FileSystemRights FileSystemRights FileSystemRights FileSystemRights Enum

定义

定义要在创建访问和审核规则时使用的访问权限。Defines the access rights to use when creating access and audit rules.

此枚举有一个 FlagsAttribute 属性,允许按位组合成员值。

public enum class FileSystemRights
[System.Flags]
[System.Security.SecurityCritical]
public enum FileSystemRights
type FileSystemRights = 
Public Enum FileSystemRights
继承
FileSystemRightsFileSystemRightsFileSystemRightsFileSystemRights
属性

字段

AppendData AppendData AppendData AppendData 4

指定将数据追加到文件末尾的权限。Specifies the right to append data to the end of a file.

ChangePermissions ChangePermissions ChangePermissions ChangePermissions 262144

指定更改与文件或文件夹关联的安全和审核规则的权限。Specifies the right to change the security and audit rules associated with a file or folder.

CreateDirectories CreateDirectories CreateDirectories CreateDirectories 4

指定用于创建文件夹的权限。此权限需要 Synchronize 值。Specifies the right to create a folder This right requires the Synchronize value.

CreateFiles CreateFiles CreateFiles CreateFiles 2

指定创建文件的权限。Specifies the right to create a file. 此权限需要 Synchronize 值。This right requires the Synchronize value.

Delete Delete Delete Delete 65536

指定删除文件夹或文件的权限。Specifies the right to delete a folder or file.

DeleteSubdirectoriesAndFiles DeleteSubdirectoriesAndFiles DeleteSubdirectoriesAndFiles DeleteSubdirectoriesAndFiles 64

指定删除文件夹和该文件夹中包含的所有文件的权限。Specifies the right to delete a folder and any files contained within that folder.

ExecuteFile ExecuteFile ExecuteFile ExecuteFile 32

指定运行应用程序文件的权限。Specifies the right to run an application file.

FullControl FullControl FullControl FullControl 2032127

指定对文件夹或文件进行完全控制以及修改访问控制和审核规则的权限。Specifies the right to exert full control over a folder or file, and to modify access control and audit rules. 此值表示允许对文件进行任何操作的权限,并且它是此枚举中的所有权限的组合。This value represents the right to do anything with a file and is the combination of all rights in this enumeration.

ListDirectory ListDirectory ListDirectory ListDirectory 1

指定读取目录内容的权限。Specifies the right to read the contents of a directory.

Modify Modify Modify Modify 197055

指定读、写、列出文件夹内容、删除文件夹和文件以及运行应用程序文件的权限。Specifies the right to read, write, list folder contents, delete folders and files, and run application files. 此权限包括 ReadAndExecute 权限、Write 权限和 Delete 权限。This right includes the ReadAndExecute right, the Write right, and the Delete right.

Read Read Read Read 131209

指定以只读方式打开和复制文件夹或文件的权限。Specifies the right to open and copy folders or files as read-only. 此权限包括 ReadData 权限、ReadExtendedAttributes 权限、ReadAttributes 权限和 ReadPermissions 权限。This right includes the ReadData right, ReadExtendedAttributes right, ReadAttributes right, and ReadPermissions right.

ReadAndExecute ReadAndExecute ReadAndExecute ReadAndExecute 131241

指定以只读方式打开和复制文件夹或文件以及运行应用程序文件的权限。Specifies the right to open and copy folders or files as read-only, and to run application files. 此权限包括 Read 权限和 ExecuteFile 权限。This right includes the Read right and the ExecuteFile right.

ReadAttributes ReadAttributes ReadAttributes ReadAttributes 128

指定从文件夹或文件打开和复制文件系统特性的权限。Specifies the right to open and copy file system attributes from a folder or file. 例如,此值指定查看文件创建日期或修改日期的权限。For example, this value specifies the right to view the file creation or modified date. 这不包括读取数据、扩展文件系统属性或访问和审核规则的权限。This does not include the right to read data, extended file system attributes, or access and audit rules.

ReadData ReadData ReadData ReadData 1

指定打开和复制文件或文件夹的权限。Specifies the right to open and copy a file or folder. 这不包括读取文件系统属性、扩展文件系统属性或访问和审核规则的权限。This does not include the right to read file system attributes, extended file system attributes, or access and audit rules.

ReadExtendedAttributes ReadExtendedAttributes ReadExtendedAttributes ReadExtendedAttributes 8

指定从文件夹或文件打开和复制扩展文件系统特性的权限。Specifies the right to open and copy extended file system attributes from a folder or file. 例如,此值指定查看作者和内容信息的权限。For example, this value specifies the right to view author and content information. 这不包括读取数据、文件系统属性或访问和审核规则的权限。This does not include the right to read data, file system attributes, or access and audit rules.

ReadPermissions ReadPermissions ReadPermissions ReadPermissions 131072

指定从文件夹或文件打开和复制访问和审核规则的权限。Specifies the right to open and copy access and audit rules from a folder or file. 这不包括读取数据、文件系统特性或扩展文件系统特性的权限。This does not include the right to read data, file system attributes, and extended file system attributes.

Synchronize Synchronize Synchronize Synchronize 1048576

指定应用程序是否能够等待文件句柄,以便与 I/O 操作的完成保持同步。Specifies whether the application can wait for a file handle to synchronize with the completion of an I/O operation. 当允许访问时自动设置该值,当拒绝访问时自动排除它。This value is automatically set when allowing access and automatically excluded when denying access.

TakeOwnership TakeOwnership TakeOwnership TakeOwnership 524288

指定更改文件夹或文件的所有者的权限。Specifies the right to change the owner of a folder or file. 请注意:资源的所有者对该资源拥有完全权限。Note that owners of a resource have full access to that resource.

Traverse Traverse Traverse Traverse 32

指定列出文件夹的内容以及运行该文件夹中所包含的应用程序的权限。Specifies the right to list the contents of a folder and to run applications contained within that folder.

Write Write Write Write 278

指定创建文件夹和文件以及向文件添加数据或从文件移除数据的权限。Specifies the right to create folders and files, and to add or remove data from files. 此权限包括 WriteData 权限、AppendData 权限、WriteExtendedAttributes 权限和 WriteAttributes 权限。This right includes the WriteData right, AppendData right, WriteExtendedAttributes right, and WriteAttributes right.

WriteAttributes WriteAttributes WriteAttributes WriteAttributes 256

指定打开文件系统特性以及将文件系统特性写入文件夹或文件的权限。Specifies the right to open and write file system attributes to a folder or file. 这不包括写入数据、扩展特性以及写入访问和审核规则的功能。This does not include the ability to write data, extended attributes, or access and audit rules.

WriteData WriteData WriteData WriteData 2

指定打开和写入文件或文件夹的权限。Specifies the right to open and write to a file or folder. 这不包括打开和写入文件系统特性、扩展文件系统特性或访问和审核规则的权限。This does not include the right to open and write file system attributes, extended file system attributes, or access and audit rules.

WriteExtendedAttributes WriteExtendedAttributes WriteExtendedAttributes WriteExtendedAttributes 16

指定打开文件夹或文件的扩展文件系统特性以及将扩展文件系统特性写入文件夹或文件的权限。Specifies the right to open and write extended file system attributes to a folder or file. 这不包括写入数据、特性或访问和审核规则的功能。This does not include the ability to write data, attributes, or access and audit rules.

示例

下面的示例使用FileSystemRights枚举来指定访问规则, 然后从文件中删除访问规则。The following example uses the FileSystemRights enumeration to specify an access rule and then remove the access rule from a file. 你必须提供有效的用户或组帐户以运行此示例。You must supply a valid user or group account to run this example.

using namespace System;
using namespace System::IO;
using namespace System::Security::AccessControl;

// Adds an ACL entry on the specified file for the specified account.

void AddFileSecurity(String^ fileName, String^ account, 
                        FileSystemRights rights, AccessControlType controlType)
{
    // Get a FileSecurity object that represents the 
    // current security settings.
    FileSecurity^ fSecurity = File::GetAccessControl(fileName);

    // Add the FileSystemAccessRule to the security settings. 
    fSecurity->AddAccessRule(gcnew FileSystemAccessRule
                                   (account,rights, controlType));

    // Set the new access settings.
    File::SetAccessControl(fileName, fSecurity);
}

// Removes an ACL entry on the specified file for the specified account.

void RemoveFileSecurity(String^ fileName, String^ account, 
                        FileSystemRights rights, AccessControlType controlType)
{

    // Get a FileSecurity object that represents the 
    // current security settings.
    FileSecurity^ fSecurity = File::GetAccessControl(fileName);

    // Remove the FileSystemAccessRule from the security settings. 
    fSecurity->RemoveAccessRule(gcnew FileSystemAccessRule
                                      (account,rights, controlType));

    // Set the new access settings.
    File::SetAccessControl(fileName, fSecurity);
}

int main()
{
    try
    {
        String^ fileName = "test.xml";

        Console::WriteLine("Adding access control entry for " + fileName);

        // Add the access control entry to the file.
        AddFileSecurity(fileName, "MYDOMAIN\\MyAccount", 
            FileSystemRights::ReadData, AccessControlType::Allow);

        Console::WriteLine("Removing access control entry from " + fileName);

        // Remove the access control entry from the file.
        RemoveFileSecurity(fileName, "MYDOMAIN\\MyAccount", 
            FileSystemRights::ReadData, AccessControlType::Allow);

        Console::WriteLine("Done.");
    }
    catch (Exception^ ex)
    {
        Console::WriteLine(ex->Message);
    }
}

using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class FileExample
    {
        public static void Main()
        {
            try
            {
                string fileName = "test.xml";

                Console.WriteLine("Adding access control entry for "
                    + fileName);

                // Add the access control entry to the file.
                AddFileSecurity(fileName, @"DomainName\AccountName",
                    FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Removing access control entry from "
                    + fileName);

                // Remove the access control entry from the file.
                RemoveFileSecurity(fileName, @"DomainName\AccountName",
                    FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Done.");
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }
        }

        // Adds an ACL entry on the specified file for the specified account.
        public static void AddFileSecurity(string fileName, string account,
            FileSystemRights rights, AccessControlType controlType)
        {


            // Get a FileSecurity object that represents the
            // current security settings.
            FileSecurity fSecurity = File.GetAccessControl(fileName);

            // Add the FileSystemAccessRule to the security settings.
            fSecurity.AddAccessRule(new FileSystemAccessRule(account,
                rights, controlType));

            // Set the new access settings.
            File.SetAccessControl(fileName, fSecurity);

        }

        // Removes an ACL entry on the specified file for the specified account.
        public static void RemoveFileSecurity(string fileName, string account,
            FileSystemRights rights, AccessControlType controlType)
        {

            // Get a FileSecurity object that represents the
            // current security settings.
            FileSecurity fSecurity = File.GetAccessControl(fileName);

            // Remove the FileSystemAccessRule from the security settings.
            fSecurity.RemoveAccessRule(new FileSystemAccessRule(account,
                rights, controlType));

            // Set the new access settings.
            File.SetAccessControl(fileName, fSecurity);

        }
    }
}
Imports System.IO
Imports System.Security.AccessControl



Module FileExample

    Sub Main()
        Try
            Dim fileName As String = "test.xml"

            Console.WriteLine("Adding access control entry for " & fileName)

            ' Add the access control entry to the file.
            AddFileSecurity(fileName, "DomainName\AccountName", _
                FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Removing access control entry from " & fileName)

            ' Remove the access control entry from the file.
            RemoveFileSecurity(fileName, "DomainName\AccountName", _
                FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Done.")
        Catch e As Exception
            Console.WriteLine(e)
        End Try

    End Sub


    ' Adds an ACL entry on the specified file for the specified account.
    Sub AddFileSecurity(ByVal fileName As String, ByVal account As String, _
        ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)
  
        ' Get a FileSecurity object that represents the 
        ' current security settings.
        Dim fSecurity As FileSecurity = File.GetAccessControl(fileName)

        ' Add the FileSystemAccessRule to the security settings. 
        Dim accessRule As FileSystemAccessRule = _
            New FileSystemAccessRule(account, rights, controlType)

        fSecurity.AddAccessRule(accessRule)

        ' Set the new access settings.
        File.SetAccessControl(fileName, fSecurity)

    End Sub


    ' Removes an ACL entry on the specified file for the specified account.
    Sub RemoveFileSecurity(ByVal fileName As String, ByVal account As String, _
        ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)

        ' Get a FileSecurity object that represents the 
        ' current security settings.
        Dim fSecurity As FileSecurity = File.GetAccessControl(fileName)

        ' Remove the FileSystemAccessRule from the security settings. 
        fSecurity.RemoveAccessRule(New FileSystemAccessRule(account, _
            rights, controlType))

        ' Set the new access settings.
        File.SetAccessControl(fileName, fSecurity)

    End Sub
End Module

注解

FileSystemRights枚举指定特定用户帐户允许哪些文件系统操作, 并为特定用户帐户审核哪些文件系统操作。The FileSystemRights enumeration specifies which file system actions are allowed for a particular user account and which file system actions are audited for a particular user account.

使用FileSystemAccessRuleFileSystemRights创建访问规则或使用FileSystemAuditRule类创建审核规则时, 请使用枚举。Use the FileSystemRights enumeration when creating an access rule with the FileSystemAccessRule class or when creating an audit rule with the FileSystemAuditRule class.

此枚举包含多个粒度系统权限值和多个这些粒度值组合的值。This enumeration contains several granular system rights values and several values that are a combination of those granular values. 使用FullControlRead和等组合值会更容易,而不是单独指定每个组件值。WriteIt is easier to use the combination values such as FullControl, Read, and Write, rather than specifying each component value separately.

CreateDirectories和权限CreateFiles 需要Synchronize权限。The CreateDirectories and CreateFiles rights require the Synchronize right. 如果在创建文件或目录时Synchronize没有显式设置值, 则会自动设置该值。If you do not explicitly set the Synchronize value when creating a file or directory, it is set automatically for you.

适用于