FileSystemSecurity.RemoveAccessRule(FileSystemAccessRule) Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Removes all matching allow or deny access control list (ACL) permissions from the current file or directory.
public:
bool RemoveAccessRule(System::Security::AccessControl::FileSystemAccessRule ^ rule);public bool RemoveAccessRule (System.Security.AccessControl.FileSystemAccessRule rule);override this.RemoveAccessRule : System.Security.AccessControl.FileSystemAccessRule -> boolPublic Function RemoveAccessRule (rule As FileSystemAccessRule) As BooleanParameters
- rule
- FileSystemAccessRule
A FileSystemAccessRule object that represents an access control list (ACL) permission to remove from a file or directory.
Returns
true if the access rule was removed; otherwise, false.
Exceptions
The rule parameter is null.
Examples
The following code example uses the FileSecurity class to add and then remove an access control list (ACL) entry from a file. You must supply a valid user or group account to run this example.
using System;
using System.IO;
using System.Security.AccessControl;
namespace FileSystemExample
{
class FileExample
{
public static void Main()
{
try
{
string fileName = "test.xml";
Console.WriteLine($"Adding access control entry for {fileName}");
// Add the access control entry to the file.
AddFileSecurity(fileName, @"DomainName\AccountName",
FileSystemRights.ReadData, AccessControlType.Allow);
Console.WriteLine($"Removing access control entry from {fileName}");
// Remove the access control entry from the file.
RemoveFileSecurity(fileName, @"DomainName\AccountName",
FileSystemRights.ReadData, AccessControlType.Allow);
Console.WriteLine("Done.");
}
catch (Exception e)
{
Console.WriteLine(e);
}
}
// Adds an ACL entry on the specified file for the specified account.
public static void AddFileSecurity(string fileName, string account,
FileSystemRights rights, AccessControlType controlType)
{
FileInfo fileInfo = new(fileName);
FileSecurity fSecurity = fileInfo.GetAccessControl();
// Add the FileSystemAccessRule to the security settings.
fSecurity.AddAccessRule(new FileSystemAccessRule(account,
rights, controlType));
// Set the new access settings.
fileInfo.SetAccessControl(fSecurity);
}
// Removes an ACL entry on the specified file for the specified account.
public static void RemoveFileSecurity(string fileName, string account,
FileSystemRights rights, AccessControlType controlType)
{
FileInfo fileInfo = new(fileName);
FileSecurity fSecurity = fileInfo.GetAccessControl();
// Remove the FileSystemAccessRule from the security settings.
fSecurity.RemoveAccessRule(new FileSystemAccessRule(account,
rights, controlType));
// Set the new access settings.
fileInfo.SetAccessControl(fSecurity);
}
}
}
Imports System.IO
Imports System.Security.AccessControl
Module FileExample
Sub Main()
Try
Dim fileName As String = "test.xml"
Console.WriteLine("Adding access control entry for " & fileName)
' Add the access control entry to the file.
AddFileSecurity(fileName, "DomainName\AccountName",
FileSystemRights.ReadData, AccessControlType.Allow)
Console.WriteLine("Removing access control entry from " & fileName)
' Remove the access control entry from the file.
RemoveFileSecurity(fileName, "DomainName\AccountName",
FileSystemRights.ReadData, AccessControlType.Allow)
Console.WriteLine("Done.")
Catch e As Exception
Console.WriteLine(e)
End Try
End Sub
' Adds an ACL entry on the specified file for the specified account.
Sub AddFileSecurity(ByVal fileName As String, ByVal account As String,
ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)
Dim fileInfo As New FileInfo(fileName)
Dim fSecurity As FileSecurity = fileInfo.GetAccessControl()
' Add the FileSystemAccessRule to the security settings.
Dim accessRule As New FileSystemAccessRule(account, rights, controlType)
fSecurity.AddAccessRule(accessRule)
' Set the new access settings.
fileInfo.SetAccessControl(fSecurity)
End Sub
' Removes an ACL entry on the specified file for the specified account.
Sub RemoveFileSecurity(ByVal fileName As String, ByVal account As String,
ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)
Dim fileInfo As New FileInfo(fileName)
Dim fSecurity As FileSecurity = fileInfo.GetAccessControl()
' Remove the FileSystemAccessRule from the security settings.
fSecurity.RemoveAccessRule(New FileSystemAccessRule(account,
rights, controlType))
' Set the new access settings.
fileInfo.SetAccessControl(fSecurity)
End Sub
End Module
Remarks
The RemoveAccessRule method removes either all matching Deny access rules or all matching Allow access rules from the current FileSystemSecurity object. For example, you can use this method to remove all Deny access rules for a user by passing a FileSystemAccessRule object created using the Deny value, the Read value, and a user account. When you do this, the RemoveAccessRule method removes any deny rules that specify the Read value or the Write value.
Use the following .NET implementation-dependent methods to add or retrieve ACL information from a file:
| .NET implementation | Add rules | Retrieve rules |
|---|---|---|
| .NET | FileSystemAclExtensions.SetAccessControl(FileInfo, FileSecurity) | FileSystemAclExtensions.GetAccessControl(FileInfo) |
| .NET Framework | FileInfo.SetAccessControl(FileSecurity) | FileInfo.GetAccessControl() |
When you add an access rule without setting the Synchronize flag, the Synchronize flag will be automatically added to your rule. If you remove the rule later without specifying the Synchronize flag, the flag will automatically be removed.
Applies to
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for