ManagementAuthorization 类
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
提供用于管理特定站点或应用程序的授权列表的功能。
public ref class ManagementAuthorization abstract sealed
public static class ManagementAuthorization
type ManagementAuthorization = class
Public Class ManagementAuthorization
- 继承
-
ManagementAuthorization
示例
以下示例实现 和 ManagementAuthorizationInfo 类的多个方法和属性ManagementAuthorization。 本示例将指定用户添加到指定网站,并显示该指定网站的授权用户的集合。
// Returns a Property bag that contains the Site Owner Details.
public PropertyBag GetSiteOwnerDetails(string siteName)
{
PropertyBag SiteOwnerDetailsBag = new PropertyBag();
// Set the userName.
string userName = "User4";
string display = null;
string message = null;
AppDomain domain = Thread.GetDomain();
domain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
WindowsPrincipal principal = (WindowsPrincipal)Thread.CurrentPrincipal;
// Gets the site from the siteName.
Site site = base.ManagementUnit.ServerManager.Sites[siteName];
// Set the path.
string path = site.Name;
SiteOwnerDetailsBag.Add(0, principal.Identity.Name);
SiteOwnerDetailsBag.Add(1,
ManagementAuthorization.IsAuthorized(principal, path).ToString());
SiteOwnerDetailsBag.Add(2, siteName as string);
message = "Provider: " + ManagementAuthorization.Provider;
display = display + message;
// Get a collection of authorized users.
ManagementAuthorizationInfoCollection authorizedCollection =
ManagementAuthorization.GetAuthorizedUsers(path, true, 0, -1);
message = "\nAuthorizedUsers count: " +
authorizedCollection.Count.ToString() + "\n ";
display = display + message;
bool isInCollection = false;
message = null;
// Search the returned collection.
foreach (ManagementAuthorizationInfo authorizedInfo in authorizedCollection)
{
message = message + "\nName: " + authorizedInfo.Name;
message = message + " ConfigurationPath: " +
authorizedInfo.ConfigurationPath;
message = message + " IsRole: " + authorizedInfo.IsRole;
// Check to see if the user is already in the allowed users collection.
if (userName.Equals(authorizedInfo.Name))
{
isInCollection = true;
}
}
// Grant the user permission to this site only if
// they are not already in the allowed users collection.
if (!isInCollection)
{
ManagementAuthorization.Grant(userName, path, false);
message = message + "\nadded: " + userName;
}
display = display + message;
string[] configPaths =
ManagementAuthorization.GetConfigurationPaths(principal, null);
message = "\n\nThe current user is a member of " +
configPaths.Length + " paths.";
foreach (string configpath in configPaths)
{
message = message + "\npath: " + configpath;
}
display = display + message;
SiteOwnerDetailsBag.Add(3, display as string);
// Uncomment the following line to rename a configuration path.
// ManagementAuthorization.RenameConfigurationPath(path , path + "-new");
// Uncomment the following line to revoke
// all authorizations for the specified user.
// ManagementAuthorization.Revoke(userName);
// Uncomment the following line to revoke the
// authorization for the specified user to the specified site.
// ManagementAuthorization.Revoke(userName, path);
// Uncomment the following line to revoke all
// authorization for the specified site.
// ManagementAuthorization.RevokeConfigurationPath(path);
return SiteOwnerDetailsBag;
}
注解
IIS 管理器的权限是为特定站点或应用程序授予的,而不是在服务器级别授予的。 对象 ManagementAuthorization 确定是否应向用户或角色授予对特定站点或应用程序的访问权限。 IIS 管理器的“IIS 管理器权限 ”页上提供了授权用户列表。
此类不能被继承。
属性
Provider |
获取 IIS 管理器的授权提供程序。 |
方法
GetAuthorizedUsers(String, Boolean, Int32, Int32) |
检索指定配置路径的授权用户的集合。 |
GetConfigurationPaths(IPrincipal, String) |
返回指定主体有权配置的配置路径数组。 |
Grant(String, String, Boolean) |
向指定配置路径的用户名或角色授予授权。 |
IsAuthorized(IPrincipal, String) |
检索一个值,该值指示是否为指定的配置路径授权指定的主体。 |
RenameConfigurationPath(String, String) |
重命名配置路径。 |
Revoke(String) |
撤消针对所有配置路径的指定用户的授权。 |
Revoke(String, String) |
撤消针对指定配置路径的指定用户的授权。 |
RevokeConfigurationPath(String) |
从指定的配置路径中删除所有授权用户。 |
适用于
另请参阅
反馈
https://aka.ms/ContentUserFeedback。
即将发布:在整个 2024 年,我们将逐步淘汰作为内容反馈机制的“GitHub 问题”,并将其取代为新的反馈系统。 有关详细信息,请参阅:提交和查看相关反馈