Geek Answers Handbook

Create a directory and provide the user with a FullControl problem

I had a problem creating a directory with specific permissions.

//Make sure Tools directory exists DirectoryInfo oMyDirectoryInfo = new DirectoryInfo(oInstance.szToolsPath); if (!oMyDirectoryInfo.Exists) { oMyDirectoryInfo.Create(); DirectorySecurity oDirectorySecurity = oMyDirectoryInfo.GetAccessControl(); oDirectorySecurity.AddAccessRule(new FileSystemAccessRule((Settings.Default.LoginDomain + "\\" + Settings.Default.LoginUsername), FileSystemRights.FullControl, InheritanceFlags.ContainerInherit, PropagationFlags.InheritOnly, AccessControlType.Allow)); oMyDirectoryInfo.SetAccessControl(oDirectorySecurity); }

Now this creates a directory, and I see that Login has been added to the security tab. However, when I impersonate Login and try to copy files to this directory, I get an Unauthorized Exception. I can create a file (without data), I can create a folder, but I can not write data to files (but I installed FullControl: /)

I dug further to permissions via Windows, and I see that this applies to subfolders, but I would also like to set this to files. How to do this with code?

This is on Windows 7

+4
source share
2 answers

When you create your FileSystemAccessRule , you specify InheritanceFlags.ContainerInherit . This extends the mask to child containers. If you want to apply to sheet objects (files in your case), you need to specify InheritanceFlags.ObjectInherit or for both,

  InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit
+6
source

Use this to add an access rule.

 string adminUserName = Environment.UserName; DirectorySecurity dirService = Directory.GetAccessControl(directory + hexID); FileSystemAccessRule fsa = new FileSystemAccessRule(adminUserName,FileSystemRights.FullControl, AccessControlType.Deny); dirService.AddAccessRule(fsa);//add Directory.SetAccessControl(directory + hexID, dirService);

and use this to remove the access rule

 string adminUserName = Environment.UserName; DirectorySecurity dirService = Directory.GetAccessControl(directory + hexID); FileSystemAccessRule fsa = new FileSystemAccessRule(adminUserName, FileSystemRights.FullControl, AccessControlType.Deny); dirService.RemoveAccessRule(fsa);//remove Directory.SetAccessControl(directory + hexID, dirService);
0
source

More articles:


All Articles