다음을 통해 공유


MutexSecurity.RemoveAccessRuleSpecific(MutexAccessRule) 메서드

정의

지정한 규칙과 정확히 일치하는 액세스 제어 규칙을 검색하여 제거합니다.

public:
 void RemoveAccessRuleSpecific(System::Security::AccessControl::MutexAccessRule ^ rule);
public void RemoveAccessRuleSpecific (System.Security.AccessControl.MutexAccessRule rule);
override this.RemoveAccessRuleSpecific : System.Security.AccessControl.MutexAccessRule -> unit
Public Sub RemoveAccessRuleSpecific (rule As MutexAccessRule)

매개 변수

rule
MutexAccessRule

제거할 MutexAccessRule입니다.

예외

rule이(가) null인 경우

예제

다음 코드 예제에서는 메서드가 RemoveAccessRuleSpecific 규칙을 제거하기 위해 정확히 일치해야 하며 권한을 허용하고 거부하는 규칙은 서로 독립적임을 보여 줍니다.

이 예제에서는 개체를 MutexSecurity 만들고 현재 사용자에 대한 다양한 권한을 허용 및 거부하는 규칙을 추가한 다음 액세스 규칙에 추가 권한을 Allow 병합합니다. 그런 다음, 이 예제에서는 원래 Allow 규칙을 메서드에 RemoveAccessRuleSpecific 전달하고 결과를 표시하여 삭제된 항목이 없음을 보여 줍니다. 그런 다음, 예제에서는 개체의 Allow 규칙과 일치하는 규칙을 MutexSecurity 생성하고 메서드를 RemoveAccessRuleSpecific 사용하여 규칙을 제거합니다.

참고

이 예제에서는 보안 개체를 개체에 Mutex 연결하지 않습니다. 보안 개체를 연결하는 예제는 및 Mutex.SetAccessControl에서 Mutex.GetAccessControl 찾을 수 있습니다.

using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;

public class Example
{
    public static void Main()
    {
        // Create a string representing the current user.
        string user = Environment.UserDomainName + "\\" + 
            Environment.UserName;

        // Create a security object that grants no access.
        MutexSecurity mSec = new MutexSecurity();

        // Add a rule that grants the current user the 
        // right to enter or release the mutex.
        MutexAccessRule ruleA = new MutexAccessRule(user, 
            MutexRights.Synchronize | MutexRights.Modify, 
            AccessControlType.Allow);
        mSec.AddAccessRule(ruleA);

        // Add a rule that denies the current user the 
        // right to change permissions on the mutex.
        MutexAccessRule rule = new MutexAccessRule(user, 
            MutexRights.ChangePermissions, 
            AccessControlType.Deny);
        mSec.AddAccessRule(rule);

        // Display the rules in the security object.
        ShowSecurity(mSec);

        // Add a rule that allows the current user the 
        // right to read permissions on the mutex. This rule
        // is merged with the existing Allow rule.
        rule = new MutexAccessRule(user, 
            MutexRights.ReadPermissions, 
            AccessControlType.Allow);
        mSec.AddAccessRule(rule);

        ShowSecurity(mSec);

        // Attempt to remove the original rule (granting
        // the right to enter or release the mutex) with 
        // RemoveAccessRuleSpecific. The removal fails,
        // because the right to read the permissions on the 
        // mutex has been added to the rule, so that it no 
        // longer matches the original rule.
        Console.WriteLine("Attempt to use RemoveAccessRuleSpecific on the original rule.");
        mSec.RemoveAccessRuleSpecific(ruleA);

        ShowSecurity(mSec);

        // Create a rule that grants the current user 
        // the right to enter or release the mutex, and
        // to read permissions. Use this rule to remove
        // the Allow rule for the current user.
        Console.WriteLine("Use RemoveAccessRuleSpecific with the correct rights.");
        rule = new MutexAccessRule(user, 
            MutexRights.Synchronize | MutexRights.Modify | 
                MutexRights.ReadPermissions, 
            AccessControlType.Allow);
        mSec.RemoveAccessRuleSpecific(rule);

        ShowSecurity(mSec);
    }

    private static void ShowSecurity(MutexSecurity security)
    {
        Console.WriteLine("\r\nCurrent access rules:\r\n");

        foreach(MutexAccessRule ar in 
            security.GetAccessRules(true, true, typeof(NTAccount)))
        {
            Console.WriteLine("        User: {0}", ar.IdentityReference);
            Console.WriteLine("        Type: {0}", ar.AccessControlType);
            Console.WriteLine("      Rights: {0}", ar.MutexRights);
            Console.WriteLine();
        }
    }
}

/*This code example produces output similar to following:

Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, Synchronize


Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, ReadPermissions, Synchronize

Attempt to use RemoveAccessRuleSpecific on the original rule.

Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, ReadPermissions, Synchronize

Use RemoveAccessRuleSpecific with the correct rights.

Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions
 */
Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal

Public Class Example

    Public Shared Sub Main()

        ' Create a string representing the current user.
        Dim user As String = Environment.UserDomainName _ 
            & "\" & Environment.UserName

        ' Create a security object that grants no access.
        Dim mSec As New MutexSecurity()

        ' Add a rule that grants the current user the 
        ' right to enter or release the mutex.
        Dim ruleA As New MutexAccessRule(user, _
            MutexRights.Synchronize _
            Or MutexRights.Modify, _
            AccessControlType.Allow)
        mSec.AddAccessRule(ruleA)

        ' Add a rule that denies the current user the 
        ' right to change permissions on the mutex.
        Dim rule As New MutexAccessRule(user, _
            MutexRights.ChangePermissions, _
            AccessControlType.Deny)
        mSec.AddAccessRule(rule)

        ' Display the rules in the security object.
        ShowSecurity(mSec)

        ' Add a rule that allows the current user the 
        ' right to read permissions on the mutex. This rule
        ' is merged with the existing Allow rule.
        rule = New MutexAccessRule(user, _
            MutexRights.ReadPermissions, _
            AccessControlType.Allow)
        mSec.AddAccessRule(rule)

        ShowSecurity(mSec)

        ' Attempt to remove the original rule (granting
        ' the right to enter or release the mutex) with 
        ' RemoveAccessRuleSpecific. The removal fails,
        ' because the right to read the permissions on the 
        ' mutex has been added to the rule, so that it no 
        ' longer matches the original rule.
        Console.WriteLine("Attempt to use RemoveAccessRuleSpecific on the original rule.")
        mSec.RemoveAccessRuleSpecific(ruleA)

        ShowSecurity(mSec)

        ' Create a rule that grants the current user 
        ' the right to enter or release the mutex, and
        ' to read permissions. Use this rule to remove
        ' the Allow rule for the current user.
        Console.WriteLine("Use RemoveAccessRuleSpecific with the correct rights.")
        rule = New MutexAccessRule(user, _
            MutexRights.Synchronize _
            Or MutexRights.Modify _
            Or MutexRights.ReadPermissions, _
            AccessControlType.Allow)
        mSec.RemoveAccessRuleSpecific(rule)

        ShowSecurity(mSec)
        
    End Sub 

    Private Shared Sub ShowSecurity(ByVal security As MutexSecurity)
        Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)

        For Each ar As MutexAccessRule In _
            security.GetAccessRules(True, True, GetType(NTAccount))

            Console.WriteLine("        User: {0}", ar.IdentityReference)
            Console.WriteLine("        Type: {0}", ar.AccessControlType)
            Console.WriteLine("      Rights: {0}", ar.MutexRights)
            Console.WriteLine()
        Next

    End Sub
End Class 

'This code example produces output similar to following:
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: Modify, Synchronize
'
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: Modify, ReadPermissions, Synchronize
'
'Attempt to use RemoveAccessRuleSpecific on the original rule.
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: Modify, ReadPermissions, Synchronize
'
'Use RemoveAccessRuleSpecific with the correct rights.
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions

설명

규칙은 플래그를 포함한 모든 세부 정보에서 정확히 일치하는 rule 경우에만 제거됩니다. 동일한 사용자가 있고 AccessControlType 영향을 받지 않는 다른 규칙입니다.

중요

규칙은 하나 이상의 기본 ACE(액세스 제어 항목)를 나타내며, 이러한 항목은 사용자의 액세스 보안 규칙을 수정할 때 필요에 따라 분할되거나 결합됩니다. 따라서 규칙이 추가될 때 가진 특정 양식에 더 이상 존재하지 않을 수 있으며, 이 경우 메서드가 RemoveAccessRuleSpecific 제거할 수 없습니다.

적용 대상