MutexSecurity.AddAccessRule(MutexAccessRule) Method

Definition

Namespace:

System.Security.AccessControl

Assembly:

System.Threading.AccessControl.dll

Source:

MutexSecurity.cs

Searches for a matching access control rule with which the new rule can be merged. If none are found, adds the new rule.

C#

public void AddAccessRule(System.Security.AccessControl.MutexAccessRule rule);

Parameters

rule

MutexAccessRule

The access control rule to add.

Exceptions

ArgumentNullException

rule is null.

IdentityNotMappedException

rule cannot be mapped to a known identity.

Examples

The following code example demonstrates the separation between Allow rules and Deny rules, and shows the combination of rights in compatible rules. The example creates a MutexSecurity object, adds rules that allow and deny various rights for the current user, and displays the resulting pair of rules. The example then allows new rights for the current user and displays the result, showing that the new rights are merged with the existing Allow rule.

Note

This example does not attach the security object to a Mutex object. Examples that attach security objects can be found in Mutex.GetAccessControlMutex.SetAccessControl.

C#

using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;

public class Example
{
    public static void Main()
    {
        // Create a string representing the current user.
        string user = Environment.UserDomainName + "\\" + 
            Environment.UserName;

        // Create a security object that grants no access.
        MutexSecurity mSec = new MutexSecurity();

        // Add a rule that grants the current user the 
        // right to enter or release the mutex.
        MutexAccessRule rule = new MutexAccessRule(user, 
            MutexRights.Synchronize | MutexRights.Modify, 
            AccessControlType.Allow);
        mSec.AddAccessRule(rule);

        // Add a rule that denies the current user the 
        // right to change permissions on the mutex.
        rule = new MutexAccessRule(user, 
            MutexRights.ChangePermissions, 
            AccessControlType.Deny);
        mSec.AddAccessRule(rule);

        // Display the rules in the security object.
        ShowSecurity(mSec);

        // Add a rule that allows the current user the 
        // right to read permissions on the mutex. This rule
        // is merged with the existing Allow rule.
        rule = new MutexAccessRule(user, 
            MutexRights.ReadPermissions, 
            AccessControlType.Allow);
        mSec.AddAccessRule(rule);

        ShowSecurity(mSec);
    }

    private static void ShowSecurity(MutexSecurity security)
    {
        Console.WriteLine("\r\nCurrent access rules:\r\n");

        foreach(MutexAccessRule ar in 
            security.GetAccessRules(true, true, typeof(NTAccount)))
        {
            Console.WriteLine("        User: {0}", ar.IdentityReference);
            Console.WriteLine("        Type: {0}", ar.AccessControlType);
            Console.WriteLine("      Rights: {0}", ar.MutexRights);
            Console.WriteLine();
        }
    }
}

/*This code example produces output similar to following:

Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, Synchronize


Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, ReadPermissions, Synchronize
 */

Remarks

The AddAccessRule method searches for rules with the same user or group and the same AccessControlType as rule. If none are found, rule is added. If a matching rule is found, the rights in rule are merged with the existing rule.

Applies to