EventWaitHandleSecurity.SetAccessRule(EventWaitHandleAccessRule) 方法

定义

移除与指定的规则具有相同用户和 AccessControlType(允许或拒绝)的所有控制规则,然后添加指定的规则。

public:
 void SetAccessRule(System::Security::AccessControl::EventWaitHandleAccessRule ^ rule);
public void SetAccessRule (System.Security.AccessControl.EventWaitHandleAccessRule rule);
override this.SetAccessRule : System.Security.AccessControl.EventWaitHandleAccessRule -> unit
Public Sub SetAccessRule (rule As EventWaitHandleAccessRule)

参数

rule
EventWaitHandleAccessRule

要添加的 EventWaitHandleAccessRule。 由此规则的用户和 AccessControlType 确定在添加此规则之前要移除的规则。

例外

rulenull

示例

下面的代码示例演示 方法如何 SetAccessRule 删除与 用户和 AccessControlTyperule匹配的所有规则,并将这些规则替换为 rule

该示例创建一个 EventWaitHandleSecurity 对象,并添加允许和拒绝当前用户的各种权限的规则。 然后,该示例创建一个允许当前用户完全控制的新规则,并使用 SetAccessRule 方法将现有 Allow 规则替换为新规则。 拒绝访问的规则不受影响。

注意

此示例不将安全对象附加到 对象 EventWaitHandle 。 可以在 和 EventWaitHandle.SetAccessControl中找到EventWaitHandle.GetAccessControl附加安全对象的示例。

using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;

public class Example
{
    public static void Main()
    {
        // Create a string representing the current user.
        string user = Environment.UserDomainName + "\\" + 
            Environment.UserName;

        // Create a security object that grants no access.
        EventWaitHandleSecurity mSec = new EventWaitHandleSecurity();

        // Add a rule that grants the current user the 
        // right to wait on or signal the event and read the
        // permissions on the event.
        EventWaitHandleAccessRule rule = new EventWaitHandleAccessRule(user, 
            EventWaitHandleRights.Synchronize | EventWaitHandleRights.Modify
                | EventWaitHandleRights.ReadPermissions, 
            AccessControlType.Allow);
        mSec.AddAccessRule(rule);

        // Add a rule that denies the current user the 
        // right to change permissions on the event.
        rule = new EventWaitHandleAccessRule(user, 
            EventWaitHandleRights.ChangePermissions, 
            AccessControlType.Deny);
        mSec.AddAccessRule(rule);

        // Display the rules in the security object.
        ShowSecurity(mSec);

        // Create a rule that grants the current user 
        // the full control over the event. Use the
        // SetAccessRule method to replace the 
        // existing Allow rule with the new rule. 
        rule = new EventWaitHandleAccessRule(user,
            EventWaitHandleRights.FullControl,
            AccessControlType.Allow);
        mSec.SetAccessRule(rule);

        ShowSecurity(mSec);
    }

    private static void ShowSecurity(EventWaitHandleSecurity security)
    {
        Console.WriteLine("\r\nCurrent access rules:\r\n");

        foreach(EventWaitHandleAccessRule ar in 
            security.GetAccessRules(true, true, typeof(NTAccount)))
        {
            Console.WriteLine("        User: {0}", ar.IdentityReference);
            Console.WriteLine("        Type: {0}", ar.AccessControlType);
            Console.WriteLine("      Rights: {0}", ar.EventWaitHandleRights);
            Console.WriteLine();
        }
    }
}

/*This code example produces output similar to following:

Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: Modify, ReadPermissions, Synchronize


Current access rules:

        User: TestDomain\TestUser
        Type: Deny
      Rights: ChangePermissions

        User: TestDomain\TestUser
        Type: Allow
      Rights: FullControl
 */
Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal

Public Class Example

    Public Shared Sub Main()

        ' Create a string representing the current user.
        Dim user As String = Environment.UserDomainName _ 
            & "\" & Environment.UserName

        ' Create a security object that grants no access.
        Dim mSec As New EventWaitHandleSecurity()

        ' Add a rule that grants the current user the 
        ' right to wait on or signal the event, and to 
        ' read its permissions.
        Dim rule As New EventWaitHandleAccessRule(user, _
            EventWaitHandleRights.Synchronize _
            Or EventWaitHandleRights.Modify _
            Or EventWaitHandleRights.ReadPermissions, _
            AccessControlType.Allow)
        mSec.AddAccessRule(rule)

        ' Add a rule that denies the current user the 
        ' right to change permissions on the event.
        rule = New EventWaitHandleAccessRule(user, _
            EventWaitHandleRights.ChangePermissions, _
            AccessControlType.Deny)
        mSec.AddAccessRule(rule)

        ' Display the rules in the security object.
        ShowSecurity(mSec)

        ' Create a rule that grants the current user 
        ' the full control over the event. Use the
        ' SetAccessRule method to replace the 
        ' the existing Allow rule with the new rule. 
        rule = New EventWaitHandleAccessRule(user, _
            EventWaitHandleRights.FullControl, _
            AccessControlType.Allow)
        mSec.SetAccessRule(rule)

        ShowSecurity(mSec)
        
    End Sub 

    Private Shared Sub ShowSecurity(ByVal security As EventWaitHandleSecurity)
        Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)

        For Each ar As EventWaitHandleAccessRule In _
            security.GetAccessRules(True, True, GetType(NTAccount))

            Console.WriteLine("        User: {0}", ar.IdentityReference)
            Console.WriteLine("        Type: {0}", ar.AccessControlType)
            Console.WriteLine("      Rights: {0}", ar.EventWaitHandleRights)
            Console.WriteLine()
        Next

    End Sub
End Class 

'This code example produces output similar to following:
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: Modify, ReadPermissions, Synchronize
'
'
'Current access rules:
'
'        User: TestDomain\TestUser
'        Type: Deny
'      Rights: ChangePermissions
'
'        User: TestDomain\TestUser
'        Type: Allow
'      Rights: FullControl

注解

如果指定的规则具有 Allow,则此方法的效果是删除指定用户的所有 Allow 规则,将它们替换为指定的规则。 如果指定规则具有 Deny,则指定用户的所有 Deny 规则都会替换为指定的规则。

如果没有其用户与 AccessControlType 指定规则匹配的规则, rule 则添加。

适用于