当前位置:theitroad>C# - 在 Windows 7 中为所有用户设置目录权限

C# - 在 Windows 7 中为所有用户设置目录权限

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/8944765/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-09 05:20:02  来源:igfitidea点击:

C# - Set Directory Permissions for All Users in Windows 7

c#permissionsdirectory

提问by Sonny Boy

This should be a fairly simple problem, but for some reason I can't seem to get this to work. All I'd like to do is set the permissions on a given directory to allow full access to all users. Here's the code I have so far:

这应该是一个相当简单的问题,但由于某种原因,我似乎无法让它发挥作用。我想要做的就是在给定目录上设置权限,以允许对所有用户进行完全访问。这是我到目前为止的代码:

System.IO.DirectoryInfo di = new System.IO.DirectoryInfo(destinationDirectory);
FileSystemAccessRule fsar = new FileSystemAccessRule("Users", FileSystemRights.FullControl, AccessControlType.Allow);
DirectorySecurity ds = null;

    if (!di.Exists)
    {
       System.IO.Directory.CreateDirectory(destinationDirectory);
    }

ds = di.GetAccessControl();
ds.AddAccessRule(fsar);

No exceptions get thrown, but nothing happens, either. When I check the directory permissions after the code has been run, I see no changes.

没有异常被抛出,但也没有任何反应。当我在代码运行后检查目录权限时,我看不到任何变化。

Any ideas?

有任何想法吗?

采纳答案by David Heffernan

You also need to call SetAccessControlto apply the changes.

您还需要调用SetAccessControl以应用更改。

ds = di.GetAccessControl();
ds.AddAccessRule(fsar);
di.SetAccessControl(ds); // nothing happens until you do this

It seems that the examples on MSDN are sorely lacking in detail, as discussed here. I hacked the code from this article to get the following which behaves well:

似乎 MSDN 上的示例非常缺乏细节,正如这里所讨论的。我破解了这篇文章中的代码以获得以下表现良好的代码:

static bool SetAcl()
{
    FileSystemRights Rights = (FileSystemRights)0;
    Rights = FileSystemRights.FullControl;

    // *** Add Access Rule to the actual directory itself
    FileSystemAccessRule AccessRule = new FileSystemAccessRule("Users", Rights,
                                InheritanceFlags.None,
                                PropagationFlags.NoPropagateInherit,
                                AccessControlType.Allow);

    DirectoryInfo Info = new DirectoryInfo(destinationDirectory);
    DirectorySecurity Security = Info.GetAccessControl(AccessControlSections.Access);

    bool Result = false;
    Security.ModifyAccessRule(AccessControlModification.Set, AccessRule, out Result);

    if (!Result)
        return false;

    // *** Always allow objects to inherit on a directory
    InheritanceFlags iFlags = InheritanceFlags.ObjectInherit;
    iFlags = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;

    // *** Add Access rule for the inheritance
    AccessRule = new FileSystemAccessRule("Users", Rights,
                                iFlags,
                                PropagationFlags.InheritOnly,
                                AccessControlType.Allow);
    Result = false;
    Security.ModifyAccessRule(AccessControlModification.Add, AccessRule, out Result);

    if (!Result)
        return false;

    Info.SetAccessControl(Security);

    return true;
}

回答by Timothée Lecomte

David Heffernan answer does not work on a non-English machine, where trying to set the permissions on "Users" fails with an IdentityNotMappedexception. The following code will work everywhere, by using WellKnownSidType.BuiltinUsersSidinstead:

David Heffernan 的回答在非英语机器上不起作用,尝试在“用户”上设置权限失败并出现IdentityNotMapped异常。下面的代码可以在任何地方使用,WellKnownSidType.BuiltinUsersSid而是使用:

static void SetFullControlPermissionsToEveryone(string path)
{
    const FileSystemRights rights = FileSystemRights.FullControl;

    var allUsers = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null);

    // Add Access Rule to the actual directory itself
    var accessRule = new FileSystemAccessRule(
        allUsers,
        rights,
        InheritanceFlags.None,
        PropagationFlags.NoPropagateInherit,
        AccessControlType.Allow);

    var info = new DirectoryInfo(path);
    var security = info.GetAccessControl(AccessControlSections.Access);

    bool result;
    security.ModifyAccessRule(AccessControlModification.Set, accessRule, out result);

    if (!result)
    {
        throw new InvalidOperationException("Failed to give full-control permission to all users for path " + path);
    }

    // add inheritance
    var inheritedAccessRule = new FileSystemAccessRule(
        allUsers,
        rights,
        InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
        PropagationFlags.InheritOnly,
        AccessControlType.Allow);

    bool inheritedResult;
    security.ModifyAccessRule(AccessControlModification.Add, inheritedAccessRule, out inheritedResult);

    if (!inheritedResult)
    {
        throw new InvalidOperationException("Failed to give full-control permission inheritance to all users for " + path);
    }

    info.SetAccessControl(security);
}

相关推荐

C# 从不同线程访问 HttpContext.Current

C# 从不同线程访问 HttpContext.Current

C# 将 List<T> 转换为 List<Interface>

C# 将 List<T> 转换为 List<Interface>

C# 数据库中的自动完成文本框

C# 数据库中的自动完成文本框

C# 从国家名称或 RegionInfo 对象中获取 CultureInfo 对象

C# 从国家名称或 RegionInfo 对象中获取 CultureInfo 对象