FileSystemAccessRule Constructors
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Initializes a new instance of the FileSystemAccessRule class.
Overloads
| FileSystemAccessRule(IdentityReference, FileSystemRights, AccessControlType) |
Initializes a new instance of the FileSystemAccessRule class using a reference to a user account, a value that specifies the type of operation associated with the access rule, and a value that specifies whether to allow or deny the operation. |
| FileSystemAccessRule(String, FileSystemRights, AccessControlType) |
Initializes a new instance of the FileSystemAccessRule class using the name of a user account, a value that specifies the type of operation associated with the access rule, and a value that describes whether to allow or deny the operation. |
| FileSystemAccessRule(IdentityReference, FileSystemRights, InheritanceFlags, PropagationFlags, AccessControlType) |
Initializes a new instance of the FileSystemAccessRule class using a reference to a user account, a value that specifies the type of operation associated with the access rule, a value that determines how rights are inherited, a value that determines how rights are propagated, and a value that specifies whether to allow or deny the operation. |
| FileSystemAccessRule(String, FileSystemRights, InheritanceFlags, PropagationFlags, AccessControlType) |
Initializes a new instance of the FileSystemAccessRule class using the name of a user account, a value that specifies the type of operation associated with the access rule, a value that determines how rights are inherited, a value that determines how rights are propagated, and a value that specifies whether to allow or deny the operation. |
FileSystemAccessRule(IdentityReference, FileSystemRights, AccessControlType)
Initializes a new instance of the FileSystemAccessRule class using a reference to a user account, a value that specifies the type of operation associated with the access rule, and a value that specifies whether to allow or deny the operation.
public:
FileSystemAccessRule(System::Security::Principal::IdentityReference ^ identity, System::Security::AccessControl::FileSystemRights fileSystemRights, System::Security::AccessControl::AccessControlType type);public FileSystemAccessRule (System.Security.Principal.IdentityReference identity, System.Security.AccessControl.FileSystemRights fileSystemRights, System.Security.AccessControl.AccessControlType type);new System.Security.AccessControl.FileSystemAccessRule : System.Security.Principal.IdentityReference * System.Security.AccessControl.FileSystemRights * System.Security.AccessControl.AccessControlType -> System.Security.AccessControl.FileSystemAccessRulePublic Sub New (identity As IdentityReference, fileSystemRights As FileSystemRights, type As AccessControlType)Parameters
- identity
- IdentityReference
An IdentityReference object that encapsulates a reference to a user account.
- fileSystemRights
- FileSystemRights
One of the FileSystemRights values that specifies the type of operation associated with the access rule.
- type
- AccessControlType
One of the AccessControlType values that specifies whether to allow or deny the operation.
Exceptions
The identity parameter is not an IdentityReference object.
The identity parameter is null.
An incorrect enumeration was passed to the type parameter.
Remarks
Use this constructor to create an access control rule that you can persist using the FileSecurity or DirectorySecurity class. Access control rules define user account rights that determine which actions are allowed or disallowed on computers running Microsoft Windows.
Applies to
FileSystemAccessRule(String, FileSystemRights, AccessControlType)
Initializes a new instance of the FileSystemAccessRule class using the name of a user account, a value that specifies the type of operation associated with the access rule, and a value that describes whether to allow or deny the operation.
public:
FileSystemAccessRule(System::String ^ identity, System::Security::AccessControl::FileSystemRights fileSystemRights, System::Security::AccessControl::AccessControlType type);public FileSystemAccessRule (string identity, System.Security.AccessControl.FileSystemRights fileSystemRights, System.Security.AccessControl.AccessControlType type);new System.Security.AccessControl.FileSystemAccessRule : string * System.Security.AccessControl.FileSystemRights * System.Security.AccessControl.AccessControlType -> System.Security.AccessControl.FileSystemAccessRulePublic Sub New (identity As String, fileSystemRights As FileSystemRights, type As AccessControlType)Parameters
- identity
- String
The name of a user account.
- fileSystemRights
- FileSystemRights
One of the FileSystemRights values that specifies the type of operation associated with the access rule.
- type
- AccessControlType
One of the AccessControlType values that specifies whether to allow or deny the operation.
Exceptions
The identity parameter is null.
An incorrect enumeration was passed to the type parameter.
Examples
The following code example uses the FileSecurity class to add and then remove an access control entry (ACE) from a file. You must supply a valid user or group account to run this example.
using System;
using System.IO;
using System.Security.AccessControl;
namespace FileSystemExample
{
class FileExample
{
public static void Main()
{
try
{
string fileName = "test.xml";
Console.WriteLine($"Adding access control entry for {fileName}");
// Add the access control entry to the file.
AddFileSecurity(fileName, @"DomainName\AccountName",
FileSystemRights.ReadData, AccessControlType.Allow);
Console.WriteLine($"Removing access control entry from {fileName}");
// Remove the access control entry from the file.
RemoveFileSecurity(fileName, @"DomainName\AccountName",
FileSystemRights.ReadData, AccessControlType.Allow);
Console.WriteLine("Done.");
}
catch (Exception e)
{
Console.WriteLine(e);
}
}
// Adds an ACL entry on the specified file for the specified account.
public static void AddFileSecurity(string fileName, string account,
FileSystemRights rights, AccessControlType controlType)
{
FileInfo fileInfo = new(fileName);
FileSecurity fSecurity = fileInfo.GetAccessControl();
// Add the FileSystemAccessRule to the security settings.
fSecurity.AddAccessRule(new FileSystemAccessRule(account,
rights, controlType));
// Set the new access settings.
fileInfo.SetAccessControl(fSecurity);
}
// Removes an ACL entry on the specified file for the specified account.
public static void RemoveFileSecurity(string fileName, string account,
FileSystemRights rights, AccessControlType controlType)
{
FileInfo fileInfo = new(fileName);
FileSecurity fSecurity = fileInfo.GetAccessControl();
// Remove the FileSystemAccessRule from the security settings.
fSecurity.RemoveAccessRule(new FileSystemAccessRule(account,
rights, controlType));
// Set the new access settings.
fileInfo.SetAccessControl(fSecurity);
}
}
}
Imports System.IO
Imports System.Security.AccessControl
Module FileExample
Sub Main()
Try
Dim fileName As String = "test.xml"
Console.WriteLine("Adding access control entry for " & fileName)
' Add the access control entry to the file.
AddFileSecurity(fileName, "DomainName\AccountName",
FileSystemRights.ReadData, AccessControlType.Allow)
Console.WriteLine("Removing access control entry from " & fileName)
' Remove the access control entry from the file.
RemoveFileSecurity(fileName, "DomainName\AccountName",
FileSystemRights.ReadData, AccessControlType.Allow)
Console.WriteLine("Done.")
Catch e As Exception
Console.WriteLine(e)
End Try
End Sub
' Adds an ACL entry on the specified file for the specified account.
Sub AddFileSecurity(ByVal fileName As String, ByVal account As String,
ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)
Dim fileInfo As New FileInfo(fileName)
Dim fSecurity As FileSecurity = fileInfo.GetAccessControl()
' Add the FileSystemAccessRule to the security settings.
Dim accessRule As New FileSystemAccessRule(account, rights, controlType)
fSecurity.AddAccessRule(accessRule)
' Set the new access settings.
fileInfo.SetAccessControl(fSecurity)
End Sub
' Removes an ACL entry on the specified file for the specified account.
Sub RemoveFileSecurity(ByVal fileName As String, ByVal account As String,
ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)
Dim fileInfo As New FileInfo(fileName)
Dim fSecurity As FileSecurity = fileInfo.GetAccessControl()
' Remove the FileSystemAccessRule from the security settings.
fSecurity.RemoveAccessRule(New FileSystemAccessRule(account,
rights, controlType))
' Set the new access settings.
fileInfo.SetAccessControl(fSecurity)
End Sub
End Module
Remarks
Use this constructor to create an access control rule that you can persist using the FileSecurity or DirectorySecurity class. Access control rules define user account rights that determine which actions are allowed or disallowed on computers running Microsoft Windows.
The identity parameter must identify a valid account on the current computer or domain. The string takes the following form, where DOMAIN is the name of a valid domain or computer name and account is the name of a valid user account on a domain or computer: DOMAIN\account.
Applies to
FileSystemAccessRule(IdentityReference, FileSystemRights, InheritanceFlags, PropagationFlags, AccessControlType)
Initializes a new instance of the FileSystemAccessRule class using a reference to a user account, a value that specifies the type of operation associated with the access rule, a value that determines how rights are inherited, a value that determines how rights are propagated, and a value that specifies whether to allow or deny the operation.
public:
FileSystemAccessRule(System::Security::Principal::IdentityReference ^ identity, System::Security::AccessControl::FileSystemRights fileSystemRights, System::Security::AccessControl::InheritanceFlags inheritanceFlags, System::Security::AccessControl::PropagationFlags propagationFlags, System::Security::AccessControl::AccessControlType type);public FileSystemAccessRule (System.Security.Principal.IdentityReference identity, System.Security.AccessControl.FileSystemRights fileSystemRights, System.Security.AccessControl.InheritanceFlags inheritanceFlags, System.Security.AccessControl.PropagationFlags propagationFlags, System.Security.AccessControl.AccessControlType type);new System.Security.AccessControl.FileSystemAccessRule : System.Security.Principal.IdentityReference * System.Security.AccessControl.FileSystemRights * System.Security.AccessControl.InheritanceFlags * System.Security.AccessControl.PropagationFlags * System.Security.AccessControl.AccessControlType -> System.Security.AccessControl.FileSystemAccessRulePublic Sub New (identity As IdentityReference, fileSystemRights As FileSystemRights, inheritanceFlags As InheritanceFlags, propagationFlags As PropagationFlags, type As AccessControlType)Parameters
- identity
- IdentityReference
An IdentityReference object that encapsulates a reference to a user account.
- fileSystemRights
- FileSystemRights
One of the FileSystemRights values that specifies the type of operation associated with the access rule.
- inheritanceFlags
- InheritanceFlags
One of the InheritanceFlags values that specifies how access masks are propagated to child objects.
- propagationFlags
- PropagationFlags
One of the PropagationFlags values that specifies how Access Control Entries (ACEs) are propagated to child objects.
- type
- AccessControlType
One of the AccessControlType values that specifies whether to allow or deny the operation.
Exceptions
The identity parameter is not an IdentityReference object.
The identity parameter is null.
An incorrect enumeration was passed to the type parameter.
-or-
An incorrect enumeration was passed to the inheritanceFlags parameter.
-or-
An incorrect enumeration was passed to the propagationFlags parameter.
Remarks
Use this constructor to create an access control rule that you can persist using the FileSecurity or DirectorySecurity class. Access control rules define user account rights that determine which actions are allowed or disallowed on computers running Microsoft Windows.
Applies to
FileSystemAccessRule(String, FileSystemRights, InheritanceFlags, PropagationFlags, AccessControlType)
Initializes a new instance of the FileSystemAccessRule class using the name of a user account, a value that specifies the type of operation associated with the access rule, a value that determines how rights are inherited, a value that determines how rights are propagated, and a value that specifies whether to allow or deny the operation.
public:
FileSystemAccessRule(System::String ^ identity, System::Security::AccessControl::FileSystemRights fileSystemRights, System::Security::AccessControl::InheritanceFlags inheritanceFlags, System::Security::AccessControl::PropagationFlags propagationFlags, System::Security::AccessControl::AccessControlType type);public FileSystemAccessRule (string identity, System.Security.AccessControl.FileSystemRights fileSystemRights, System.Security.AccessControl.InheritanceFlags inheritanceFlags, System.Security.AccessControl.PropagationFlags propagationFlags, System.Security.AccessControl.AccessControlType type);new System.Security.AccessControl.FileSystemAccessRule : string * System.Security.AccessControl.FileSystemRights * System.Security.AccessControl.InheritanceFlags * System.Security.AccessControl.PropagationFlags * System.Security.AccessControl.AccessControlType -> System.Security.AccessControl.FileSystemAccessRulePublic Sub New (identity As String, fileSystemRights As FileSystemRights, inheritanceFlags As InheritanceFlags, propagationFlags As PropagationFlags, type As AccessControlType)Parameters
- identity
- String
The name of a user account.
- fileSystemRights
- FileSystemRights
One of the FileSystemRights values that specifies the type of operation associated with the access rule.
- inheritanceFlags
- InheritanceFlags
One of the InheritanceFlags values that specifies how access masks are propagated to child objects.
- propagationFlags
- PropagationFlags
One of the PropagationFlags values that specifies how Access Control Entries (ACEs) are propagated to child objects.
- type
- AccessControlType
One of the AccessControlType values that specifies whether to allow or deny the operation.
Exceptions
The identity parameter is null.
An incorrect enumeration was passed to the type parameter.
-or-
An incorrect enumeration was passed to the inheritanceFlags parameter.
-or-
An incorrect enumeration was passed to the propagationFlags parameter.
Remarks
Use this constructor to create an access control rule that you can persist using the FileSecurity or DirectorySecurity class. Access control rules define user account rights that determine which actions are allowed or disallowed on computers running Microsoft Windows.
The identity parameter must identify a valid account on the current computer or domain. The string takes the following form, where DOMAIN is the name of a valid domain or computer name and account is the name of a valid user account on a domain or computer: DOMAIN\account.
