Working with File and Directory Properties, Attributes and Access Control List: ASP Alliance

Print Add To Favorites Email To Friend Rate This Article
Working with File and Directory Properties, Attributes and Access Control List

page 4 of 7

by SANJIT SIL
Feedback

Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 40689/ 81

Article Contents:

Adding a rule to the Access Control List

In the following listing we will see how to add an access rule to the Test.txt file.

Listing 3

protected void btnAdd_Click(object sender, EventArgs e)
{
  System.Security.AccessControl.FileSecurity fSec = File.GetAccessControl(
    "C:/Documents and Settings/SanjitSil/Test.txt");
  fSec.AddAccessRule(new System.Security.AccessControl.FileSystemAccessRule(@
    "Sanjit\Test", System.Security.AccessControl.FileSystemRights.FullControl,
    System.Security.AccessControl.AccessControlType.Allow));
  File.SetAccessControl("C:/Documents and Settings/SanjitSil/Test.txt", fSec);
}

There are several things to notice in the code specified in listing 3. First, notice that there are three parameters that have been passed to the FileSystemAccessRule constructor.

The first parameter is the user whom we want to give right; remember that the value of the 1st parameter will change on the basis of a specific system. Also remember that we must specify the full DOMAIN\USERNAME for the user. In the code FileSystemRight, enumeration has been used to specify the exact right given to a user. After running the above code, you can take a look in the file’s properties dialog and you will see that the user has been added to the Access Control List and allowed full control.

We can specify multiple rights by using a bitwise and an operator, which is shown in the following listing.

Listing 4

fSec.AddAccessRule(new     
System.Security.AccessControl.FileSystemAccessRule(@"Sanjit\Test", 
System.Security.AccessControl.FileSystemRights.Read &
System.Security.AccessControl.FileSystemRights.Write, 
System.Security.AccessControl.AccessControlType.Allow));

Removing the rule from Access Control List

Using RemoveAccessRule instead of AddAccessRule we can remove the ACL which has been added when you use the code specified in Listing 4.

The code to remove ACL has been specified in the following listing.

Listing 5

protected void btnRemove_Click(object sender, EventArgs e)
{
  System.Security.AccessControl.FileSecurity fSec = File.GetAccessControl(
    "C:/Documents and Settings/SanjitSil/Test.txt");
  fSec.RemoveAccessRule(new System.Security.AccessControl.FileSystemAccessRule
    (@"Sanjit\Test", System.Security.AccessControl.FileSystemRights.FullControl,
    System.Security.AccessControl.AccessControlType.Allow));
  File.SetAccessControl("C:/Documents and Settings/SanjitSil/Test.txt", fSec);
 
}

After running the code specified in Listing 5, we can see that the user has been removed from the Access Control List.

In a similar way, we can apply Access Control List (ACL) entries specified by a DirectorySecurity object to the specified directory which has specified in the Listing 6.

Listing 6

System.Security.AccessControl.DirectorySecurity dSec =
  Directory.GetAccessControl("C:/TestDirectory");
dSec.AddAccessRule(new System.Security.AccessControl.FileSystemAccessRule(@
  "Sanjit \Test", System.Security.AccessControl.FileSystemRights.FullControl,
  System.Security.AccessControl.AccessControlType.Allow));
Directory.SetAccessControl("C:/TestDirectory", dSec);

We can use RemoveAccessRule for the directory in same way also.

« (Page 3)

View Entire Article

(Page 5) »

User Comments

No comments posted yet.

Product Spotlight