EventWaitHandleSecurity.RemoveAccessRuleSpecific Metode
Definisi
Penting
Beberapa informasi terkait produk prarilis yang dapat diubah secara signifikan sebelum dirilis. Microsoft tidak memberikan jaminan, tersirat maupun tersurat, sehubungan dengan informasi yang diberikan di sini.
Mencari aturan kontrol akses yang sama persis dengan aturan yang ditentukan dan, jika ditemukan, akan menghapusnya.
public:
void RemoveAccessRuleSpecific(System::Security::AccessControl::EventWaitHandleAccessRule ^ rule);
public void RemoveAccessRuleSpecific (System.Security.AccessControl.EventWaitHandleAccessRule rule);
override this.RemoveAccessRuleSpecific : System.Security.AccessControl.EventWaitHandleAccessRule -> unit
Public Sub RemoveAccessRuleSpecific (rule As EventWaitHandleAccessRule)
Parameter
yang EventWaitHandleAccessRule akan dihapus.
Pengecualian
rule
adalah null
.
Contoh
Contoh kode berikut menunjukkan bahwa metode memerlukan kecocokan RemoveAccessRuleSpecific yang tepat untuk menghapus aturan, dan bahwa aturan untuk mengizinkan dan menolak hak independen satu sama lain.
Contoh membuat EventWaitHandleSecurity objek, menambahkan aturan yang mengizinkan dan menolak berbagai hak untuk pengguna saat ini, lalu menggabungkan hak tambahan ke dalam Allow aturan akses. Contoh kemudian meneruskan aturan asli Allow ke RemoveAccessRuleSpecific metode , dan menampilkan hasilnya, menunjukkan bahwa tidak ada yang dihapus. Contoh kemudian membuat aturan yang cocok dengan Allow aturan dalam EventWaitHandleSecurity objek, dan berhasil menggunakan RemoveAccessRuleSpecific metode untuk menghapus aturan.
Catatan
Contoh ini tidak melampirkan objek keamanan ke EventWaitHandle objek. Contoh yang melampirkan objek keamanan dapat ditemukan di EventWaitHandle.GetAccessControl dan EventWaitHandle.SetAccessControl.
using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;
public class Example
{
public static void Main()
{
// Create a string representing the current user.
string user = Environment.UserDomainName + "\\" +
Environment.UserName;
// Create a security object that grants no access.
EventWaitHandleSecurity mSec = new EventWaitHandleSecurity();
// Add a rule that grants the current user the
// right to wait on or signal the event.
EventWaitHandleAccessRule ruleA = new EventWaitHandleAccessRule(user,
EventWaitHandleRights.Synchronize | EventWaitHandleRights.Modify,
AccessControlType.Allow);
mSec.AddAccessRule(ruleA);
// Add a rule that denies the current user the
// right to change permissions on the event.
EventWaitHandleAccessRule rule = new EventWaitHandleAccessRule(user,
EventWaitHandleRights.ChangePermissions,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
// Display the rules in the security object.
ShowSecurity(mSec);
// Add a rule that allows the current user the
// right to read permissions on the event. This rule
// is merged with the existing Allow rule.
rule = new EventWaitHandleAccessRule(user,
EventWaitHandleRights.ReadPermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
ShowSecurity(mSec);
// Attempt to remove the original rule (granting
// the right to wait on or signal the event) with
// RemoveAccessRuleSpecific. The removal fails,
// because the right to read the permissions on the
// event has been added to the rule, so that it no
// longer matches the original rule.
Console.WriteLine("Attempt to use RemoveAccessRuleSpecific on the original rule.");
mSec.RemoveAccessRuleSpecific(ruleA);
ShowSecurity(mSec);
// Create a rule that grants the current user
// the right to wait on or signal the event, and
// to read permissions. Use this rule to remove
// the Allow rule for the current user.
Console.WriteLine("Use RemoveAccessRuleSpecific with the correct rights.");
rule = new EventWaitHandleAccessRule(user,
EventWaitHandleRights.Synchronize | EventWaitHandleRights.Modify |
EventWaitHandleRights.ReadPermissions,
AccessControlType.Allow);
mSec.RemoveAccessRuleSpecific(rule);
ShowSecurity(mSec);
}
private static void ShowSecurity(EventWaitHandleSecurity security)
{
Console.WriteLine("\r\nCurrent access rules:\r\n");
foreach(EventWaitHandleAccessRule ar in
security.GetAccessRules(true, true, typeof(NTAccount)))
{
Console.WriteLine(" User: {0}", ar.IdentityReference);
Console.WriteLine(" Type: {0}", ar.AccessControlType);
Console.WriteLine(" Rights: {0}", ar.EventWaitHandleRights);
Console.WriteLine();
}
}
}
/*This code example produces output similar to following:
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, Synchronize
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, ReadPermissions, Synchronize
Attempt to use RemoveAccessRuleSpecific on the original rule.
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, ReadPermissions, Synchronize
Use RemoveAccessRuleSpecific with the correct rights.
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
*/
Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal
Public Class Example
Public Shared Sub Main()
' Create a string representing the current user.
Dim user As String = Environment.UserDomainName _
& "\" & Environment.UserName
' Create a security object that grants no access.
Dim mSec As New EventWaitHandleSecurity()
' Add a rule that grants the current user the
' right to wait on or signal the event.
Dim ruleA As New EventWaitHandleAccessRule(user, _
EventWaitHandleRights.Synchronize _
Or EventWaitHandleRights.Modify, _
AccessControlType.Allow)
mSec.AddAccessRule(ruleA)
' Add a rule that denies the current user the
' right to change permissions on the event.
Dim rule As New EventWaitHandleAccessRule(user, _
EventWaitHandleRights.ChangePermissions, _
AccessControlType.Deny)
mSec.AddAccessRule(rule)
' Display the rules in the security object.
ShowSecurity(mSec)
' Add a rule that allows the current user the
' right to read permissions on the event. This rule
' is merged with the existing Allow rule.
rule = New EventWaitHandleAccessRule(user, _
EventWaitHandleRights.ReadPermissions, _
AccessControlType.Allow)
mSec.AddAccessRule(rule)
ShowSecurity(mSec)
' Attempt to remove the original rule (granting
' the right to wait on or signal the event) with
' RemoveAccessRuleSpecific. The removal fails,
' because the right to read the permissions on the
' event has been added to the rule, so that it no
' longer matches the original rule.
Console.WriteLine("Attempt to use RemoveAccessRuleSpecific on the original rule.")
mSec.RemoveAccessRuleSpecific(ruleA)
ShowSecurity(mSec)
' Create a rule that grants the current user
' the right to wait on or signal the event, and
' to read permissions. Use this rule to remove
' the Allow rule for the current user.
Console.WriteLine("Use RemoveAccessRuleSpecific with the correct rights.")
rule = New EventWaitHandleAccessRule(user, _
EventWaitHandleRights.Synchronize _
Or EventWaitHandleRights.Modify _
Or EventWaitHandleRights.ReadPermissions, _
AccessControlType.Allow)
mSec.RemoveAccessRuleSpecific(rule)
ShowSecurity(mSec)
End Sub
Private Shared Sub ShowSecurity(ByVal security As EventWaitHandleSecurity)
Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)
For Each ar As EventWaitHandleAccessRule In _
security.GetAccessRules(True, True, GetType(NTAccount))
Console.WriteLine(" User: {0}", ar.IdentityReference)
Console.WriteLine(" Type: {0}", ar.AccessControlType)
Console.WriteLine(" Rights: {0}", ar.EventWaitHandleRights)
Console.WriteLine()
Next
End Sub
End Class
'This code example produces output similar to following:
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, Synchronize
'
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, ReadPermissions, Synchronize
'
'Attempt to use RemoveAccessRuleSpecific on the original rule.
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, ReadPermissions, Synchronize
'
'Use RemoveAccessRuleSpecific with the correct rights.
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
Keterangan
Aturan dihapus hanya jika persis cocok rule
di semua detail, termasuk bendera. Aturan lain dengan pengguna yang sama dan AccessControlType tidak terpengaruh.
Penting
Aturan mewakili satu atau beberapa entri kontrol akses (ACE) yang mendasarinya, dan entri ini dipisahkan atau digabungkan seperlunya saat Anda mengubah aturan keamanan akses untuk pengguna. Dengan demikian, aturan mungkin tidak lagi ada dalam bentuk tertentu yang dimilikinya ketika ditambahkan, dan dalam hal RemoveAccessRuleSpecific ini metode tidak dapat menghapusnya.