SemaphoreSecurity.SetAccessRule(SemaphoreAccessRule) Method

Reference

Definition

Namespace:: System.Security.AccessControl

Assembly:: System.Threading.AccessControl.dll

Assembly:: System.dll

Package:: System.Threading.AccessControl v6.0.0

Package:: System.Threading.AccessControl v7.0.0

Package:: System.Threading.AccessControl v8.0.0

Package:: System.Threading.AccessControl v9.0.0-preview.2.24128.5

Source:: SemaphoreSecurity.cs

Source:: SemaphoreSecurity.cs

Source:: SemaphoreSecurity.cs

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Removes all access control rules with the same user and AccessControlType (allow or deny) as the specified rule, and then adds the specified rule.

public:
 void SetAccessRule(System::Security::AccessControl::SemaphoreAccessRule ^ rule);

public void SetAccessRule (System.Security.AccessControl.SemaphoreAccessRule rule);

override this.SetAccessRule : System.Security.AccessControl.SemaphoreAccessRule -> unit

Public Sub SetAccessRule (rule As SemaphoreAccessRule)

Parameters

rule: SemaphoreAccessRule

The SemaphoreAccessRule to add. The user and AccessControlType of this rule determine the rules to remove before this rule is added.

Exceptions

ArgumentNullException

rule is null.

Examples

The following code example shows how the SetAccessRule method removes all rules that match both the user and the AccessControlType of rule, replacing them with rule.

The example creates a SemaphoreSecurity object and adds rules that allow and deny various rights for the current user. The example then creates a new rule that allows the current user full control, and uses the SetAccessRule method to replace the existing Allow rule with the new rule. The rule that denies access is not affected.

Note

This example does not attach the security object to a Semaphore object. Examples that attach security objects can be found in Semaphore.GetAccessControl and Semaphore.SetAccessControl.

using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;

public class Example
{
    public static void Main()
    {
        // Create a string representing the current user.
        string user = Environment.UserDomainName + "\\" + 
            Environment.UserName;

        // Create a security object that grants no access.
        SemaphoreSecurity mSec = new SemaphoreSecurity();

        // Add a rule that grants the current user the 
        // right to enter or release the semaphore and read the
        // permissions on the semaphore.
        SemaphoreAccessRule rule = new SemaphoreAccessRule(user, 
            SemaphoreRights.Synchronize | SemaphoreRights.Modify
                | SemaphoreRights.ReadPermissions, 
            AccessControlType.Allow);
        mSec.AddAccessRule(rule);

        // Add a rule that denies the current user the 
        // right to change permissions on the semaphore.
        rule = new SemaphoreAccessRule(user, 
            SemaphoreRights.ChangePermissions, 
            AccessControlType.Deny);
        mSec.AddAccessRule(rule);

        // Display the rules in the security object.
        ShowSecurity(mSec);

        // Create a rule that grants the current user 
        // the full control over the semaphore. Use the
        // SetAccessRule method to replace the 
        // existing Allow rule with the new rule. 
        rule = new SemaphoreAccessRule(user,
            SemaphoreRights.FullControl,
            AccessControlType.Allow);
        mSec.SetAccessRule(rule);

        ShowSecurity(mSec);
    }

    private static void ShowSecurity(SemaphoreSecurity security)
    {
        Console.WriteLine("\r\nCurrent access rules:\r\n");

        foreach(SemaphoreAccessRule ar in 
            security.GetAccessRules(true, true, typeof(NTAccount)))
        {
            Console.WriteLine("        User: {0}", ar.IdentityReference);
            Console.WriteLine("        Type: {0}", ar.AccessControlType);
            Console.WriteLine("      Rights: {0}", ar.SemaphoreRights);
            Console.WriteLine();
        }
    }
}

/*This code example produces output similar to following:

Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, ReadPermissions, Synchronize


Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: FullControl
 */

Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal

Public Class Example

    Public Shared Sub Main()

        ' Create a string representing the current user.
        Dim user As String = Environment.UserDomainName _ 
            & "\" & Environment.UserName

        ' Create a security object that grants no access.
        Dim mSec As New SemaphoreSecurity()

        ' Add a rule that grants the current user the 
        ' right to enter or release the semaphore, and to 
        ' read its permissions.
        Dim rule As New SemaphoreAccessRule(user, _
            SemaphoreRights.Synchronize _
            Or SemaphoreRights.Modify _
            Or SemaphoreRights.ReadPermissions, _
            AccessControlType.Allow)
        mSec.AddAccessRule(rule)

        ' Add a rule that denies the current user the 
        ' right to change permissions on the semaphore.
        rule = New SemaphoreAccessRule(user, _
            SemaphoreRights.ChangePermissions, _
            AccessControlType.Deny)
        mSec.AddAccessRule(rule)

        ' Display the rules in the security object.
        ShowSecurity(mSec)

        ' Create a rule that grants the current user 
        ' the full control over the semaphore. Use the
        ' SetAccessRule method to replace the 
        ' the existing Allow rule with the new rule. 
        rule = New SemaphoreAccessRule(user, _
            SemaphoreRights.FullControl, _
            AccessControlType.Allow)
        mSec.SetAccessRule(rule)

        ShowSecurity(mSec)
        
    End Sub 

    Private Shared Sub ShowSecurity(ByVal security As SemaphoreSecurity)
        Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)

        For Each ar As SemaphoreAccessRule In _
            security.GetAccessRules(True, True, GetType(NTAccount))

            Console.WriteLine("        User: {0}", ar.IdentityReference)
            Console.WriteLine("        Type: {0}", ar.AccessControlType)
            Console.WriteLine("      Rights: {0}", ar.SemaphoreRights)
            Console.WriteLine()
        Next

    End Sub
End Class 

'This code example produces output similar to following:
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: Modify, ReadPermissions, Synchronize
'
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: FullControl

Remarks

If the specified rule has Allow, the effect of this method is to remove all Allow rules for the specified user, replacing them with the specified rule. If the specified rule has Deny, all Deny rules for the specified user are replaced with the specified rule.

If there are no rules whose user and AccessControlType match the specified rule, rule is added.

Applies to