class NetDirectorySecurity : NativeObjectSecurity
{
public NetDirectorySecurity(string ResName, AccessControlSections IncludeSections)
: base(true, ResourceType.LMShare, ResName, IncludeSections)
{
}
private static FileSystemRights RightsFromAccessMask(int accessMask)
{
return (FileSystemRights)accessMask;
}
public sealed override AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask,
bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type)
{
return new FileSystemAccessRule(identityReference, RightsFromAccessMask(accessMask), inheritanceFlags, propagationFlags, type);
}
public sealed override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask,
bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
{
return new FileSystemAuditRule(identityReference, RightsFromAccessMask(accessMask), inheritanceFlags, propagationFlags, flags);
}
public override Type AccessRightType { get { return typeof(FileSystemRights); } }
public override Type AccessRuleType { get { return typeof(FileSystemAccessRule); } }
public override Type AuditRuleType { get { return typeof(FileSystemAuditRule); } }
}
NetDirectorySecurity nds = new NetDirectorySecurity(sharedName, AccessControlSections.Access);
var permissions = nds.GetAccessRules(true, true, typeof(SecurityIdentifier));
FileSystemRights denyRights = 0;
FileSystemRights allowRights = 0;
var accessRules = permissions.Cast<FileSystemAccessRule>().Where(ar => ar.IdentityReference.Value == sid).ToList();
if (accessRules.Count == 0) mask = 0;
foreach (var accessRule in accessRules)
{
if (accessRule.AccessControlType == AccessControlType.Deny)
{
denyRights |= accessRule.FileSystemRights;
}
else
{
allowRights |= accessRule.FileSystemRights;
}
}
var mask = (int)((allowRights | denyRights) ^ denyRights);
Комментариев нет:
Отправить комментарий