectory ListDirectory ListDirectory 1

指定读取目录内容的权限。Specifies the right to read the contents of a directory.

Modify Modify Modify Modify 197055

指定的权限读取、 写入、 列出文件夹内容、 删除文件夹和文件,和运行应用程序文件。Specifies the right to read, write, list folder contents, delete folders and files, and run application files. 此权限包括ReadAndExecute没错,Write右,和Delete右。This right includes the ReadAndExecute right, the Write right, and the Delete right.

Read Read Read Read 131209

指定的权限打开和复制文件夹或文件为只读的。Specifies the right to open and copy folders or files as read-only. 此权限包括ReadData没错,ReadExtendedAttributes右,ReadAttributes右,和ReadPermissions右。This right includes the ReadData right, ReadExtendedAttributes right, ReadAttributes right, and ReadPermissions right.

ReadAndExecute ReadAndExecute ReadAndExecute ReadAndExecute 131241

指定打开和复制文件夹或文件为只读的以及运行应用程序文件的权限。Specifies the right to open and copy folders or files as read-only, and to run application files. 此权限包括 Read 权限和 ExecuteFile 权限。This right includes the Read right and the ExecuteFile right.

ReadAttributes ReadAttributes ReadAttributes ReadAttributes 128

指定打开和复制文件夹或文件从文件系统属性的权限。Specifies the right to open and copy file system attributes from a folder or file. 例如,此值指定的权限来查看文件创建或修改日期。For example, this value specifies the right to view the file creation or modified date. 这不包括读取数据、扩展文件系统属性或访问和审核规则的权限。This does not include the right to read data, extended file system attributes, or access and audit rules.

ReadData ReadData ReadData ReadData 1

指定打开和复制文件或文件夹的权限。Specifies the right to open and copy a file or folder. 这不包括读取文件系统属性、扩展文件系统属性或访问和审核规则的权限。This does not include the right to read file system attributes, extended file system attributes, or access and audit rules.

ReadExtendedAttributes ReadExtendedAttributes ReadExtendedAttributes ReadExtendedAttributes 8

指定打开和复制扩展的文件系统属性从文件夹或文件的权限。Specifies the right to open and copy extended file system attributes from a folder or file. 例如,此值指定查看作者和内容信息的权限。For example, this value specifies the right to view author and content information. 这不包括读取数据、文件系统属性或访问和审核规则的权限。This does not include the right to read data, file system attributes, or access and audit rules.

ReadPermissions ReadPermissions ReadPermissions ReadPermissions 131072

指定打开和复制访问和审核规则从一个文件夹或文件的权限。Specifies the right to open and copy access and audit rules from a folder or file. 这不包括读取数据、 文件系统属性的权限或扩展文件系统属性。This does not include the right to read data, file system attributes, and extended file system attributes.

Synchronize Synchronize Synchronize Synchronize 1048576

指定应用程序是否能够等待文件句柄与 I/O 操作的完成同步。Specifies whether the application can wait for a file handle to synchronize with the completion of an I/O operation. 此值是允许访问时,自动设置和自动排除时拒绝访问。This value is automatically set when allowing access and automatically excluded when denying access.

TakeOwnership TakeOwnership TakeOwnership TakeOwnership 524288

指定更改文件夹或文件的所有者的权限。Specifies the right to change the owner of a folder or file. 请注意,资源的所有者对该资源的完全访问权限。Note that owners of a resource have full access to that resource.

Traverse Traverse Traverse Traverse 32

指定列出文件夹内容以及运行在该文件夹中包含的应用程序的权限。Specifies the right to list the contents of a folder and to run applications contained within that folder.

Write Write Write Write 278

指定要创建文件夹和文件,并可以添加或从文件中删除数据的权限。Specifies the right to create folders and files, and to add or remove data from files. 此权限包括WriteData没错,AppendData右,WriteExtendedAttributes右,和WriteAttributes右。This right includes the WriteData right, AppendData right, WriteExtendedAttributes right, and WriteAttributes right.

WriteAttributes WriteAttributes WriteAttributes WriteAttributes 256

指定打开和文件系统特性写入文件夹或文件的权限。Specifies the right to open and write file system attributes to a folder or file. 这不包括写入数据、 扩展的属性或访问和审核规则的功能。This does not include the ability to write data, extended attributes, or access and audit rules.

WriteData WriteData WriteData WriteData 2

指定打开和写入文件或文件夹的权限。Specifies the right to open and write to a file or folder. 这不包括打开和写入文件系统属性,扩展文件系统特性或访问和审核规则的权限。This does not include the right to open and write file system attributes, extended file system attributes, or access and audit rules.

WriteExtendedAttributes WriteExtendedAttributes WriteExtendedAttributes WriteExtendedAttributes 16

指定打开和扩展的文件系统特性写入文件夹或文件的权限。Specifies the right to open and write extended file system attributes to a folder or file. 这不包括写入数据、 属性或访问和审核规则的功能。This does not include the ability to write data, attributes, or access and audit rules.

示例

下面的代码示例使用FullControl枚举指定访问规则,然后从文件删除访问规则。The following code example uses the FullControl enumeration to specify an access rule and then remove the access rule from a file. 你必须提供有效的用户或组帐户以运行此示例。You must supply a valid user or group account to run this example.

using namespace System;
using namespace System::IO;
using namespace System::Security::AccessControl;

// Adds an ACL entry on the specified file for the specified account.

void AddFileSecurity(String^ fileName, String^ account, 
                        FileSystemRights rights, AccessControlType controlType)
{
    // Get a FileSecurity object that represents the 
    // current security settings.
    FileSecurity^ fSecurity = File::GetAccessControl(fileName);

    // Add the FileSystemAccessRule to the security settings. 
    fSecurity->AddAccessRule(gcnew FileSystemAccessRule
                                   (account,rights, controlType));

    // Set the new access settings.
    File::SetAccessControl(fileName, fSecurity);
}

// Removes an ACL entry on the specified file for the specified account.

void RemoveFileSecurity(String^ fileName, String^ account, 
                        FileSystemRights rights, AccessControlType controlType)
{

    // Get a FileSecurity object that represents the 
    // current security settings.
    FileSecurity^ fSecurity = File::GetAccessControl(fileName);

    // Remove the FileSystemAccessRule from the security settings. 
    fSecurity->RemoveAccessRule(gcnew FileSystemAccessRule
                                      (account,rights, controlType));

    // Set the new access settings.
    File::SetAccessControl(fileName, fSecurity);
}

int main()
{
    try
    {
        String^ fileName = "test.xml";

        Console::WriteLine("Adding access control entry for " + fileName);

        // Add the access control entry to the file.
        AddFileSecurity(fileName, "MYDOMAIN\\MyAccount", 
            FileSystemRights::ReadData, AccessControlType::Allow);

        Console::WriteLine("Removing access control entry from " + fileName);

        // Remove the access control entry from the file.
        RemoveFileSecurity(fileName, "MYDOMAIN\\MyAccount", 
            FileSystemRights::ReadData, AccessControlType::Allow);

        Console::WriteLine("Done.");
    }
    catch (Exception^ ex)
    {
        Console::WriteLine(ex->Message);
    }
}

using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class FileExample
    {
        public static void Main()
        {
            try
            {
                string fileName = "test.xml";

                Console.WriteLine("Adding access control entry for "
                    + fileName);

                // Add the access control entry to the file.
                AddFileSecurity(fileName, @"DomainName\AccountName",
                    FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Removing access control entry from "
                    + fileName);

                // Remove the access control entry from the file.
                RemoveFileSecurity(fileName, @"DomainName\AccountName",
                    FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Done.");
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }
        }

        // Adds an ACL entry on the specified file for the specified account.
        public static void AddFileSecurity(string fileName, string account,
            FileSystemRights rights, AccessControlType controlType)
        {


            // Get a FileSecurity object that represents the
            // current security settings.
            FileSecurity fSecurity = File.GetAccessControl(fileName);

            // Add the FileSystemAccessRule to the security settings.
            fSecurity.AddAccessRule(new FileSystemAccessRule(account,
                rights, controlType));

            // Set the new access settings.
            File.SetAccessControl(fileName, fSecurity);

        }

        // Removes an ACL entry on the specified file for the specified account.
        public static void RemoveFileSecurity(string fileName, string account,
            FileSystemRights rights, AccessControlType controlType)
        {

            // Get a FileSecurity object that represents the
            // current security settings.
            FileSecurity fSecurity = File.GetAccessControl(fileName);

            // Remove the FileSystemAccessRule from the security settings.
            fSecurity.RemoveAccessRule(new FileSystemAccessRule(account,
                rights, controlType));

            // Set the new access settings.
            File.SetAccessControl(fileName, fSecurity);

        }
    }
}
Imports System
Imports System.IO
Imports System.Security.AccessControl



Module FileExample

    Sub Main()
        Try
            Dim fileName As String = "test.xml"

            Console.WriteLine("Adding access control entry for " & fileName)

            ' Add the access control entry to the file.
            AddFileSecurity(fileName, "DomainName\AccountName", _
                FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Removing access control entry from " & fileName)

            ' Remove the access control entry from the file.
            RemoveFileSecurity(fileName, "DomainName\AccountName", _
                FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Done.")
        Catch e As Exception
            Console.WriteLine(e)
        End Try

    End Sub


    ' Adds an ACL entry on the specified file for the specified account.
    Sub AddFileSecurity(ByVal fileName As String, ByVal account As String, _
        ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)
  
        ' Get a FileSecurity object that represents the 
        ' current security settings.
        Dim fSecurity As FileSecurity = File.GetAccessControl(fileName)

        ' Add the FileSystemAccessRule to the security settings. 
        Dim accessRule As FileSystemAccessRule = _
            New FileSystemAccessRule(account, rights, controlType)

        fSecurity.AddAccessRule(accessRule)

        ' Set the new access settings.
        File.SetAccessControl(fileName, fSecurity)

    End Sub


    ' Removes an ACL entry on the specified file for the specified account.
    Sub RemoveFileSecurity(ByVal fileName As String, ByVal account As String, _
        ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)

        ' Get a FileSecurity object that represents the 
        ' current security settings.
        Dim fSecurity As FileSecurity = File.GetAccessControl(fileName)

        ' Remove the FileSystemAccessRule from the security settings. 
        fSecurity.RemoveAccessRule(New FileSystemAccessRule(account, _
            rights, controlType))

        ' Set the new access settings.
        File.SetAccessControl(fileName, fSecurity)

    End Sub
End Module

注解

FileSystemRights枚举指定的文件系统操作允许特定用户帐户以及哪些文件系统操作进行审核的特定用户帐户。The FileSystemRights enumeration specifies which file system actions are allowed for a particular user account and which file system actions are audited for a particular user account.

使用FileSystemRights枚举时创建的访问规则带有FileSystemAccessRule类或与创建审核的规则FileSystemAuditRule类。Use the FileSystemRights enumeration when creating an access rule with the FileSystemAccessRule class or when creating an audit rule with the FileSystemAuditRule class.

此枚举包含几个粒度级的系统权限值和是这些粒度值的组合的多个值。This enumeration contains several granular system rights values and several values that are a combination of those granular values. 是易于使用的组合值,如FullControlRead,和Write,而不是单独指定每个组件值。It is easier to use the combination values such as FullControl, Read, and Write, rather than specifying each component value separately.

CreateDirectoriesCreateFiles权限需要Synchronize右。The CreateDirectories and CreateFiles rights require the Synchronize right. 如果未显式设置Synchronize值时创建文件或目录,则将自动设置为你。If you do not explicitly set the Synchronize value when creating a file or directory, it is set automatically for you.

适用于