共用方式為

FileInfo.SetAccessControl(FileSecurity) 方法

定義

命名空間:
System.IO
組件:
mscorlib.dll

FileSecurity 物件所描述的訪問控制清單 (ACL) 專案套用至目前 FileInfo 物件所描述的檔案。

public:
 void SetAccessControl(System::Security::AccessControl::FileSecurity ^ fileSecurity);
public void SetAccessControl(System.Security.AccessControl.FileSecurity fileSecurity);
member this.SetAccessControl : System.Security.AccessControl.FileSecurity -> unit
Public Sub SetAccessControl (fileSecurity As FileSecurity)

參數

fileSecurity
FileSecurity

FileSecurity 物件,描述要套用至目前檔案的訪問控制清單 (ACL) 專案。

例外狀況

ArgumentNullException

fileSecurity 參數是 null

SystemException

找不到或修改檔案。

UnauthorizedAccessException

目前的進程沒有開啟檔案的存取權。

範例

下列程式代碼範例會使用 GetAccessControl 方法和 SetAccessControl 方法來新增,然後從檔案中移除 ACL 專案。 您必須提供有效的使用者或組帳戶,才能執行此範例。

using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class FileExample
    {
        public static void Main()
        {
            try
            {
                string FileName = "c:/test.xml";

                Console.WriteLine("Adding access control entry for " + FileName);

                // Add the access control entry to the file.
                // Before compiling this snippet, change MyDomain to your
                // domain name and MyAccessAccount to the name
                // you use to access your domain.
                AddFileSecurity(FileName, @"MyDomain\MyAccessAccount", FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Removing access control entry from " + FileName);

                // Remove the access control entry from the file.
                // Before compiling this snippet, change MyDomain to your
                // domain name and MyAccessAccount to the name
                // you use to access your domain.
                RemoveFileSecurity(FileName, @"MyDomain\MyAccessAccount", FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Done.");
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }
        }

        // Adds an ACL entry on the specified file for the specified account.
        public static void AddFileSecurity(
            string FileName,
            string Account,
            FileSystemRights Rights,
            AccessControlType ControlType
            )
        {
            // Create a new FileInfo object.
            FileInfo fInfo = new(FileName);

            // Get a FileSecurity object that represents the
            // current security settings.
            FileSecurity fSecurity = fInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings.
            fSecurity.AddAccessRule(new FileSystemAccessRule(Account,
                                                            Rights,
                                                            ControlType));

            // Set the new access settings.
            fInfo.SetAccessControl(fSecurity);
        }

        // Removes an ACL entry on the specified file for the specified account.
        public static void RemoveFileSecurity(
            string FileName,
            string Account,
            FileSystemRights Rights,
            AccessControlType ControlType
            )
        {
            // Create a new FileInfo object.
            FileInfo fInfo = new(FileName);

            // Get a FileSecurity object that represents the
            // current security settings.
            FileSecurity fSecurity = fInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings.
            fSecurity.RemoveAccessRule(new FileSystemAccessRule(Account,
                                                            Rights,
                                                            ControlType));

            // Set the new access settings.
            fInfo.SetAccessControl(fSecurity);
        }
    }
}
//This code produces output similar to the following;
//results may vary based on the computer/file structure/etc.:
//
//Adding access control entry for c:\test.xml
//Removing access control entry from c:\test.xml
//Done.
//

Imports System.IO
Imports System.Security.AccessControl



Module FileExample

    Sub Main()
        Try
            Dim FileName As String = "c:\test.xml"

            Console.WriteLine("Adding access control entry for " & FileName)

            ' Add the access control entry to the file.
            ' Before compiling this snippet, change MyDomain to your 
            ' domain name and MyAccessAccount to the name 
            ' you use to access your domain.
            AddFileSecurity(FileName, "MyDomain\\MyAccessAccount", FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Removing access control entry from " & FileName)

            ' Remove the access control entry from the file.
            ' Before compiling this snippet, change MyDomain to your 
            ' domain name and MyAccessAccount to the name 
            ' you use to access your domain.
            RemoveFileSecurity(FileName, "MyDomain\\MyAccessAccount", FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Done.")
        Catch e As Exception
            Console.WriteLine(e)
        End Try

    End Sub


    ' Adds an ACL entry on the specified file for the specified account.
    Sub AddFileSecurity(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal ControlType As AccessControlType)
        ' Create a new FileInfo object.
        Dim fInfo As New FileInfo(FileName)

        ' Get a FileSecurity object that represents the 
        ' current security settings.
        Dim fSecurity As FileSecurity = fInfo.GetAccessControl()

        ' Add the FileSystemAccessRule to the security settings. 
        fSecurity.AddAccessRule(New FileSystemAccessRule(Account, Rights, ControlType))

        ' Set the new access settings.
        fInfo.SetAccessControl(fSecurity)

    End Sub


    ' Removes an ACL entry on the specified file for the specified account.
    Sub RemoveFileSecurity(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal ControlType As AccessControlType)
        ' Create a new FileInfo object.
        Dim fInfo As New FileInfo(FileName)

        ' Get a FileSecurity object that represents the 
        ' current security settings.
        Dim fSecurity As FileSecurity = fInfo.GetAccessControl()

        ' Add the FileSystemAccessRule to the security settings. 
        fSecurity.RemoveAccessRule(New FileSystemAccessRule(Account, Rights, ControlType))

        ' Set the new access settings.
        fInfo.SetAccessControl(fSecurity)

    End Sub
End Module
'This code produces output similar to the following; 
'results may vary based on the computer/file structure/etc.:
'
'Adding access control entry for c:\test.xml
'Removing access control entry from c:\test.xml
'Done.
'

備註

SetAccessControl 方法會將訪問控制清單 (ACL) 專案套用至代表非繼承 ACL 清單的目前檔案。

每當您需要從檔案新增或移除 ACL 專案時,請使用 SetAccessControl 方法。

謹慎

fileSecurity 參數指定的 ACL 會取代檔案的現有 ACL。 若要新增新用戶的許可權,請使用 GetAccessControl 方法來取得現有的 ACL、修改它,然後使用 SetAccessControl 將它套用回檔案。

ACL 描述具有或沒有指定檔案上特定動作許可權的個人和群組。 如需詳細資訊,請參閱 如何:新增或移除存取控制清單項目

SetAccessControl 方法只會保存 FileSecurity 物件建立之後已修改的物件。 如果 FileSecurity 物件尚未修改,則不會保存至檔案。 因此,無法從某個檔案擷取 FileSecurity 物件,並將相同的物件重新套用至另一個檔案。

若要將 ACL 資訊從一個檔案複製到另一個檔案:

  1. 使用 GetAccessControl 方法,從來源檔案擷取 FileSecurity 物件。

  2. 為目的地檔案建立新的 FileSecurity 物件。

  3. 使用來源 FileSecurity 物件的 GetSecurityDescriptorBinaryFormGetSecurityDescriptorSddlForm 方法來擷取 ACL 資訊。

  4. 使用 SetSecurityDescriptorBinaryFormSetSecurityDescriptorSddlForm 方法,將步驟 3 中擷取的資訊複製到目的地 FileSecurity 物件。

  5. 使用 SetAccessControl 方法,將目的地 FileSecurity 物件設定為目的地檔案。

適用於