FileSystemSecurity.AddAccessRule(FileSystemAccessRule) Method

Definition

Namespace:

System.Security.AccessControl

Assembly:

System.IO.FileSystem.AccessControl.dll

Adds the specified access control list (ACL) permission to the current file or directory.

C#

public void AddAccessRule(System.Security.AccessControl.FileSystemAccessRule rule);

Parameters

rule

FileSystemAccessRule

A FileSystemAccessRule object that represents an access control list (ACL) permission to add to a file or directory.

Exceptions

ArgumentNullException

The rule parameter is null.

Examples

The following code example uses the FileSecurity class to add and then remove an access control list (ACL) entry from a file. You must supply a valid user or group account to run this example.

C#

using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class FileExample
    {
        public static void Main()
        {
            try
            {
                string fileName = "test.xml";

                Console.WriteLine($"Adding access control entry for {fileName}");

                // Add the access control entry to the file.
                AddFileSecurity(fileName, @"DomainName\AccountName",
                    FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine($"Removing access control entry from {fileName}");

                // Remove the access control entry from the file.
                RemoveFileSecurity(fileName, @"DomainName\AccountName",
                    FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Done.");
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }
        }

        // Adds an ACL entry on the specified file for the specified account.
        public static void AddFileSecurity(string fileName, string account,
            FileSystemRights rights, AccessControlType controlType)
        {
            FileInfo fileInfo = new(fileName);
            FileSecurity fSecurity = fileInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings.
            fSecurity.AddAccessRule(new FileSystemAccessRule(account,
                rights, controlType));

            // Set the new access settings.
            fileInfo.SetAccessControl(fSecurity);
        }

        // Removes an ACL entry on the specified file for the specified account.
        public static void RemoveFileSecurity(string fileName, string account,
            FileSystemRights rights, AccessControlType controlType)
        {
            FileInfo fileInfo = new(fileName);
            FileSecurity fSecurity = fileInfo.GetAccessControl();

            // Remove the FileSystemAccessRule from the security settings.
            fSecurity.RemoveAccessRule(new FileSystemAccessRule(account,
                rights, controlType));

            // Set the new access settings.
            fileInfo.SetAccessControl(fSecurity);
        }
    }
}

Remarks

The AddAccessRule method adds a new rule to the list of rules contained within a FileSystemSecurity object.

If an access control list (ACL) already exists for the specified rule, the AddAccessRule method will still add the rule, with one exception: a FileSystemAccessRule object created using the Deny enumeration value supersedes an object created using the Allow enumeration value.

Use the following .NET implementation-dependent methods to add or retrieve ACL information from a file:

.NET implementation	Add rules	Retrieve rules
.NET	FileSystemAclExtensions.SetAccessControl(FileInfo, FileSecurity)	FileSystemAclExtensions.GetAccessControl(FileInfo)
.NET Framework	FileInfo.SetAccessControl(FileSecurity)	FileInfo.GetAccessControl()

When you add an access rule without setting the Synchronize flag, the Synchronize flag will be automatically added to your rule. If you remove the rule later without specifying the Synchronize flag, the flag will automatically be removed.

Applies to