DirectoryInfo.GetAccessControl 方法
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
获取当前目录的访问控制列表(ACL)条目。
重载
| 名称 | 说明 |
|---|---|
| GetAccessControl() |
获取一个 DirectorySecurity 对象,该对象封装当前 DirectoryInfo 对象描述的目录的访问控制列表(ACL)条目。 |
| GetAccessControl(AccessControlSections) |
获取一个 DirectorySecurity 对象,该对象封装当前 DirectoryInfo 对象描述的目录的指定类型的访问控制列表 (ACL) 条目。 |
注解
使用 GetAccessControl 方法检索当前文件的访问控制列表(ACL)条目。
有关详细信息,请参阅 “如何:添加或删除访问控制列表条目”。
GetAccessControl()
获取一个 DirectorySecurity 对象,该对象封装当前 DirectoryInfo 对象描述的目录的访问控制列表(ACL)条目。
public:
System::Security::AccessControl::DirectorySecurity ^ GetAccessControl();public System.Security.AccessControl.DirectorySecurity GetAccessControl();member this.GetAccessControl : unit -> System.Security.AccessControl.DirectorySecurityPublic Function GetAccessControl () As DirectorySecurity返回
封装 DirectorySecurity 目录访问控制规则的对象。
例外
找不到或修改目录。
打开目录时出现 I/O 错误。
示例
以下示例使用 GetAccessControl 和 SetAccessControl 方法从目录中添加和删除访问控制列表(ACL)条目。
using System;
using System.IO;
using System.Security.AccessControl;
namespace FileSystemExample
{
class DirectoryExample
{
public static void Main()
{
try
{
string DirectoryName = "TestDirectory";
Console.WriteLine("Adding access control entry for " + DirectoryName);
// Add the access control entry to the directory.
AddDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow);
Console.WriteLine("Removing access control entry from " + DirectoryName);
// Remove the access control entry from the directory.
RemoveDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow);
Console.WriteLine("Done.");
}
catch (Exception e)
{
Console.WriteLine(e);
}
Console.ReadLine();
}
// Adds an ACL entry on the specified directory for the specified account.
public static void AddDirectorySecurity(
string DirectoryName,
string Account,
FileSystemRights Rights,
AccessControlType ControlType
)
{
// Create a new DirectoryInfo object.
DirectoryInfo dInfo = new(DirectoryName);
// Get a DirectorySecurity object that represents the
// current security settings.
DirectorySecurity dSecurity = dInfo.GetAccessControl();
// Add the FileSystemAccessRule to the security settings.
dSecurity.AddAccessRule(new FileSystemAccessRule(Account,
Rights,
ControlType));
// Set the new access settings.
dInfo.SetAccessControl(dSecurity);
}
// Removes an ACL entry on the specified directory for the specified account.
public static void RemoveDirectorySecurity(
string DirectoryName,
string Account,
FileSystemRights Rights,
AccessControlType ControlType
)
{
// Create a new DirectoryInfo object.
DirectoryInfo dInfo = new(DirectoryName);
// Get a DirectorySecurity object that represents the
// current security settings.
DirectorySecurity dSecurity = dInfo.GetAccessControl();
// Add the FileSystemAccessRule to the security settings.
dSecurity.RemoveAccessRule(new FileSystemAccessRule(Account,
Rights,
ControlType));
// Set the new access settings.
dInfo.SetAccessControl(dSecurity);
}
}
}
open System
open System.IO
open System.Security.AccessControl
// Adds an ACL entry on the specified directory for the specified account.
let addDirectorySecurity fileName (account: string) rights controlType =
// Create a new DirectoryInfo object.
let dInfo = DirectoryInfo fileName
// Get a DirectorySecurity object that represents the
// current security settings.
let dSecurity = dInfo.GetAccessControl()
// Add the FileSystemAccessRule to the security settings.
dSecurity.AddAccessRule(FileSystemAccessRule(account, rights, controlType))
// Set the new access settings.
dInfo.SetAccessControl dSecurity
// Removes an ACL entry on the specified directory for the specified account.
let removeDirectorySecurity fileName (account: string) rights controlType =
// Create a new DirectoryInfo object.
let dInfo = DirectoryInfo fileName
// Get a DirectorySecurity object that represents the
// current security settings.
let dSecurity = dInfo.GetAccessControl()
// Add the FileSystemAccessRule to the security settings.
dSecurity.RemoveAccessRule(FileSystemAccessRule(account, rights, controlType)) |> ignore
// Set the new access settings.
dInfo.SetAccessControl dSecurity
try
let DirectoryName = "TestDirectory"
printfn $"Adding access control entry for {DirectoryName}"
// Add the access control entry to the directory.
addDirectorySecurity DirectoryName @"MYDOMAIN\MyAccount" FileSystemRights.ReadData AccessControlType.Allow
printfn $"Removing access control entry from {DirectoryName}"
// Remove the access control entry from the directory.
removeDirectorySecurity DirectoryName @"MYDOMAIN\MyAccount" FileSystemRights.ReadData AccessControlType.Allow
printfn "Done."
with e ->
printfn $"{e}"
Imports System.IO
Imports System.Security.AccessControl
Module DirectoryExample
Sub Main()
Try
Dim DirectoryName As String = "TestDirectory"
Console.WriteLine("Adding access control entry for " + DirectoryName)
' Add the access control entry to the directory.
AddDirectorySecurity(DirectoryName, "MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow)
Console.WriteLine("Removing access control entry from " + DirectoryName)
' Remove the access control entry from the directory.
RemoveDirectorySecurity(DirectoryName, "MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow)
Console.WriteLine("Done.")
Catch e As Exception
Console.WriteLine(e)
End Try
Console.ReadLine()
End Sub
' Adds an ACL entry on the specified directory for the specified account.
Sub AddDirectorySecurity(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal ControlType As AccessControlType)
' Create a new DirectoryInfoobject.
Dim dInfo As New DirectoryInfo(FileName)
' Get a DirectorySecurity object that represents the
' current security settings.
Dim dSecurity As DirectorySecurity = dInfo.GetAccessControl()
' Add the FileSystemAccessRule to the security settings.
dSecurity.AddAccessRule(New FileSystemAccessRule(Account, Rights, ControlType))
' Set the new access settings.
dInfo.SetAccessControl(dSecurity)
End Sub
' Removes an ACL entry on the specified directory for the specified account.
Sub RemoveDirectorySecurity(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal ControlType As AccessControlType)
' Create a new DirectoryInfo object.
Dim dInfo As New DirectoryInfo(FileName)
' Get a DirectorySecurity object that represents the
' current security settings.
Dim dSecurity As DirectorySecurity = dInfo.GetAccessControl()
' Add the FileSystemAccessRule to the security settings.
dSecurity.RemoveAccessRule(New FileSystemAccessRule(Account, Rights, ControlType))
' Set the new access settings.
dInfo.SetAccessControl(dSecurity)
End Sub
End Module
注解
调用此方法重载等效于调用 GetAccessControl 方法重载并指定访问控制节 AccessControlSections.Access | AccessControlSections.Owner | | AccessControlSections.Access (OrAccessControlSections.OwnerOrAccessControlSections.Group in Visual Basic)。
ACL 描述对给定文件或目录的特定操作具有或无权的个人和组。 有关详细信息,请参阅 “如何:添加或删除访问控制列表条目”。
适用于
GetAccessControl(AccessControlSections)
获取一个 DirectorySecurity 对象,该对象封装当前 DirectoryInfo 对象描述的目录的指定类型的访问控制列表 (ACL) 条目。
public:
System::Security::AccessControl::DirectorySecurity ^ GetAccessControl(System::Security::AccessControl::AccessControlSections includeSections);public System.Security.AccessControl.DirectorySecurity GetAccessControl(System.Security.AccessControl.AccessControlSections includeSections);member this.GetAccessControl : System.Security.AccessControl.AccessControlSections -> System.Security.AccessControl.DirectorySecurityPublic Function GetAccessControl (includeSections As AccessControlSections) As DirectorySecurity参数
- includeSections
- AccessControlSections
指定要 AccessControlSections 接收的访问控制列表(ACL)信息类型的值之一。
返回
一个 DirectorySecurity 对象,该对象封装当前 DirectoryInfo 对象描述的目录的访问控制规则。
例外
找不到或修改目录。
当前进程无权打开目录。
或者
目录是只读的。
或者
当前平台上不支持此操作。
或者
调用方没有所需的权限。
打开目录时出现 I/O 错误。
注解
GetAccessControl使用该方法检索当前文件的访问控制列表(ACL)条目。
ACL 描述对给定文件或目录的特定操作具有或无权的个人和组。 有关详细信息,请参阅 “如何:添加或删除访问控制列表条目”。
