我要评论在开发中,我们经常会使用io操作,例如创建,删除文件等操作。在项目中这样的需求也较多,我们也会经常对这些操作进行编码,但是对文件的权限进行设置,这样的操作可能会手动操作,现在介绍一种采用代码动态对文件设置权限的操作。
在对文件进行权限设置在dotnet中,会采用filesystemaccessrule类进行文件的权限操作。
1.现在看一下filesystemaccessrule的实现代码:
public filesystemaccessrule(
identityreference identity,
filesystemrights filesystemrights,
accesscontroltype type )
: this(
identity,
accessmaskfromrights( filesystemrights, type ),
false,
inheritanceflags.none,
propagationflags.none,
type )
{
}
public filesystemaccessrule(
string identity,
filesystemrights filesystemrights,
accesscontroltype type )
: this(
new ntaccount(identity),
accessmaskfromrights( filesystemrights, type ),
false,
inheritanceflags.none,
propagationflags.none,
type )
{
}
//
// constructor for creating access rules for folder objects
//
public filesystemaccessrule(
identityreference identity,
filesystemrights filesystemrights,
inheritanceflags inheritanceflags,
propagationflags propagationflags,
accesscontroltype type )
: this(
identity,
accessmaskfromrights( filesystemrights, type ),
false,
inheritanceflags,
propagationflags,
type )
{
}
public filesystemaccessrule(
string identity,
filesystemrights filesystemrights,
inheritanceflags inheritanceflags,
propagationflags propagationflags,
accesscontroltype type )
: this(
new ntaccount(identity),
accessmaskfromrights( filesystemrights, type ),
false,
inheritanceflags,
propagationflags,
type )
{
}
internal filesystemaccessrule(
identityreference identity,
int accessmask,
bool isinherited,
inheritanceflags inheritanceflags,
propagationflags propagationflags,
accesscontroltype type )
: base(
identity,
accessmask,
isinherited,
inheritanceflags,
propagationflags,
type )
{
}
#endregion
#region public properties
public filesystemrights filesystemrights
{
get { return rightsfromaccessmask( base.accessmask ); }
}
internal static int accessmaskfromrights( filesystemrights filesystemrights, accesscontroltype controltype )
{
if (filesystemrights < (filesystemrights) 0 || filesystemrights > filesystemrights.fullcontrol)
throw new argumentoutofrangeexception("filesystemrights", environment.getresourcestring("argument_invalidenumvalue", filesystemrights, "filesystemrights"));
contract.endcontractblock();
if (controltype == accesscontroltype.allow) {
filesystemrights |= filesystemrights.synchronize;
}
else if (controltype == accesscontroltype.deny) {
if (filesystemrights != filesystemrights.fullcontrol &&
filesystemrights != (filesystemrights.fullcontrol & ~filesystemrights.deletesubdirectoriesandfiles))
filesystemrights &= ~filesystemrights.synchronize;
}
return ( int )filesystemrights;
}
internal static filesystemrights rightsfromaccessmask( int accessmask )
{
return ( filesystemrights )accessmask;
}
}
2.由于filesystemaccessrule继承自accessrule,现在看一下accessrule的源码:
/// <summary>
/// 表示用户的标识、访问掩码和访问控制类型(允许或拒绝)的组合。<see cref="t:system.security.accesscontrol.accessrule"/> 对象还包含有关子对象如何继承规则以及如何传播继承的信息。
/// </summary>
public abstract class accessrule : authorizationrule
{
/// <summary>
/// 使用指定的值初始化 <see cref="t:system.security.accesscontrol.accessrule"/> 类的一个新实例。
/// </summary>
/// <param name="identity">应用访问规则的标识。此参数必须是可以强制转换为 <see cref="t:system.security.principal.securityidentifier"/> 的对象。</param><param name="accessmask">此规则的访问掩码。访问掩码是一个 32 位的匿名位集合,其含义是由每个集成器定义的。</param><param name="isinherited">如果此规则继承自父容器,则为 true。</param><param name="inheritanceflags">访问规则的继承属性。</param><param name="propagationflags">继承的访问规则是否自动传播。如果 <paramref name="inheritanceflags"/> 设置为 <see cref="f:system.security.accesscontrol.inheritanceflags.none"/>,则将忽略传播标志。</param><param name="type">有效的访问控制类型。</param><exception cref="t:system.argumentexception"><paramref name="identity"/> 参数的值不能强制转换为 <see cref="t:system.security.principal.securityidentifier"/>,或者 <paramref name="type"/> 参数包含无效值。</exception><exception cref="t:system.argumentoutofrangeexception"><paramref name="accessmask"/> 参数的值为零,或者 <paramref name="inheritanceflags"/> 或 <paramref name="propagationflags"/> 参数包含无法识别的标志值。</exception>
protected accessrule(identityreference identity, int accessmask, bool isinherited, inheritanceflags inheritanceflags, propagationflags propagationflags, accesscontroltype type);
/// <summary>
/// 获取与此 <see cref="t:system.security.accesscontrol.accessrule"/> 对象关联的 <see cref="t:system.security.accesscontrol.accesscontroltype"/> 对象。
/// </summary>
///
/// <returns>
/// 与此 <see cref="t:system.security.accesscontrol.accessrule"/> 对象关联的 <see cref="t:system.security.accesscontrol.accesscontroltype"/> 对象。
/// </returns>
public accesscontroltype accesscontroltype { get; }
}
看来dotnet中实现文件权限设置的操作的类,现在提供几个具体的文件设置操作代码:
3.获取目录权限列表:
/// <summary>
/// 获取目录权限列表
/// </summary>
/// <param name="path">目录的路径。</param>
/// <returns>指示目录的权限列表</returns>
public ilist<filesystemrights> getdirectorypermission(string path)
{
try
{
if (!directoryexists(path))
return null;
ilist<filesystemrights> result = new list<filesystemrights>();
var dsecurity = directory.getaccesscontrol(new directoryinfo(path).fullname);
foreach (filesystemaccessrule rule in dsecurity.getaccessrules(true, true, typeof(ntaccount)))
result.add(rule.filesystemrights);
return result;
}
catch (exception e)
{
throw new exception(e.message, e);
}
}
4.设置目录权限
/// <summary>
///设置目录权限
/// </summary>
/// <param name="path">目录的路径。</param>
/// <param name="permission">在目录上设置的权限。</param>
/// <returns>指示是否在目录上应用权限的值。</returns>
public bool setdirectorypermission(string path, filesystemrights permission)
{
try
{
if (!directoryexists(path))
return false;
var accessrule = new filesystemaccessrule("users", permission,
inheritanceflags.none,
propagationflags.nopropagateinherit,
accesscontroltype.allow);
var info = new directoryinfo(path);
var security = info.getaccesscontrol(accesscontrolsections.access);
bool result;
security.modifyaccessrule(accesscontrolmodification.set, accessrule, out result);
if (!result)
return false;
const inheritanceflags iflags = inheritanceflags.containerinherit | inheritanceflags.objectinherit;
accessrule = new filesystemaccessrule("users", permission,
iflags,
propagationflags.inheritonly,
accesscontroltype.allow);
security.modifyaccessrule(accesscontrolmodification.add, accessrule, out result);
if (!result)
return false;
info.setaccesscontrol(security);
return true;
}
catch (exception e)
{
throw new exception(e.message, e);
}
}
5.设置目录权限列表
/// <summary>
/// 设置目录权限列表
/// </summary>
/// <param name="path">目录的路径。</param>
/// <param name="permissions">在目录上设置的权限。</param>
/// <returns>指示是否在目录上应用权限的值。</returns>
public bool setdirectorypermissions(string path, filesystemrights[] permissions)
{
try
{
if (!directoryexists(path) || permissions == null || !permissions.any())
return false;
foreach (var permission in permissions)
if (!setdirectorypermission(path, permission))
return false;
return true;
}
catch (exception e)
{
throw new exception(e.message, e);
}
}
以上就是c#设置文件权限的方法的详细内容,更多关于c#设置文件权限的资料请关注移动技术网其它相关文章!
如您对本文有疑问或者有任何想说的,请点击进行留言回复,万千网友为您解惑!
网友评论