我想阻止用户移动/重命名/删除文件夹,但在文件夹内导航以查看其子文件夹和文件;此外,代码可以在设置这些访问权限后在文件夹内创建子文件夹/文件。 对于文件,我还想阻止用户更新/移动/重命名/删除,但应用程序可以执行此操作。我使用DirectorySecurity但我无法产生预期的结果。
var directoryInfo = new DirectoryInfo(path);
var directorySecurity = directoryInfo.GetAccessControl();
var windowsIdentity = System.Security.Principal.WindowsIdentity.GetCurrent();
if (windowsIdentity != null)
{
var userName = windowsIdentity.Name;
directorySecurity.AddAccessRule(new FileSystemAccessRule(userName,
FileSystemRights.FullControl, AccessControlType.Deny));
directorySecurity.AddAccessRule(new FileSystemAccessRule(userName,
FileSystemRights.Read | FileSystemRights.ListDirectory | FileSystemRights.CreateDirectories | FileSystemRights.CreateFiles , AccessControlType.Allow));
directoryInfo.SetAccessControl(directorySecurity);
}