希望您能帮助我。我需要为实际用户(启动程序)或其组(用户/管理员...)获得特定文件夹的访问权限(读取,写入等)
下面的代码可以正常工作,但是我无法获得类似于以下格式的信息:
C:\ Windows(R + W)
或
C:\ Windows(完全控制)
谢谢。
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.AccessControl;
using System.Security.Principal;
using System.Text;
using System.Threading.Tasks;
namespace ConsoleApp1
{
class Program
{
static void Main(string[] args)
{
Console.WriteLine(getRights(@"C:\test"));
Console.ReadLine();
}
static string getRights(string path)
{
string rights = "eeeeee";
try
{
DirectorySecurity dSecurity = Directory.GetAccessControl(path);
foreach (FileSystemAccessRule rule in dSecurity.GetAccessRules(true, true, typeof(NTAccount)))
{
rights += rule.FileSystemRights.ToString() + "\n";
rights += rule.IdentityReference.Value + "\n";
rights += "\n\n";
}
}
catch
{
rights = "";
}
return rights;
}
}
}
答案 0 :(得分:0)
如果我做对了,您需要这样的东西:
internal class Program
{
private static void Main(string[] args)
{
string path = @"C:\Windows";
Console.WriteLine($"{path} - {getRights(path)}");
Console.ReadLine();
}
static string getRights(string path)
{
DirectoryInfo directoryInfo = new DirectoryInfo(path);
if (!directoryInfo.Exists)
{
return "Directory doesn't exist";
}
FileSystemRights fsRights = 0;
DirectorySecurity directorySecurity = directoryInfo.GetAccessControl();
AuthorizationRuleCollection authRules = directorySecurity.GetAccessRules(true, true, typeof(NTAccount));
WindowsIdentity currentUser = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(currentUser);
foreach (AuthorizationRule rule in authRules)
{
FileSystemAccessRule fsRule = rule as FileSystemAccessRule;
if (fsRule != null)
{
NTAccount ntAccount = rule.IdentityReference as NTAccount;
if (principal.IsInRole(ntAccount.Value))
{
if (fsRule.FileSystemRights > fsRights)
{
fsRights = fsRule.FileSystemRights;
}
}
}
}
switch (fsRights)
{
case FileSystemRights.FullControl:
return "Full Control";
case FileSystemRights r when (r >= FileSystemRights.Write):
return "Write";
case FileSystemRights r when (r >= FileSystemRights.ReadData):
return "Read";
default:
return "No rights";
}
}
}
更新:
public enum FileSystemRights
{
ReadData = 1,
ListDirectory = 1,
WriteData = 2,
CreateFiles = 2,
AppendData = 4,
CreateDirectories = 4,
ReadExtendedAttributes = 8,
WriteExtendedAttributes = 16,
ExecuteFile = 32,
Traverse = 32,
DeleteSubdirectoriesAndFiles = 64,
ReadAttributes = 128,
WriteAttributes = 256,
Write = 278,
Delete = 65536,
ReadPermissions = 131072,
Read = 131209,
ReadAndExecute = 131241,
Modify = 197055,
ChangePermissions = 262144,
TakeOwnership = 524288,
Synchronize = 1048576,
FullControl = 2032127
}