此页面有用吗?
您对此内容的反馈非常重要。 请告诉我们您的想法。
更多反馈?
1500 个剩余字符
导出 (0) 打印
全部展开
此文章由机器翻译。 将光标移到文章的句子上,以查看原文。 更多信息。
译文
原文

Directory.GetAccessControl 方法 (String)

获取一个 DirectorySecurity 对象,该对象封装指定目录的访问控制列表 (ACL) 项。

命名空间:  System.IO
程序集:  mscorlib(在 mscorlib.dll 中)

public static DirectorySecurity GetAccessControl(
	string path
)

参数

path
类型:System.String
包含 DirectorySecurity 对象的目录的路径,该对象描述文件的访问控制列表 (ACL) 信息。

返回值

类型:System.Security.AccessControl.DirectorySecurity
一个封装由 path 参数描述的文件的访问控制规则的对象。

异常条件
ArgumentNullException

path 参数为 null

IOException

打开目录时发生 I/O 错误。

PlatformNotSupportedException

当前操作系统不是 Windows 2000 或更高版本。

SystemException

出现的一个系统级错误,如未能找到目录。 特定异常可能是 SystemException 的子类。

UnauthorizedAccessException

path 参数指定了一个只读目录。

- 或 -

在当前平台上不支持此操作。

- 或 -

调用方没有所要求的权限。

Use the GetAccessControl method to retrieve the access control list (ACL) entries for a directory.

An ACL describes individuals and/or groups who have, or do not have, rights to specific actions on the given file or directory. For more information, see ACL 技术概述 and 如何:添加或移除访问控制列表项.

In NTFS environments, ReadAttributes and ReadExtendedAttributes are granted to the user if the user has ListDirectory rights on the parent folder. To deny ReadAttributes and ReadExtendedAttributes, deny ListDirectory on the parent directory.

The following example uses the GetAccessControl and the SetAccessControl methods to add an access control list (ACL) entry and then remove an ACL entry from a directory.You must supply a valid user or group account to run this example.


using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class DirectoryExample
    {
        public static void Main()
        {
            try
            {
                string DirectoryName = "TestDirectory";

                Console.WriteLine("Adding access control entry for " + DirectoryName);

                // Add the access control entry to the directory.
                AddDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Removing access control entry from " + DirectoryName);

                // Remove the access control entry from the directory.
                RemoveDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Done.");
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }

            Console.ReadLine();
        }

        // Adds an ACL entry on the specified directory for the specified account.
        public static void AddDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
        {
            // Create a new DirectoryInfo object.
            DirectoryInfo dInfo = new DirectoryInfo(FileName);

            // Get a DirectorySecurity object that represents the 
            // current security settings.
            DirectorySecurity dSecurity = dInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings. 
            dSecurity.AddAccessRule(new FileSystemAccessRule(Account,
                                                            Rights,
                                                            ControlType));

            // Set the new access settings.
            dInfo.SetAccessControl(dSecurity);

        }

        // Removes an ACL entry on the specified directory for the specified account.
        public static void RemoveDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
        {
            // Create a new DirectoryInfo object.
            DirectoryInfo dInfo = new DirectoryInfo(FileName);

            // Get a DirectorySecurity object that represents the 
            // current security settings.
            DirectorySecurity dSecurity = dInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings. 
            dSecurity.RemoveAccessRule(new FileSystemAccessRule(Account,
                                                            Rights,
                                                            ControlType));

            // Set the new access settings.
            dInfo.SetAccessControl(dSecurity);

        }
    }
}



.NET Framework

受以下版本支持:4.5、4、3.5、3.0、2.0

.NET Framework Client Profile

受以下版本支持:4、3.5 SP1

  • FileIOPermission 

    for permission to enumerate access control list (ACL) for a directory. Associated enumerations: NoAccess , View

    Security action: Demand.

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008(不支持服务器核心角色), Windows Server 2008 R2(支持带 SP1 或更高版本的服务器核心角色;不支持 Itanium)

并不是.NET Framework 对每个平台的所有版本都提供支持。有关支持的版本的列表,请参见.NET Framework 系统要求.

社区附加资源

添加
显示:
© 2015 Microsoft