Export (0) Print
Expand All

EventWaitHandleSecurity.RemoveAccessRule Method

Searches for an access control rule with the same user and AccessControlType (allow or deny) as the specified access rule, and with compatible inheritance and propagation flags; if such a rule is found, the rights contained in the specified access rule are removed from it.

Namespace:  System.Security.AccessControl
Assembly:  mscorlib (in mscorlib.dll)

public bool RemoveAccessRule(
	EventWaitHandleAccessRule rule
)

Parameters

rule
Type: System.Security.AccessControl.EventWaitHandleAccessRule

An EventWaitHandleAccessRule that specifies the user and AccessControlType to search for, and a set of inheritance and propagation flags that a matching rule, if found, must be compatible with. Specifies the rights to remove from the compatible rule, if found.

Return Value

Type: System.Boolean
true if a compatible rule is found; otherwise, false.

ExceptionCondition
ArgumentNullException

rule is null.

The current EventWaitHandleSecurity is searched for a rule that has the same user and the same AccessControlType value as rule. If no such rule is found, no action is taken, and the method returns false. If matching rules are found, their inheritance and compatibility flags are checked for compatibility with the flags specified in rule. If no compatible rule is found, no action is taken, and the method returns false. If a rule with compatible flags is found, the rights specified in rule are removed from the compatible rule, and the method returns true. If rule specifies rights not contained in the compatible rule, no action is taken with respect to those rights. If all rights are removed from the compatible rule, the entire rule is removed from the current EventWaitHandleSecurity object.

Important noteImportant

Although you can specify inheritance and propagation flags for event access rules, by creating them with the AccessRuleFactory method, this is not recommended. Inheritance and propagation have no meaning for named events, and they make the maintenance of access rules more complicated.

The following code example demonstrates the use of the RemoveAccessRule method to remove rights from an Allow rule in an EventWaitHandleSecurity object. It also shows that other rights in rule are ignored.

The example creates an EventWaitHandleSecurity object and adds rules that allow and deny various rights for the current user. The rights allowed include Modify, ReadPermissions, and Synchronize. The example then creates a new rule for the current user, including ReadPermissions and TakeOwnership rights, and uses that rule with the RemoveAccessRule method to remove ReadPermissions from the Allow rule in the EventWaitHandleSecurity object. The TakeOwnership right in rule is ignored.

NoteNote

This example does not attach the security object to a EventWaitHandle object. Examples that attach security objects can be found in EventWaitHandle.GetAccessControl and EventWaitHandle.SetAccessControl.

using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;

public class Example
{
    public static void Main()
    {
        // Create a string representing the current user. 
        string user = Environment.UserDomainName + "\\" + 
            Environment.UserName;

        // Create a security object that grants no access.
        EventWaitHandleSecurity mSec = new EventWaitHandleSecurity();

        // Add a rule that grants the current user the  
        // right to wait on or signal the event and read the 
        // permissions on the event.
        EventWaitHandleAccessRule rule = new EventWaitHandleAccessRule(user, 
            EventWaitHandleRights.Synchronize | EventWaitHandleRights.Modify
                | EventWaitHandleRights.ReadPermissions, 
            AccessControlType.Allow);
        mSec.AddAccessRule(rule);

        // Add a rule that denies the current user the  
        // right to change permissions on the event.
        rule = new EventWaitHandleAccessRule(user, 
            EventWaitHandleRights.ChangePermissions, 
            AccessControlType.Deny);
        mSec.AddAccessRule(rule);

        // Display the rules in the security object.
        ShowSecurity(mSec);

        // Create a rule that grants the current user  
        // the right to read permissions on the event, and 
        // take ownership of the event. Use this rule to  
        // remove the right to read permissions from the  
        // Allow rule for the current user. The inclusion  
        // of the right to take ownership has no effect.
        rule = new EventWaitHandleAccessRule(user, 
            EventWaitHandleRights.TakeOwnership | 
                EventWaitHandleRights.ReadPermissions, 
            AccessControlType.Allow);
        mSec.RemoveAccessRule(rule);

        ShowSecurity(mSec);
    }

    private static void ShowSecurity(EventWaitHandleSecurity security)
    {
        Console.WriteLine("\r\nCurrent access rules:\r\n");

        foreach(EventWaitHandleAccessRule ar in 
            security.GetAccessRules(true, true, typeof(NTAccount)))
        {
            Console.WriteLine("        User: {0}", ar.IdentityReference);
            Console.WriteLine("        Type: {0}", ar.AccessControlType);
            Console.WriteLine("      Rights: {0}", ar.EventWaitHandleRights);
            Console.WriteLine();
        }
    }
}

/*This code example produces output similar to following:

Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, ReadPermissions, Synchronize


Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, Synchronize
 */

.NET Framework

Supported in: 4.5, 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Show:
© 2014 Microsoft