Allow Access Control before accessing File System

Abhi2434
Posted by Abhi2434 under C# category on | Points: 40 | Views : 4270
I have prepared a class which will allow you to give ACL to a folder or File before you actually access the content. It also have few methods to remove Readonly attribute from the Folder. I hope the code will help you.

    public class ACL
{
private DirectoryInfo dInfo = null;
private NativeObjectSecurity secInfo = null;
private bool isAclSet = false;

public ACL(string path)//, [System.Runtime.InteropServices.OptionalAttribute, System.Runtime.InteropServices.DefaultParameterValueAttribute(false)] // ERROR: Optional parameters aren't supported in C# bool isRegistryPath)
{
this.dInfo = new DirectoryInfo(path);
if (!dInfo.Exists)
throw new ApplicationException("Path " + path + " not found");

this.secInfo = dInfo.GetAccessControl(AccessControlSections.Access);
}

public bool CanAccess(string idName)
{
NTAccount userAcc = new NTAccount(idName);
AuthorizationRuleCollection authRules = this.secInfo.GetAccessRules(true, true, typeof(NTAccount));
bool allowAccess = false;
bool denyAccess = false;

foreach (FileSystemAccessRule authRule in authRules)
{
if (authRule.IdentityReference.Equals(userAcc))
{
if (authRule.AccessControlType.Equals(AccessControlType.Deny))
denyAccess = (authRule.FileSystemRights & FileSystemRights.FullControl).Equals(FileSystemRights.FullControl);
else if (authRule.AccessControlType.Equals(AccessControlType.Allow))
allowAccess = (authRule.FileSystemRights & FileSystemRights.FullControl).Equals(FileSystemRights.FullControl);
}
}

return (allowAccess & !denyAccess);
}

public void SetAccessible(string idName)
{
this.SetAccess(idName);
this.isAclSet = true;
}
public void SetAccessibleToCurrentUser()
{
string currentUser = WindowsIdentity.GetCurrent().Name;
this.SetAccessible(currentUser);
}
public void SetAccessibleToEveryone()
{
this.SetAccessible("EVERYONE");
}
private void SetAccess(string idName)
{
FileSystemAccessRule rule = new FileSystemAccessRule(idName, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.NoPropagateInherit, AccessControlType.Allow);

DirectorySecurity dSecInfo = (DirectorySecurity)this.secInfo;
dSecInfo.RemoveAccessRule(rule);
this.dInfo.SetAccessControl(dSecInfo);

foreach (FileInfo info in this.dInfo.GetFiles())
{
FileSecurity fsec = info.GetAccessControl(AccessControlSections.Access);
info.SetAccessControl(fsec);
}

}
public void ResetAccessible(string idName)
{
if (this.isAclSet)
{
this.SetAccess(idName);
this.isAclSet = false;
}
}
public void ResetAccessibleToCurrentUser()
{
string currentUser = WindowsIdentity.GetCurrent().Name;
this.ResetAccessible(currentUser);
}
public void ResetAccessibleToEveryone()
{
this.ResetAccessible("EVERYONE");
}
public void RemoveReadonlyAttribute()
{
//' remove readonly attributes from inner directories
foreach (DirectoryInfo di in this.dInfo.GetDirectories("*", SearchOption.AllDirectories))
if ((di.Attributes & FileAttributes.ReadOnly) == FileAttributes.ReadOnly)
di.Attributes = (di.Attributes & ~FileAttributes.ReadOnly);

//' remove readonly attributes from inner files
foreach (FileInfo fi in this.dInfo.GetFiles("*.*", SearchOption.AllDirectories))
if ((fi.Attributes & FileAttributes.ReadOnly) == FileAttributes.ReadOnly)
fi.Attributes = (fi.Attributes & ~FileAttributes.ReadOnly);

//' remove readonly attributes from top level directory
if ((this.dInfo.Attributes & FileAttributes.ReadOnly) == FileAttributes.ReadOnly)
this.dInfo.Attributes = (this.dInfo.Attributes & ~FileAttributes.ReadOnly);
}

}


Call the methods whenever you want to create a file or folder inside a directory and give accessibility to the users.

Comments or Responses

Login to post response