这是一个在.Net下修改文件夹或文件的ACL安全权限的类:
SetFolderACL:两个重载函数,设置权限的方法,根据需要选择重载。
GetACL: 查看文件夹权限的信息,用户名-权限键值对
GetACLString:查看文件夹权限的文本信息,用户名-权限名键值对
using System;
using System.Collections;
using System.Text;
using System.Security.AccessControl;
using System.IO;
namespace ACL
{
class ACL_FS
{ //By 同济黄正 http://hz932.ys168.com
public static bool SetFolderACL(String FolderPath , String UserName , FileSystemRights Rights , AccessControlType AllowOrDeny)
{
InheritanceFlags inherits = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
return SetFolderACL(FolderPath , UserName , Rights , AllowOrDeny , inherits , PropagationFlags.None , AccessControlModification.Add);
}
public static bool SetFolderACL(String FolderPath , String UserName , FileSystemRights Rights , AccessControlType AllowOrDeny
, InheritanceFlags Inherits , PropagationFlags PropagateToChildren , AccessControlModification AddResetOrRemove)
{
//过程:获取文件夹安全对象、构造访问规则、修改安全对象的访问规则、重新设置文件夹安全对象
bool ret;
DirectoryInfo folder = new DirectoryInfo(FolderPath);
DirectorySecurity dSecurity = folder.GetAccessControl(AccessControlSections.All);
FileSystemAccessRule accRule = new FileSystemAccessRule(UserName , Rights , Inherits , PropagateToChildren , AllowOrDeny);
dSecurity.ModifyAccessRule(AddResetOrRemove , accRule , out ret);
folder.SetAccessControl(dSecurity);
return ret;
}
/// <returns>String,FileSystemRights键值对</returns>
public static Hashtable GetACL(String FolderPath)
{
Hashtable ret = new Hashtable();
DirectorySecurity sec = Directory.GetAccessControl(FolderPath , AccessControlSections.All);
foreach (FileSystemAccessRule rule in sec.GetAccessRules(true , true , typeof(System.Security.Principal.NTAccount)))
{
ret[rule.IdentityReference.ToString()] = rule.FileSystemRights;
}
return ret;
}
public static string GetACLString(String FolderPath)
{
StringBuilder sb = new StringBuilder();
Hashtable rights=GetACL(FolderPath);
foreach (string key in rights.Keys)
{
sb.Append(key + ":/t" + ((FileSystemRights)rights[key]).ToString()+"/r/n");
}
return sb.ToString();
}
}
}
//以上在WindowsXP、Windows Server 2003下测试通过。