SemaphoreSecurity.RemoveAccessRuleSpecific(SemaphoreAccessRule) Yöntem
Tanım
Önemli
Bazı bilgiler ürünün ön sürümüyle ilgilidir ve sürüm öncesinde önemli değişiklikler yapılmış olabilir. Burada verilen bilgilerle ilgili olarak Microsoft açık veya zımni hiçbir garanti vermez.
Belirtilen kuralla tam olarak eşleşen bir erişim denetimi kuralı arar ve bulunursa kuralı kaldırır.
public:
void RemoveAccessRuleSpecific(System::Security::AccessControl::SemaphoreAccessRule ^ rule);public void RemoveAccessRuleSpecific (System.Security.AccessControl.SemaphoreAccessRule rule);override this.RemoveAccessRuleSpecific : System.Security.AccessControl.SemaphoreAccessRule -> unitPublic Sub RemoveAccessRuleSpecific (rule As SemaphoreAccessRule)Parametreler
- rule
- SemaphoreAccessRule
Kaldırılacak SemaphoreAccessRule .
Özel durumlar
rule, null değeridir.
Örnekler
Aşağıdaki kod örneği, yöntemin RemoveAccessRuleSpecific bir kuralı kaldırmak için tam eşleşme gerektirdiğini ve haklarına izin vermek ve reddetmek için kuralların birbirinden bağımsız olduğunu gösterir.
Örnek bir SemaphoreSecurity nesne oluşturur, geçerli kullanıcı için çeşitli haklara izin veren ve reddeden kurallar ekler ve ardından ek hakları erişim kuralıyla Allow birleştirir. Örnek daha sonra özgün Allow kuralı yöntemine RemoveAccessRuleSpecific geçirir ve sonuçları görüntüleyip hiçbir şeyin silinmediğini gösterir. Örnek daha sonra nesnesindeki kuralla Allow eşleşen bir kural oluşturur ve kuralı kaldırmak için yöntemini başarıyla kullanırRemoveAccessRuleSpecific.SemaphoreSecurity
Not
Bu örnek, güvenlik nesnesini bir Semaphore nesneye eklemez. Güvenlik nesneleri ekleyen örnekler ve Semaphore.SetAccessControliçinde Semaphore.GetAccessControl bulunabilir.
using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;
public class Example
{
public static void Main()
{
// Create a string representing the current user.
string user = Environment.UserDomainName + "\\" +
Environment.UserName;
// Create a security object that grants no access.
SemaphoreSecurity mSec = new SemaphoreSecurity();
// Add a rule that grants the current user the
// right to enter or release the semaphore.
SemaphoreAccessRule ruleA = new SemaphoreAccessRule(user,
SemaphoreRights.Synchronize | SemaphoreRights.Modify,
AccessControlType.Allow);
mSec.AddAccessRule(ruleA);
// Add a rule that denies the current user the
// right to change permissions on the semaphore.
SemaphoreAccessRule rule = new SemaphoreAccessRule(user,
SemaphoreRights.ChangePermissions,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
// Display the rules in the security object.
ShowSecurity(mSec);
// Add a rule that allows the current user the
// right to read permissions on the semaphore. This rule
// is merged with the existing Allow rule.
rule = new SemaphoreAccessRule(user,
SemaphoreRights.ReadPermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
ShowSecurity(mSec);
// Attempt to remove the original rule (granting
// the right to enter or release the semaphore) with
// RemoveAccessRuleSpecific. The removal fails,
// because the right to read the permissions on the
// semaphore has been added to the rule, so that it no
// longer matches the original rule.
Console.WriteLine("Attempt to use RemoveAccessRuleSpecific on the original rule.");
mSec.RemoveAccessRuleSpecific(ruleA);
ShowSecurity(mSec);
// Create a rule that grants the current user
// the right to enter or release the semaphore, and
// to read permissions. Use this rule to remove
// the Allow rule for the current user.
Console.WriteLine("Use RemoveAccessRuleSpecific with the correct rights.");
rule = new SemaphoreAccessRule(user,
SemaphoreRights.Synchronize | SemaphoreRights.Modify |
SemaphoreRights.ReadPermissions,
AccessControlType.Allow);
mSec.RemoveAccessRuleSpecific(rule);
ShowSecurity(mSec);
}
private static void ShowSecurity(SemaphoreSecurity security)
{
Console.WriteLine("\r\nCurrent access rules:\r\n");
foreach(SemaphoreAccessRule ar in
security.GetAccessRules(true, true, typeof(NTAccount)))
{
Console.WriteLine(" User: {0}", ar.IdentityReference);
Console.WriteLine(" Type: {0}", ar.AccessControlType);
Console.WriteLine(" Rights: {0}", ar.SemaphoreRights);
Console.WriteLine();
}
}
}
/*This code example produces output similar to following:
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, Synchronize
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, ReadPermissions, Synchronize
Attempt to use RemoveAccessRuleSpecific on the original rule.
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, ReadPermissions, Synchronize
Use RemoveAccessRuleSpecific with the correct rights.
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
*/
Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal
Public Class Example
Public Shared Sub Main()
' Create a string representing the current user.
Dim user As String = Environment.UserDomainName _
& "\" & Environment.UserName
' Create a security object that grants no access.
Dim mSec As New SemaphoreSecurity()
' Add a rule that grants the current user the
' right to enter or release the semaphore.
Dim ruleA As New SemaphoreAccessRule(user, _
SemaphoreRights.Synchronize _
Or SemaphoreRights.Modify, _
AccessControlType.Allow)
mSec.AddAccessRule(ruleA)
' Add a rule that denies the current user the
' right to change permissions on the semaphore.
Dim rule As New SemaphoreAccessRule(user, _
SemaphoreRights.ChangePermissions, _
AccessControlType.Deny)
mSec.AddAccessRule(rule)
' Display the rules in the security object.
ShowSecurity(mSec)
' Add a rule that allows the current user the
' right to read permissions on the semaphore. This rule
' is merged with the existing Allow rule.
rule = New SemaphoreAccessRule(user, _
SemaphoreRights.ReadPermissions, _
AccessControlType.Allow)
mSec.AddAccessRule(rule)
ShowSecurity(mSec)
' Attempt to remove the original rule (granting
' the right to enter or release the semaphore) with
' RemoveAccessRuleSpecific. The removal fails,
' because the right to read the permissions on the
' semaphore has been added to the rule, so that it no
' longer matches the original rule.
Console.WriteLine("Attempt to use RemoveAccessRuleSpecific on the original rule.")
mSec.RemoveAccessRuleSpecific(ruleA)
ShowSecurity(mSec)
' Create a rule that grants the current user
' the right to enter or release the semaphore, and
' to read permissions. Use this rule to remove
' the Allow rule for the current user.
Console.WriteLine("Use RemoveAccessRuleSpecific with the correct rights.")
rule = New SemaphoreAccessRule(user, _
SemaphoreRights.Synchronize _
Or SemaphoreRights.Modify _
Or SemaphoreRights.ReadPermissions, _
AccessControlType.Allow)
mSec.RemoveAccessRuleSpecific(rule)
ShowSecurity(mSec)
End Sub
Private Shared Sub ShowSecurity(ByVal security As SemaphoreSecurity)
Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)
For Each ar As SemaphoreAccessRule In _
security.GetAccessRules(True, True, GetType(NTAccount))
Console.WriteLine(" User: {0}", ar.IdentityReference)
Console.WriteLine(" Type: {0}", ar.AccessControlType)
Console.WriteLine(" Rights: {0}", ar.SemaphoreRights)
Console.WriteLine()
Next
End Sub
End Class
'This code example produces output similar to following:
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, Synchronize
'
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, ReadPermissions, Synchronize
'
'Attempt to use RemoveAccessRuleSpecific on the original rule.
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, ReadPermissions, Synchronize
'
'Use RemoveAccessRuleSpecific with the correct rights.
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
Açıklamalar
Kural yalnızca bayraklar da dahil olmak üzere tüm ayrıntılarla tam olarak eşleşiyorsa rule kaldırılır. Aynı kullanıcıya sahip diğer AccessControlType kurallar etkilenmez.
Önemli
Kural bir veya daha fazla temel erişim denetimi girdisini (ACE) temsil eder ve bir kullanıcının erişim güvenlik kurallarını değiştirdiğinizde bu girdiler gerektiği gibi bölünür veya birleştirilir. Bu nedenle, bir kural eklendiğinde sahip olduğu belirli biçimde artık mevcut olmayabilir ve bu durumda RemoveAccessRuleSpecific yöntem bunu kaldıramaz.