이 문서는 기계 번역을 이용하여 번역되었습니다. 문서를 영문으로 보려면 영문 확인란을 선택하세요. 마우스 포인터를 텍스트 위로 이동시켜 팝업 창에서 영문 텍스트를 표시할 수도 있습니다.
번역
영문

Directory.GetAccessControl 메서드 (String)

 

Gets a DirectorySecurity object that encapsulates the access control list (ACL) entries for a specified directory.

네임스페이스:   System.IO
어셈블리:  mscorlib.dll의 mscorlib

public static DirectorySecurity GetAccessControl(
	string path
)

매개 변수

path
Type: System.String

The path to a directory containing a DirectorySecurity object that describes the file's access control list (ACL) information.

반환 값

Type: System.Security.AccessControl.DirectorySecurity

An object that encapsulates the access control rules for the file described by the path parameter.

Exception Condition
ArgumentNullException

The path parameter is null.

IOException

An I/O error occurred while opening the directory.

PlatformNotSupportedException

The current operating system is not Windows 2000 or later.

SystemException

A system-level error occurred, such as the directory could not be found. The specific exception may be a subclass of SystemException.

UnauthorizedAccessException

The path parameter specified a directory that is read-only.

-or-

This operation is not supported on the current platform.

-or-

The caller does not have the required permission.

Use the M:System.IO.Directory.GetAccessControl(System.String) method to retrieve the access control list (ACL) entries for a directory.

An ACL describes individuals and/or groups who have, or do not have, rights to specific actions on the given file or directory. For more information, see How to: Add or Remove Access Control List Entries.

In NTFS environments, F:System.Security.AccessControl.FileSystemRights.ReadAttributes and F:System.Security.AccessControl.FileSystemRights.ReadExtendedAttributes are granted to the user if the user has F:System.Security.AccessControl.FileSystemRights.ListDirectory rights on the parent folder. To deny F:System.Security.AccessControl.FileSystemRights.ReadAttributes and F:System.Security.AccessControl.FileSystemRights.ReadExtendedAttributes, deny F:System.Security.AccessControl.FileSystemRights.ListDirectory on the parent directory.

The following example uses the M:System.IO.Directory.GetAccessControl(System.String) and the M:System.IO.Directory.SetAccessControl(System.String,System.Security.AccessControl.DirectorySecurity) methods to add an access control list (ACL) entry and then remove an ACL entry from a directory. You must supply a valid user or group account to run this example.

using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class DirectoryExample
    {
        public static void Main()
        {
            try
            {
                string DirectoryName = "TestDirectory";

                Console.WriteLine("Adding access control entry for " + DirectoryName);

                // Add the access control entry to the directory.
                AddDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Removing access control entry from " + DirectoryName);

                // Remove the access control entry from the directory.
                RemoveDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Done.");
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }

            Console.ReadLine();
        }

        // Adds an ACL entry on the specified directory for the specified account.
        public static void AddDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
        {
            // Create a new DirectoryInfo object.
            DirectoryInfo dInfo = new DirectoryInfo(FileName);

            // Get a DirectorySecurity object that represents the 
            // current security settings.
            DirectorySecurity dSecurity = dInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings. 
            dSecurity.AddAccessRule(new FileSystemAccessRule(Account,
                                                            Rights,
                                                            ControlType));

            // Set the new access settings.
            dInfo.SetAccessControl(dSecurity);

        }

        // Removes an ACL entry on the specified directory for the specified account.
        public static void RemoveDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
        {
            // Create a new DirectoryInfo object.
            DirectoryInfo dInfo = new DirectoryInfo(FileName);

            // Get a DirectorySecurity object that represents the 
            // current security settings.
            DirectorySecurity dSecurity = dInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings. 
            dSecurity.RemoveAccessRule(new FileSystemAccessRule(Account,
                                                            Rights,
                                                            ControlType));

            // Set the new access settings.
            dInfo.SetAccessControl(dSecurity);

        }
    }
}

FileIOPermission

for permission to enumerate access control list (ACL) for a directory. Associated enumerations: F:System.Security.Permissions.FileIOPermissionAccess.NoAccess , F:System.Security.AccessControl.AccessControlActions.View

Security action: Demand.

.NET Framework
2.0 이후에 사용 가능
맨 위로 이동
표시: