Add “Everyone” privilege to folder using C#.NET

2019-01-03 14:12发布

站内问答 / C#
1734 3 5

I have used the code below to allow Everyone access to a folder:

System.Security.AccessControl.DirectorySecurity sec =
    System.IO.Directory.GetAccessControl(directory, AccessControlSections.All);
FileSystemAccessRule accRule = new FileSystemAccessRule("Everyone",
                                       FileSystemRights.Modify,
                                       AccessControlType.Allow);
sec.AddAccessRule(accRule);    // setACL
sec.ResetAccessRule(accRule);

Now, the Everyone user is added to the folder, but not with any rights assigned. All the read, write, execute etc. checkboxes are not checked.

3条回答
唯我独甜
2楼-- · 2019-01-03 14:35

The below code checks for the folder existence, if not created, creates one. And then sets every user- permission of that folder with full permission (read & write).

string file = @"D:\Richi";     
private static void GrantAccess(string file)
            {
                bool exists = System.IO.Directory.Exists(file);
                if (!exists)
                {
                    DirectoryInfo di = System.IO.Directory.CreateDirectory(file);
                    Console.WriteLine("The Folder is created Sucessfully");
                }
                else
                {
                    Console.WriteLine("The Folder already exists");
                }
                DirectoryInfo dInfo = new DirectoryInfo(file);
                DirectorySecurity dSecurity = dInfo.GetAccessControl();
                dSecurity.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.NoPropagateInherit, AccessControlType.Allow));
                dInfo.SetAccessControl(dSecurity);

            }
查看更多
0人赞 添加讨论(0) 举报
冷血范
3楼-- · 2019-01-03 14:43

use FileSystemRights.FullControl instead of FileSystemRights.Modify if you want to allow all actions (ACL).

查看更多
0人赞 添加讨论(0) 举报
小情绪 Triste *
4楼-- · 2019-01-03 14:44

First thing I want to tell you is how I found this solution. This is probably more important than the answer because file permissions are hard to get correct.

First thing I did was set the permissions I wanted using the Windows dialogs and checkboxes. I added a rule for "Everyone" and ticked all boxes except "Full Control".

Then I wrote this C# code to tell me exactly what parameters I need to duplicate the Windows settings:

string path = @"C:\Users\you\Desktop\perms"; // path to directory whose settings you have already correctly configured
DirectorySecurity sec = Directory.GetAccessControl(path);
foreach (FileSystemAccessRule acr in sec.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount))) {
    Console.WriteLine("{0} | {1} | {2} | {3} | {4}", acr.IdentityReference.Value, acr.FileSystemRights, acr.InheritanceFlags, acr.PropagationFlags, acr.AccessControlType);
}

This gave me this line of output:

Everyone | Modify, Synchronize | ContainerInherit, ObjectInherit | None | Allow

So the solution is simple (yet hard to get right if you don't know what to look for!):

DirectorySecurity sec = Directory.GetAccessControl(path);
// Using this instead of the "Everyone" string means we work on non-English systems.
SecurityIdentifier everyone = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
sec.AddAccessRule(new FileSystemAccessRule(everyone, FileSystemRights.Modify | FileSystemRights.Synchronize, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
Directory.SetAccessControl(path, sec);

This will make the checkboxes on the Windows security dialog match what you have already set for your test directory.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)