<th id="v9g6b"><track id="v9g6b"></track></th>

  • <em id="v9g6b"><acronym id="v9g6b"></acronym></em>
    <progress id="v9g6b"><pre id="v9g6b"></pre></progress>
    <tbody id="v9g6b"></tbody>
    <button id="v9g6b"><acronym id="v9g6b"></acronym></button>
    <rp id="v9g6b"><ruby id="v9g6b"></ruby></rp>

        <dd id="v9g6b"></dd>

        <em id="v9g6b"></em>

          B/S开发框架|修改文件或文件夹的权限|为指定用户用户组添加完全控制权限

          .net 控制windows修改文件或文件夹的权限,为用户用户组添加权限等相关内容,在B/S开发框架实施期间做了一些总结。我们把这方面的研究跟大家分享,一起学习。

          先贴代码

          分析解释


          先贴代码


          using System.Collections.Generic;
          using System.IO;
          using System.Security.AccessControl;
          using System.Security.Principal;
          
          
          namespace YunMFramework
          {
              /// <summary>
              /// File permission helper
              /// </summary>
              public static class FilePermissionHelper
              {
                  /// <summary>
                  /// Check permissions
                  /// </summary>
                  /// <param name="path">Path</param>
                  /// <param name="checkRead">Check read</param>
                  /// <param name="checkWrite">Check write</param>
                  /// <param name="checkModify">Check modify</param>
                  /// <param name="checkDelete">Check delete</param>
                  /// <returns>Result</returns>
                  public static bool CheckPermissions(string path, bool checkRead, bool checkWrite, bool checkModify, bool checkDelete)
                  {
                      bool flag = false;
                      bool flag2 = false;
                      bool flag3 = false;
                      bool flag4 = false;
                      bool flag5 = false;
                      bool flag6 = false;
                      bool flag7 = false;
                      bool flag8 = false;
                      WindowsIdentity current = WindowsIdentity.GetCurrent();
                      AuthorizationRuleCollection rules;
                      try
                      {
                          rules = Directory.GetAccessControl(path).GetAccessRules(true, true, typeof(SecurityIdentifier));
                      }
                      catch
                      {
                          return true;
                      }
                      try
                      {
                          foreach (FileSystemAccessRule rule in rules)
                          {
                              if (!current.User.Equals(rule.IdentityReference))
                              {
                                  continue;
                              }
                              if (AccessControlType.Deny.Equals(rule.AccessControlType))
                              {
                                  if ((FileSystemRights.Delete & rule.FileSystemRights) == FileSystemRights.Delete)
                                      flag4 = true;
                                  if ((FileSystemRights.Modify & rule.FileSystemRights) == FileSystemRights.Modify)
                                      flag3 = true;
          
                                  if ((FileSystemRights.Read & rule.FileSystemRights) == FileSystemRights.Read)
                                      flag = true;
          
                                  if ((FileSystemRights.Write & rule.FileSystemRights) == FileSystemRights.Write)
                                      flag2 = true;
          
                                  continue;
                              }
                              if (AccessControlType.Allow.Equals(rule.AccessControlType))
                              {
                                  if ((FileSystemRights.Delete & rule.FileSystemRights) == FileSystemRights.Delete)
                                  {
                                      flag8 = true;
                                  }
                                  if ((FileSystemRights.Modify & rule.FileSystemRights) == FileSystemRights.Modify)
                                  {
                                      flag7 = true;
                                  }
                                  if ((FileSystemRights.Read & rule.FileSystemRights) == FileSystemRights.Read)
                                  {
                                      flag5 = true;
                                  }
                                  if ((FileSystemRights.Write & rule.FileSystemRights) == FileSystemRights.Write)
                                  {
                                      flag6 = true;
                                  }
                              }
                          }
                          foreach (IdentityReference reference in current.Groups)
                          {
                              foreach (FileSystemAccessRule rule2 in rules)
                              {
                                  if (!reference.Equals(rule2.IdentityReference))
                                  {
                                      continue;
                                  }
                                  if (AccessControlType.Deny.Equals(rule2.AccessControlType))
                                  {
                                      if ((FileSystemRights.Delete & rule2.FileSystemRights) == FileSystemRights.Delete)
                                          flag4 = true;
                                      if ((FileSystemRights.Modify & rule2.FileSystemRights) == FileSystemRights.Modify)
                                          flag3 = true;
                                      if ((FileSystemRights.Read & rule2.FileSystemRights) == FileSystemRights.Read)
                                          flag = true;
                                      if ((FileSystemRights.Write & rule2.FileSystemRights) == FileSystemRights.Write)
                                          flag2 = true;
                                      continue;
                                  }
                                  if (AccessControlType.Allow.Equals(rule2.AccessControlType))
                                  {
                                      if ((FileSystemRights.Delete & rule2.FileSystemRights) == FileSystemRights.Delete)
                                          flag8 = true;
                                      if ((FileSystemRights.Modify & rule2.FileSystemRights) == FileSystemRights.Modify)
                                          flag7 = true;
                                      if ((FileSystemRights.Read & rule2.FileSystemRights) == FileSystemRights.Read)
                                          flag5 = true;
                                      if ((FileSystemRights.Write & rule2.FileSystemRights) == FileSystemRights.Write)
                                          flag6 = true;
                                  }
                              }
                          }
                          bool flag9 = !flag4 && flag8;
                          bool flag10 = !flag3 && flag7;
                          bool flag11 = !flag && flag5;
                          bool flag12 = !flag2 && flag6;
                          bool flag13 = true;
                          if (checkRead)
                          {
                              flag13 = flag13 && flag11;
                          }
                          if (checkWrite)
                          {
                              flag13 = flag13 && flag12;
                          }
                          if (checkModify)
                          {
                              flag13 = flag13 && flag10;
                          }
                          if (checkDelete)
                          {
                              flag13 = flag13 && flag9;
                          }
                          return flag13;
                      }
                      catch (IOException)
                      {
                      }
                      return false;
                  }
          
                  /// <summary>
                  /// Gets a list of directories (physical paths) which require write permission
                  /// </summary>
                  /// <param name="webHelper">Web helper</param>
                  /// <returns>Result</returns>
                  public static IEnumerable<string> GetDirectoriesWrite(IWebHelper webHelper)
                  {
                      string rootDir = webHelper.MapPath("~/");
                      var dirsToCheck = new List<string>();
                      //dirsToCheck.Add(rootDir);
                      dirsToCheck.Add(Path.Combine(rootDir, "App_Data"));
                      dirsToCheck.Add(Path.Combine(rootDir, "bin"));
                      dirsToCheck.Add(Path.Combine(rootDir, "content"));
                      dirsToCheck.Add(Path.Combine(rootDir, "content\\images"));
                      dirsToCheck.Add(Path.Combine(rootDir, "content\\images\\thumbs"));
                      dirsToCheck.Add(Path.Combine(rootDir, "content\\images\\uploaded"));
                      dirsToCheck.Add(Path.Combine(rootDir, "content\\files\\exportimport"));
                      dirsToCheck.Add(Path.Combine(rootDir, "plugins"));
                      dirsToCheck.Add(Path.Combine(rootDir, "plugins\\bin"));
                      return dirsToCheck;
                  }
          
                  /// <summary>
                  /// Gets a list of files (physical paths) which require write permission
                  /// </summary>
                  /// <param name="webHelper">Web helper</param>
                  /// <returns>Result</returns>
                  public static IEnumerable<string> GetFilesWrite(IWebHelper webHelper)
                  {
                      string rootDir = webHelper.MapPath("~/");
                      var filesToCheck = new List<string>();
                      filesToCheck.Add(Path.Combine(rootDir, "Global.asax"));
                      filesToCheck.Add(Path.Combine(rootDir, "web.config"));
                      filesToCheck.Add(Path.Combine(rootDir,"App_Data\\InstalledPlugins.txt"));
                      filesToCheck.Add(Path.Combine(rootDir, "App_Data\\Settings.txt"));
                      return filesToCheck;
                  }
          
                  public static bool SetAuthToFile(string wordPath)
                  {
                      //给Word文件所在目录添加"Everyone,Users"用户组的完全控制权限  
                      DirectoryInfo di = new DirectoryInfo(Path.GetDirectoryName(wordPath));  
                      System.Security.AccessControl.DirectorySecurity dirSecurity = di.GetAccessControl();  
                      dirSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));  
                      dirSecurity.AddAccessRule(new FileSystemAccessRule("Users", FileSystemRights.FullControl, AccessControlType.Allow));  
                      di.SetAccessControl(dirSecurity);  
                      //给Word文件添加"Everyone,Users"用户组的完全控制权限  
                      FileInfo fi = new FileInfo(wordPath);  
                      System.Security.AccessControl.FileSecurity fileSecurity = fi.GetAccessControl();  
                      fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));  
                      fileSecurity.AddAccessRule(new FileSystemAccessRule("Users", FileSystemRights.FullControl, AccessControlType.Allow));  
                      fi.SetAccessControl(fileSecurity);  
                  }
              }
          }
          


          分析解释

          引用库(dll)

          using System.IO:文件操作类库,包含File、Directory等WEB开发框架文件操作类。
          using System.Security.AccessControl:权限控制类库,包含AuthorizationRuleCollection、AuthorizationRuleCollection等B/S开发框架权限控制类
          using System.Security.Principal:授权类库,包含WindowsIdentity等web开发框架授权类。


          操作方法解释

          public static bool CheckPermissions(string path, bool checkRead, bool checkWrite, bool checkModify, bool checkDelete)
          对path路径的文件/文件夹读、写、删、改权限的判断。
          public static IEnumerable<string> GetDirectoriesWrite(IWebHelper webHelper)
          获取需要判断权限的文件夹路径集合。
          public static IEnumerable<string> GetFilesWrite(IWebHelper webHelper)
          获取需要判断权限的文件路径集合。
          public static bool SetAuthToFile(string wordPath) 给Word文件或文件目录添加"Everyone,Users"用户组的完全控制权限

          标签: B/S开发框架Web安全问题及防范规范标签

          网站&系统开发技术学习交流群:463167176

          本站文章除注明转载外,均为本站原创或翻译,欢迎任何形式的转载,但请务必注明出处,尊重他人劳动,共创和谐网络环境。
          转载请注明:文章转载自:华晨软件-云微开发平台 ? B/S开发框架|修改文件或文件夹的权限|为指定用户用户组添加完全控制权限
          本文标题:B/S开发框架|修改文件或文件夹的权限|为指定用户用户组添加完全控制权限
          本文地址:http://www.sajuice.com/OrgTec/DB/0015.html

          相关文章: 加密算法-MD5和Hash

          电话
          电话 18718672256

          扫一扫
          二维码
          本港台开奖 <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <文本链> <文本链> <文本链> <文本链> <文本链> <文本链>