C#设置与获取目录权限（.net控制ACL）

来源：互联网发布：淘宝直播卖衣服编辑：程序博客网时间：2024/05/21 01:51

// 用c#来设置和读取ntfs分区上的目录权限

using System;using System.Collections;using System.IO;using System.Security.AccessControl;static class Tester{    public static void Main()    {        try        {            string filename = @"f:\k"; //目标目录            string account = @"Administrator";//用户名            string userrights = @"RW";//权限字符串，自己定义的            AddDirectorySecurity(filename, account, userrights);            Console.ReadLine();        }        catch (Exception e)        {            Console.WriteLine(e);            Console.ReadLine();        }    }    static public void AddDirectorySecurity(string FileName, string Account, string UserRights)    {        FileSystemRights Rights = new FileSystemRights();        if (UserRights.IndexOf("R") >= 0)        {            Rights = Rights | FileSystemRights.Read;        }        if (UserRights.IndexOf("C") >= 0)        {            Rights = Rights | FileSystemRights.ChangePermissions;        }        if (UserRights.IndexOf("F") >= 0)        {            Rights = Rights | FileSystemRights.FullControl;        }        if (UserRights.IndexOf("W") >= 0)        {            Rights = Rights | FileSystemRights.Write;        }        bool ok;        DirectoryInfo dInfo = new DirectoryInfo(FileName);        DirectorySecurity dSecurity = dInfo.GetAccessControl();        InheritanceFlags iFlags = new InheritanceFlags();        iFlags = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;        FileSystemAccessRule AccessRule2 = new FileSystemAccessRule(Account, Rights, iFlags, PropagationFlags.None, AccessControlType.Allow);        dSecurity.ModifyAccessRule(AccessControlModification.Add, AccessRule2, out ok);        dInfo.SetAccessControl(dSecurity);        //列出目标目录所具有的权限        DirectorySecurity sec = Directory.GetAccessControl(FileName, AccessControlSections.All);        foreach (FileSystemAccessRule rule in sec.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)))        {            Console.WriteLine("----------------------------------");            Console.WriteLine(rule.IdentityReference.Value);            if ((rule.FileSystemRights & FileSystemRights.Read) != 0)                Console.WriteLine(rule.FileSystemRights.ToString());        }        Console.Read();    }}

对照MSDN，很容易看懂上面的代码。但是貌似这个程序需要以管理员身份来运行。^_^

其中的Directory.GetAccessControl(FileName, AccessControlSections.All); 第二个参数如果为AccessControlSections.Access ，就可以使得运行在IIS中的Web应用程序获得目录权限了。