FileSystemSecurity::RemoveAccessRule Method (FileSystemAccessRule^)
Removes all matching allow or deny access control list (ACL) permissions from the current file or directory.
Assembly: mscorlib (in mscorlib.dll)
Parameters
- rule
-
Type:
System.Security.AccessControl::FileSystemAccessRule^
A FileSystemAccessRule object that represents an access control list (ACL) permission to remove from a file or directory.
| Exception | Condition |
|---|---|
| ArgumentNullException | The rule parameter is null. |
The RemoveAccessRule method removes either all matching Deny access rules or all matching Allow access rules from the current FileSystemSecurity object. For example, you can use this method to remove all Deny access rules for a user by passing a FileSystemAccessRule object created using the Deny value, the Read value, and a user account. When you do this, the RemoveAccessRule method removes any deny rules that specify the Read value or the Write value.
To persist new or changed access control list (ACL) information to a file, use the SetAccessControl or SetAccessControl method. To persist new or changed ACL information to a directory, use the SetAccessControl or SetAccessControl method.
To retrieve ACL information from a file, use the GetAccessControl or GetAccessControl method. To retrieve ACL information from a directory, use the GetAccessControl or GetAccessControl method.
When you add an access rule without setting the Synchronize flag, the Synchronize flag will be automatically added to your rule. If you remove the rule later without specifying the Synchronize flag, the flag will automatically be removed.
The following code example uses the FileSecurity class to add and then remove an access control list (ACL) entry from a file. You must supply a valid user or group account to run this example.
using namespace System; using namespace System::IO; using namespace System::Security::AccessControl; // Adds an ACL entry on the specified file for the specified account. void AddFileSecurity(String^ fileName, String^ account, FileSystemRights rights, AccessControlType controlType) { // Get a FileSecurity object that represents the // current security settings. FileSecurity^ fSecurity = File::GetAccessControl(fileName); // Add the FileSystemAccessRule to the security settings. fSecurity->AddAccessRule(gcnew FileSystemAccessRule (account,rights, controlType)); // Set the new access settings. File::SetAccessControl(fileName, fSecurity); } // Removes an ACL entry on the specified file for the specified account. void RemoveFileSecurity(String^ fileName, String^ account, FileSystemRights rights, AccessControlType controlType) { // Get a FileSecurity object that represents the // current security settings. FileSecurity^ fSecurity = File::GetAccessControl(fileName); // Remove the FileSystemAccessRule from the security settings. fSecurity->RemoveAccessRule(gcnew FileSystemAccessRule (account,rights, controlType)); // Set the new access settings. File::SetAccessControl(fileName, fSecurity); } int main() { try { String^ fileName = "test.xml"; Console::WriteLine("Adding access control entry for " + fileName); // Add the access control entry to the file. AddFileSecurity(fileName, "MYDOMAIN\\MyAccount", FileSystemRights::ReadData, AccessControlType::Allow); Console::WriteLine("Removing access control entry from " + fileName); // Remove the access control entry from the file. RemoveFileSecurity(fileName, "MYDOMAIN\\MyAccount", FileSystemRights::ReadData, AccessControlType::Allow); Console::WriteLine("Done."); } catch (Exception^ ex) { Console::WriteLine(ex->Message); } }
Available since 2.0