EventWaitHandleSecurity.RemoveAccessRule(EventWaitHandleAccessRule) 方法

定义

搜索如下的访问控制规则:与指定的访问规则具有相同的用户和 AccessControlType(允许或拒绝),并具有兼容的继承和传播标志;如果找到,则从中移除指定访问规则中包含的权限。

public:
 bool RemoveAccessRule(System::Security::AccessControl::EventWaitHandleAccessRule ^ rule);
public bool RemoveAccessRule (System.Security.AccessControl.EventWaitHandleAccessRule rule);
override this.RemoveAccessRule : System.Security.AccessControl.EventWaitHandleAccessRule -> bool
Public Function RemoveAccessRule (rule As EventWaitHandleAccessRule) As Boolean

参数

rule
EventWaitHandleAccessRule

指定要搜索的用户和 EventWaitHandleAccessRuleAccessControlType,以及匹配规则(如果找到)必须兼容的一组继承和传播标志。 指定要从兼容规则移除的权限(如果找到)。

返回

如果找到一个兼容规则,则为 true;否则为 false

例外

rulenull

示例

下面的代码示例演示如何使用 RemoveAccessRule 方法从 Allow 对象中的 EventWaitHandleSecurity 规则中删除权限。 它还显示中其他权限 rule 被忽略。

该示例创建一个 EventWaitHandleSecurity 对象,并添加允许和拒绝当前用户的各种权限的规则。 允许的权限包括 ModifyReadPermissionsSynchronize。 然后,该示例为当前用户创建一个新规则(包括 ReadPermissionsTakeOwnership 权限),并将该规则与 方法一起使用RemoveAccessRule,以便从 Allow 对象中的EventWaitHandleSecurity规则中删除ReadPermissions。 中的TakeOwnershiprule右侧将被忽略。

注意

此示例不将安全对象附加到 对象 EventWaitHandle 。 可以在 和 EventWaitHandle.SetAccessControl中找到EventWaitHandle.GetAccessControl附加安全对象的示例。

using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;

public class Example
{
    public static void Main()
    {
        // Create a string representing the current user.
        string user = Environment.UserDomainName + "\\" + 
            Environment.UserName;

        // Create a security object that grants no access.
        EventWaitHandleSecurity mSec = new EventWaitHandleSecurity();

        // Add a rule that grants the current user the 
        // right to wait on or signal the event and read the
        // permissions on the event.
        EventWaitHandleAccessRule rule = new EventWaitHandleAccessRule(user, 
            EventWaitHandleRights.Synchronize | EventWaitHandleRights.Modify
                | EventWaitHandleRights.ReadPermissions, 
            AccessControlType.Allow);
        mSec.AddAccessRule(rule);

        // Add a rule that denies the current user the 
        // right to change permissions on the event.
        rule = new EventWaitHandleAccessRule(user, 
            EventWaitHandleRights.ChangePermissions, 
            AccessControlType.Deny);
        mSec.AddAccessRule(rule);

        // Display the rules in the security object.
        ShowSecurity(mSec);

        // Create a rule that grants the current user 
        // the right to read permissions on the event, and
        // take ownership of the event. Use this rule to 
        // remove the right to read permissions from the 
        // Allow rule for the current user. The inclusion 
        // of the right to take ownership has no effect.
        rule = new EventWaitHandleAccessRule(user, 
            EventWaitHandleRights.TakeOwnership | 
                EventWaitHandleRights.ReadPermissions, 
            AccessControlType.Allow);
        mSec.RemoveAccessRule(rule);

        ShowSecurity(mSec);
    }

    private static void ShowSecurity(EventWaitHandleSecurity security)
    {
        Console.WriteLine("\r\nCurrent access rules:\r\n");

        foreach(EventWaitHandleAccessRule ar in 
            security.GetAccessRules(true, true, typeof(NTAccount)))
        {
            Console.WriteLine("        User: {0}", ar.IdentityReference);
            Console.WriteLine("        Type: {0}", ar.AccessControlType);
            Console.WriteLine("      Rights: {0}", ar.EventWaitHandleRights);
            Console.WriteLine();
        }
    }
}

/*This code example produces output similar to following:

Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, ReadPermissions, Synchronize


Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, Synchronize
 */
Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal

Public Class Example

    Public Shared Sub Main()

        ' Create a string representing the current user.
        Dim user As String = Environment.UserDomainName _ 
            & "\" & Environment.UserName

        ' Create a security object that grants no access.
        Dim mSec As New EventWaitHandleSecurity()

        ' Add a rule that grants the current user the 
        ' right to wait on or signal the event, and to 
        ' read its permissions.
        Dim rule As New EventWaitHandleAccessRule(user, _
            EventWaitHandleRights.Synchronize _
            Or EventWaitHandleRights.Modify _
            Or EventWaitHandleRights.ReadPermissions, _
            AccessControlType.Allow)
        mSec.AddAccessRule(rule)

        ' Add a rule that denies the current user the 
        ' right to change permissions on the event.
        rule = New EventWaitHandleAccessRule(user, _
            EventWaitHandleRights.ChangePermissions, _
            AccessControlType.Deny)
        mSec.AddAccessRule(rule)

        ' Display the rules in the security object.
        ShowSecurity(mSec)

        ' Create a rule that grants the current user 
        ' the right to read permissions on the event, and
        ' take ownership of the event. Use this rule to 
        ' remove the right to read permissions from the 
        ' Allow rule for the current user. The inclusion 
        ' of the right to take ownership has no effect.
        rule = New EventWaitHandleAccessRule(user, _
            EventWaitHandleRights.TakeOwnership _
            Or EventWaitHandleRights.ReadPermissions, _
            AccessControlType.Allow)
        mSec.RemoveAccessRule(rule)

        ShowSecurity(mSec)
        
    End Sub 

    Private Shared Sub ShowSecurity(ByVal security As EventWaitHandleSecurity)
        Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)

        For Each ar As EventWaitHandleAccessRule In _
            security.GetAccessRules(True, True, GetType(NTAccount))

            Console.WriteLine("        User: {0}", ar.IdentityReference)
            Console.WriteLine("        Type: {0}", ar.AccessControlType)
            Console.WriteLine("      Rights: {0}", ar.EventWaitHandleRights)
            Console.WriteLine()
        Next

    End Sub
End Class 

'This code example produces output similar to following:
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: Modify, ReadPermissions, Synchronize
'
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: Modify, Synchronize

注解

在当前EventWaitHandleSecurity中搜索与 具有相同用户且值rule相同的AccessControlType规则。 如果未找到此类规则,则不执行任何操作,并且 该方法将返回 false。 如果找到匹配的规则,则会检查其继承和兼容性标志是否与 中指定的 rule标志兼容。 如果未找到兼容的规则,则不执行任何操作,并且 该方法将返回 false。 如果找到具有兼容标志的规则,则会从兼容规则中删除 中指定的 rule 权限,并且 方法将返回 true。 如果 rule 指定了兼容规则中未包含的权限,则不对这些权限执行任何操作。 如果从兼容规则中删除所有权限,则会从当前 EventWaitHandleSecurity 对象中删除整个规则。

重要

尽管可以通过使用 AccessRuleFactory 方法创建事件访问规则来指定继承和传播标志,但不建议这样做。 继承和传播对命名事件没有意义,它们使访问规则的维护更加复杂。

适用于