In the following listing we will see how to add an access
rule to the Test.txt file.
Listing 3
protected void btnAdd_Click(object sender, EventArgs e)
{
System.Security.AccessControl.FileSecurity fSec = File.GetAccessControl(
"C:/Documents and Settings/SanjitSil/Test.txt");
fSec.AddAccessRule(new System.Security.AccessControl.FileSystemAccessRule(@
"Sanjit\Test", System.Security.AccessControl.FileSystemRights.FullControl,
System.Security.AccessControl.AccessControlType.Allow));
File.SetAccessControl("C:/Documents and Settings/SanjitSil/Test.txt", fSec);
}
There are several things to notice in the code specified in
listing 3. First, notice that there are three parameters that have been passed
to the FileSystemAccessRule constructor.
The first parameter is the user whom we want to give right;
remember that the value of the 1st parameter will change on the basis of a
specific system. Also remember that we must specify the full DOMAIN\USERNAME
for the user. In the code FileSystemRight, enumeration has been used to
specify the exact right given to a user. After running the above code, you can
take a look in the file’s properties dialog and you will see that the user has
been added to the Access Control List and allowed full control.
We can specify multiple rights by using a bitwise and an operator,
which is shown in the following listing.
Listing 4
fSec.AddAccessRule(new
System.Security.AccessControl.FileSystemAccessRule(@"Sanjit\Test",
System.Security.AccessControl.FileSystemRights.Read &
System.Security.AccessControl.FileSystemRights.Write,
System.Security.AccessControl.AccessControlType.Allow));
Removing the rule from Access Control List
Using RemoveAccessRule instead of AddAccessRule we can
remove the ACL which has been added when you use the code specified in Listing 4.
The code to remove ACL has been specified in the following
listing.
Listing 5
protected void btnRemove_Click(object sender, EventArgs e)
{
System.Security.AccessControl.FileSecurity fSec = File.GetAccessControl(
"C:/Documents and Settings/SanjitSil/Test.txt");
fSec.RemoveAccessRule(new System.Security.AccessControl.FileSystemAccessRule
(@"Sanjit\Test", System.Security.AccessControl.FileSystemRights.FullControl,
System.Security.AccessControl.AccessControlType.Allow));
File.SetAccessControl("C:/Documents and Settings/SanjitSil/Test.txt", fSec);
}
After running the code specified in Listing 5, we can see
that the user has been removed from the Access Control List.
In a similar way, we can apply Access Control List (ACL)
entries specified by a DirectorySecurity object to the specified directory
which has specified in the Listing 6.
Listing 6
System.Security.AccessControl.DirectorySecurity dSec =
Directory.GetAccessControl("C:/TestDirectory");
dSec.AddAccessRule(new System.Security.AccessControl.FileSystemAccessRule(@
"Sanjit \Test", System.Security.AccessControl.FileSystemRights.FullControl,
System.Security.AccessControl.AccessControlType.Allow));
Directory.SetAccessControl("C:/TestDirectory", dSec);
We can use RemoveAccessRule for the directory in same way
also.