MutexSecurity.AddAccessRule(MutexAccessRule) Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Searches for a matching access control rule with which the new rule can be merged. If none are found, adds the new rule.
public:
void AddAccessRule(System::Security::AccessControl::MutexAccessRule ^ rule);public void AddAccessRule (System.Security.AccessControl.MutexAccessRule rule);override this.AddAccessRule : System.Security.AccessControl.MutexAccessRule -> unitPublic Sub AddAccessRule (rule As MutexAccessRule)Parameters
- rule
- MutexAccessRule
The access control rule to add.
Exceptions
rule is null.
rule cannot be mapped to a known identity.
Examples
The following code example demonstrates the separation between Allow rules and Deny rules, and shows the combination of rights in compatible rules. The example creates a MutexSecurity object, adds rules that allow and deny various rights for the current user, and displays the resulting pair of rules. The example then allows new rights for the current user and displays the result, showing that the new rights are merged with the existing Allow rule.
Note
This example does not attach the security object to a Mutex object. Examples that attach security objects can be found in Mutex.GetAccessControlMutex.SetAccessControl.
using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;
public class Example
{
public static void Main()
{
// Create a string representing the current user.
string user = Environment.UserDomainName + "\\" +
Environment.UserName;
// Create a security object that grants no access.
MutexSecurity mSec = new MutexSecurity();
// Add a rule that grants the current user the
// right to enter or release the mutex.
MutexAccessRule rule = new MutexAccessRule(user,
MutexRights.Synchronize | MutexRights.Modify,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
// Add a rule that denies the current user the
// right to change permissions on the mutex.
rule = new MutexAccessRule(user,
MutexRights.ChangePermissions,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
// Display the rules in the security object.
ShowSecurity(mSec);
// Add a rule that allows the current user the
// right to read permissions on the mutex. This rule
// is merged with the existing Allow rule.
rule = new MutexAccessRule(user,
MutexRights.ReadPermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
ShowSecurity(mSec);
}
private static void ShowSecurity(MutexSecurity security)
{
Console.WriteLine("\r\nCurrent access rules:\r\n");
foreach(MutexAccessRule ar in
security.GetAccessRules(true, true, typeof(NTAccount)))
{
Console.WriteLine(" User: {0}", ar.IdentityReference);
Console.WriteLine(" Type: {0}", ar.AccessControlType);
Console.WriteLine(" Rights: {0}", ar.MutexRights);
Console.WriteLine();
}
}
}
/*This code example produces output similar to following:
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, Synchronize
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, ReadPermissions, Synchronize
*/
Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal
Public Class Example
Public Shared Sub Main()
' Create a string representing the current user.
Dim user As String = Environment.UserDomainName _
& "\" & Environment.UserName
' Create a security object that grants no access.
Dim mSec As New MutexSecurity()
' Add a rule that grants the current user the
' right to enter or release the mutex.
Dim rule As New MutexAccessRule(user, _
MutexRights.Synchronize _
Or MutexRights.Modify, _
AccessControlType.Allow)
mSec.AddAccessRule(rule)
' Add a rule that denies the current user the
' right to change permissions on the mutex.
rule = New MutexAccessRule(user, _
MutexRights.ChangePermissions, _
AccessControlType.Deny)
mSec.AddAccessRule(rule)
' Display the rules in the security object.
ShowSecurity(mSec)
' Add a rule that allows the current user the
' right to read permissions on the mutex. This rule
' is merged with the existing Allow rule.
rule = New MutexAccessRule(user, _
MutexRights.ReadPermissions, _
AccessControlType.Allow)
mSec.AddAccessRule(rule)
ShowSecurity(mSec)
End Sub
Private Shared Sub ShowSecurity(ByVal security As MutexSecurity)
Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)
For Each ar As MutexAccessRule In _
security.GetAccessRules(True, True, GetType(NTAccount))
Console.WriteLine(" User: {0}", ar.IdentityReference)
Console.WriteLine(" Type: {0}", ar.AccessControlType)
Console.WriteLine(" Rights: {0}", ar.MutexRights)
Console.WriteLine()
Next
End Sub
End Class
'This code example produces output similar to following:
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, Synchronize
'
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, ReadPermissions, Synchronize
Remarks
The AddAccessRule method searches for rules with the same user or group and the same AccessControlType as rule. If none are found, rule is added. If a matching rule is found, the rights in rule are merged with the existing rule.
