MutexSecurity.RemoveAccessRuleSpecific(MutexAccessRule) Metodo
Definizione
Importante
Alcune informazioni sono relative alla release non definitiva del prodotto, che potrebbe subire modifiche significative prima della release definitiva. Microsoft non riconosce alcuna garanzia, espressa o implicita, in merito alle informazioni qui fornite.
Cerca una regola di controllo di accesso che corrisponde esattamente alla regola specificata e, se trovata, la rimuove.
public:
void RemoveAccessRuleSpecific(System::Security::AccessControl::MutexAccessRule ^ rule);public void RemoveAccessRuleSpecific (System.Security.AccessControl.MutexAccessRule rule);override this.RemoveAccessRuleSpecific : System.Security.AccessControl.MutexAccessRule -> unitPublic Sub RemoveAccessRuleSpecific (rule As MutexAccessRule)Parametri
- rule
- MutexAccessRule
Oggetto MutexAccessRule da rimuovere.
Eccezioni
rule è null.
Esempio
Nell'esempio di codice seguente viene illustrato che il RemoveAccessRuleSpecific metodo richiede una corrispondenza esatta per rimuovere una regola e che le regole per consentire e negare i diritti sono indipendenti l'una dall'altra.
Nell'esempio viene creato un MutexSecurity oggetto , vengono aggiunte regole che consentono e negano vari diritti per l'utente corrente e quindi unisce diritti aggiuntivi alla Allow regola di accesso. L'esempio passa quindi la regola originale Allow al RemoveAccessRuleSpecific metodo e visualizza i risultati, mostrando che non viene eliminato alcun elemento. L'esempio crea quindi una regola che corrisponde alla Allow regola nell'oggetto MutexSecurity e usa correttamente il RemoveAccessRuleSpecific metodo per rimuovere la regola.
Nota
In questo esempio l'oggetto di sicurezza non viene associato a un Mutex oggetto . Esempi che collegano oggetti di sicurezza sono disponibili in Mutex.GetAccessControl e Mutex.SetAccessControl.
using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;
public class Example
{
public static void Main()
{
// Create a string representing the current user.
string user = Environment.UserDomainName + "\\" +
Environment.UserName;
// Create a security object that grants no access.
MutexSecurity mSec = new MutexSecurity();
// Add a rule that grants the current user the
// right to enter or release the mutex.
MutexAccessRule ruleA = new MutexAccessRule(user,
MutexRights.Synchronize | MutexRights.Modify,
AccessControlType.Allow);
mSec.AddAccessRule(ruleA);
// Add a rule that denies the current user the
// right to change permissions on the mutex.
MutexAccessRule rule = new MutexAccessRule(user,
MutexRights.ChangePermissions,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
// Display the rules in the security object.
ShowSecurity(mSec);
// Add a rule that allows the current user the
// right to read permissions on the mutex. This rule
// is merged with the existing Allow rule.
rule = new MutexAccessRule(user,
MutexRights.ReadPermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
ShowSecurity(mSec);
// Attempt to remove the original rule (granting
// the right to enter or release the mutex) with
// RemoveAccessRuleSpecific. The removal fails,
// because the right to read the permissions on the
// mutex has been added to the rule, so that it no
// longer matches the original rule.
Console.WriteLine("Attempt to use RemoveAccessRuleSpecific on the original rule.");
mSec.RemoveAccessRuleSpecific(ruleA);
ShowSecurity(mSec);
// Create a rule that grants the current user
// the right to enter or release the mutex, and
// to read permissions. Use this rule to remove
// the Allow rule for the current user.
Console.WriteLine("Use RemoveAccessRuleSpecific with the correct rights.");
rule = new MutexAccessRule(user,
MutexRights.Synchronize | MutexRights.Modify |
MutexRights.ReadPermissions,
AccessControlType.Allow);
mSec.RemoveAccessRuleSpecific(rule);
ShowSecurity(mSec);
}
private static void ShowSecurity(MutexSecurity security)
{
Console.WriteLine("\r\nCurrent access rules:\r\n");
foreach(MutexAccessRule ar in
security.GetAccessRules(true, true, typeof(NTAccount)))
{
Console.WriteLine(" User: {0}", ar.IdentityReference);
Console.WriteLine(" Type: {0}", ar.AccessControlType);
Console.WriteLine(" Rights: {0}", ar.MutexRights);
Console.WriteLine();
}
}
}
/*This code example produces output similar to following:
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, Synchronize
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, ReadPermissions, Synchronize
Attempt to use RemoveAccessRuleSpecific on the original rule.
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, ReadPermissions, Synchronize
Use RemoveAccessRuleSpecific with the correct rights.
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
*/
Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal
Public Class Example
Public Shared Sub Main()
' Create a string representing the current user.
Dim user As String = Environment.UserDomainName _
& "\" & Environment.UserName
' Create a security object that grants no access.
Dim mSec As New MutexSecurity()
' Add a rule that grants the current user the
' right to enter or release the mutex.
Dim ruleA As New MutexAccessRule(user, _
MutexRights.Synchronize _
Or MutexRights.Modify, _
AccessControlType.Allow)
mSec.AddAccessRule(ruleA)
' Add a rule that denies the current user the
' right to change permissions on the mutex.
Dim rule As New MutexAccessRule(user, _
MutexRights.ChangePermissions, _
AccessControlType.Deny)
mSec.AddAccessRule(rule)
' Display the rules in the security object.
ShowSecurity(mSec)
' Add a rule that allows the current user the
' right to read permissions on the mutex. This rule
' is merged with the existing Allow rule.
rule = New MutexAccessRule(user, _
MutexRights.ReadPermissions, _
AccessControlType.Allow)
mSec.AddAccessRule(rule)
ShowSecurity(mSec)
' Attempt to remove the original rule (granting
' the right to enter or release the mutex) with
' RemoveAccessRuleSpecific. The removal fails,
' because the right to read the permissions on the
' mutex has been added to the rule, so that it no
' longer matches the original rule.
Console.WriteLine("Attempt to use RemoveAccessRuleSpecific on the original rule.")
mSec.RemoveAccessRuleSpecific(ruleA)
ShowSecurity(mSec)
' Create a rule that grants the current user
' the right to enter or release the mutex, and
' to read permissions. Use this rule to remove
' the Allow rule for the current user.
Console.WriteLine("Use RemoveAccessRuleSpecific with the correct rights.")
rule = New MutexAccessRule(user, _
MutexRights.Synchronize _
Or MutexRights.Modify _
Or MutexRights.ReadPermissions, _
AccessControlType.Allow)
mSec.RemoveAccessRuleSpecific(rule)
ShowSecurity(mSec)
End Sub
Private Shared Sub ShowSecurity(ByVal security As MutexSecurity)
Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)
For Each ar As MutexAccessRule In _
security.GetAccessRules(True, True, GetType(NTAccount))
Console.WriteLine(" User: {0}", ar.IdentityReference)
Console.WriteLine(" Type: {0}", ar.AccessControlType)
Console.WriteLine(" Rights: {0}", ar.MutexRights)
Console.WriteLine()
Next
End Sub
End Class
'This code example produces output similar to following:
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, Synchronize
'
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, ReadPermissions, Synchronize
'
'Attempt to use RemoveAccessRuleSpecific on the original rule.
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, ReadPermissions, Synchronize
'
'Use RemoveAccessRuleSpecific with the correct rights.
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
Commenti
La regola viene rimossa solo se corrisponde rule esattamente a tutti i dettagli, inclusi i flag. Altre regole con lo stesso utente e AccessControlType non sono interessate.
Importante
Una regola rappresenta una o più voci di controllo di accesso sottostanti e queste voci vengono suddivise o combinate in base alle esigenze quando si modificano le regole di sicurezza di accesso per un utente. Pertanto, una regola potrebbe non esistere più nel formato specifico in cui era stata aggiunta e in questo caso il RemoveAccessRuleSpecific metodo non può rimuoverla.
Si applica a
Commenti e suggerimenti
Presto disponibile: Nel corso del 2024 verranno gradualmente disattivati i problemi di GitHub come meccanismo di feedback per il contenuto e ciò verrà sostituito con un nuovo sistema di feedback. Per altre informazioni, vedere https://aka.ms/ContentUserFeedback.
Invia e visualizza il feedback per