DirectoryInfo.GetAccessControl Method ()
Gets a DirectorySecurity object that encapsulates the access control list (ACL) entries for the directory described by the current DirectoryInfo object.
Assembly: mscorlib (in mscorlib.dll)
Return Value
Type: System.Security.AccessControl.DirectorySecurityA DirectorySecurity object that encapsulates the access control rules for the directory.
| Exception | Condition |
|---|---|
| SystemException | The directory could not be found or modified. |
| UnauthorizedAccessException | The current process does not have access to open the directory. |
| IOException | An I/O error occurred while opening the directory. |
| PlatformNotSupportedException | The current operating system is not Microsoft Windows 2000 or later. |
| UnauthorizedAccessException | The directory is read-only. -or- This operation is not supported on the current platform. -or- The caller does not have the required permission. |
Calling this method overload is equivalent to calling the GetAccessControl method overload and specifying the access control sections AccessControlSections.Access | AccessControlSections.Owner | AccessControlSections.Group (AccessControlSections.AccessOrAccessControlSections.OwnerOrAccessControlSections.Group in Visual Basic).
Use the GetAccessControl method to retrieve the access control list (ACL) entries for the current file.
An ACL describes individuals and/or groups who have, or do not have, rights to specific actions on the given file or directory. For more information, see How to: Add or Remove Access Control List Entries.
The following example uses the GetAccessControl and SetAccessControl methods to add and then remove an access control list (ACL) entry from a directory.
using System; using System.IO; using System.Security.AccessControl; namespace FileSystemExample { class DirectoryExample { public static void Main() { try { string DirectoryName = "TestDirectory"; Console.WriteLine("Adding access control entry for " + DirectoryName); // Add the access control entry to the directory. AddDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow); Console.WriteLine("Removing access control entry from " + DirectoryName); // Remove the access control entry from the directory. RemoveDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow); Console.WriteLine("Done."); } catch (Exception e) { Console.WriteLine(e); } Console.ReadLine(); } // Adds an ACL entry on the specified directory for the specified account. public static void AddDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType) { // Create a new DirectoryInfo object. DirectoryInfo dInfo = new DirectoryInfo(FileName); // Get a DirectorySecurity object that represents the // current security settings. DirectorySecurity dSecurity = dInfo.GetAccessControl(); // Add the FileSystemAccessRule to the security settings. dSecurity.AddAccessRule(new FileSystemAccessRule(Account, Rights, ControlType)); // Set the new access settings. dInfo.SetAccessControl(dSecurity); } // Removes an ACL entry on the specified directory for the specified account. public static void RemoveDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType) { // Create a new DirectoryInfo object. DirectoryInfo dInfo = new DirectoryInfo(FileName); // Get a DirectorySecurity object that represents the // current security settings. DirectorySecurity dSecurity = dInfo.GetAccessControl(); // Add the FileSystemAccessRule to the security settings. dSecurity.RemoveAccessRule(new FileSystemAccessRule(Account, Rights, ControlType)); // Set the new access settings. dInfo.SetAccessControl(dSecurity); } } }
for permission to enumerate an access control list (ACL) for a directory. Security action: Demand. Associated enumerations: FileIOPermissionAccess.NoAccess, AccessControlActions.View
Available since 2.0