C# – 为Windows 7中的所有用户设置目录权限
这应该是一个相当简单的问题,但由于某些原因,我似乎无法让它工作。 我想要做的就是在给定目录上设置权限,以允许对所有用户的完全访问权限。 这是我到目前为止的代码:
System.IO.DirectoryInfo di = new System.IO.DirectoryInfo(destinationDirectory); FileSystemAccessRule fsar = new FileSystemAccessRule("Users", FileSystemRights.FullControl, AccessControlType.Allow); DirectorySecurity ds = null; if (!di.Exists) { System.IO.Directory.CreateDirectory(destinationDirectory); } ds = di.GetAccessControl(); ds.AddAccessRule(fsar); 没有exception被抛出,但也没有任何反应。 在代码运行后检查目录权限时,我看不到任何更改。
有任何想法吗?
提前致谢,
桑尼
您还需要调用SetAccessControl来应用更改。
ds = di.GetAccessControl(); ds.AddAccessRule(fsar); di.SetAccessControl(ds); // nothing happens until you do this
似乎MSDN上的示例非常缺乏详细信息,如此处所述。 我破解了本文中的代码,以获得以下表现良好的代码:
static bool SetAcl() { FileSystemRights Rights = (FileSystemRights)0; Rights = FileSystemRights.FullControl; // *** Add Access Rule to the actual directory itself FileSystemAccessRule AccessRule = new FileSystemAccessRule("Users", Rights, InheritanceFlags.None, PropagationFlags.NoPropagateInherit, AccessControlType.Allow); DirectoryInfo Info = new DirectoryInfo(destinationDirectory); DirectorySecurity Security = Info.GetAccessControl(AccessControlSections.Access); bool Result = false; Security.ModifyAccessRule(AccessControlModification.Set, AccessRule, out Result); if (!Result) return false; // *** Always allow objects to inherit on a directory InheritanceFlags iFlags = InheritanceFlags.ObjectInherit; iFlags = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit; // *** Add Access rule for the inheritance AccessRule = new FileSystemAccessRule("Users", Rights, iFlags, PropagationFlags.InheritOnly, AccessControlType.Allow); Result = false; Security.ModifyAccessRule(AccessControlModification.Add, AccessRule, out Result); if (!Result) return false; Info.SetAccessControl(Security); return true; }
David Heffernan的答案不适用于非英语机器,其中尝试设置“用户”的权限失败,并出现IdentityNotMappedexception。 通过使用WellKnownSidType.BuiltinUsersSid ,以下代码可以在任何地方使用:
static void SetFullControlPermissionsToEveryone(string path) { const FileSystemRights rights = FileSystemRights.FullControl; var allUsers = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null); // Add Access Rule to the actual directory itself var accessRule = new FileSystemAccessRule( allUsers, rights, InheritanceFlags.None, PropagationFlags.NoPropagateInherit, AccessControlType.Allow); var info = new DirectoryInfo(path); var security = info.GetAccessControl(AccessControlSections.Access); bool result; security.ModifyAccessRule(AccessControlModification.Set, accessRule, out result); if (!result) { throw new InvalidOperationException("Failed to give full-control permission to all users for path " + path); } // add inheritance var inheritedAccessRule = new FileSystemAccessRule( allUsers, rights, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow); bool inheritedResult; security.ModifyAccessRule(AccessControlModification.Add, inheritedAccessRule, out inheritedResult); if (!inheritedResult) { throw new InvalidOperationException("Failed to give full-control permission inheritance to all users for " + path); } info.SetAccessControl(security); }