设置Windows系统NTFS某个目录的用户访问权限(c#)
来源:岁月联盟
时间:2004-10-13
using System.Drawing;
using System.Collections;
using System.ComponentModel;
using System.Windows.Forms;
using System.Data;
using System.Management;
using System.Text;
using System.Runtime.InteropServices;
namespace SetAcl
{
/// <summary>
/// Form1 的摘要说明。
/// </summary>
public class Form1 : System.Windows.Forms.Form
{
private System.Windows.Forms.TextBox textBox1;
private System.Windows.Forms.TextBox textBox2;
private System.Windows.Forms.Button SetAcl;
private System.Windows.Forms.Label label1;
private System.Windows.Forms.Label label2;
private System.Windows.Forms.Button button1;
/// <summary>
/// 必需的设计器变量。
/// </summary>
private System.ComponentModel.Container components = null;
public Form1()
{
//
// Windows 窗体设计器支持所必需的
//
InitializeComponent();
//
// TODO: 在 InitializeComponent 调用后添加任何构造函数代码
//
}
/// <summary>
/// 清理所有正在使用的资源。
/// </summary>
protected override void Dispose( bool disposing )
{
if( disposing )
{
if (components != null)
{
components.Dispose();
}
}
base.Dispose( disposing );
}
#region Windows Form Designer generated code
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void InitializeComponent()
{
this.textBox1 = new System.Windows.Forms.TextBox();
this.textBox2 = new System.Windows.Forms.TextBox();
this.SetAcl = new System.Windows.Forms.Button();
this.label1 = new System.Windows.Forms.Label();
this.label2 = new System.Windows.Forms.Label();
this.button1 = new System.Windows.Forms.Button();
this.SuspendLayout();
//
// textBox1
//
this.textBox1.Location = new System.Drawing.Point(80, 32);
this.textBox1.Name = "textBox1";
this.textBox1.Size = new System.Drawing.Size(152, 21);
this.textBox1.TabIndex = 0;
this.textBox1.Text = "c://test";
//
// textBox2
//
this.textBox2.Location = new System.Drawing.Point(80, 80);
this.textBox2.Name = "textBox2";
this.textBox2.Size = new System.Drawing.Size(152, 21);
this.textBox2.TabIndex = 1;
this.textBox2.Text = "ASPNET";
//
// SetAcl
//
this.SetAcl.Location = new System.Drawing.Point(152, 136);
this.SetAcl.Name = "SetAcl";
this.SetAcl.TabIndex = 2;
this.SetAcl.Text = "设置";
this.SetAcl.Click += new System.EventHandler(this.SetAcl_Click);
//
// label1
//
this.label1.Location = new System.Drawing.Point(24, 80);
this.label1.Name = "label1";
this.label1.Size = new System.Drawing.Size(48, 23);
this.label1.TabIndex = 5;
this.label1.Text = "用户:";
//
// label2
//
this.label2.Location = new System.Drawing.Point(24, 32);
this.label2.Name = "label2";
this.label2.Size = new System.Drawing.Size(48, 23);
this.label2.TabIndex = 6;
this.label2.Text = "目录:";
//
// button1
//
this.button1.Location = new System.Drawing.Point(8, 168);
this.button1.Name = "button1";
this.button1.TabIndex = 7;
this.button1.Text = "button1";
this.button1.Click += new System.EventHandler(this.button1_Click);
//
// Form1
//
this.AutoScaleBaseSize = new System.Drawing.Size(6, 14);
this.ClientSize = new System.Drawing.Size(280, 197);
this.Controls.Add(this.button1);
this.Controls.Add(this.label2);
this.Controls.Add(this.label1);
this.Controls.Add(this.SetAcl);
this.Controls.Add(this.textBox2);
this.Controls.Add(this.textBox1);
this.MaximizeBox = false;
this.MinimizeBox = false;
this.Name = "Form1";
this.Text = "Form1";
this.ResumeLayout(false);
}
#endregion
/// <summary>
/// 应用程序的主入口点。
/// </summary>
[STAThread]
static void Main()
{
Application.Run(new Form1());
}
[DllImport("advapi32.dll")]
public static extern bool LookupAccountName(string lpSystemName, string lpAccountName,byte[] sid,ref int cbSid, StringBuilder ReferencedDomainName, ref int cbReferencedDomainName,ref int peUse);
private void SetAcl_Click(object sender, System.EventArgs e)
{
string filePath=this.textBox1.Text;
string userName=this.textBox2.Text;
if(GetFileSystem(filePath.Substring(0,1))!="NTFS")
return;
if(FindTrustee(filePath,userName))
return;
SetDACL(filePath,userName);
}
private string GetFileSystem(string diskName)
{
string fileSystem="";
System.Management.ManagementObjectSearcher diskClass=new ManagementObjectSearcher("select filesystem from Win32_LogicalDisk where name='"+diskName+":'");
ManagementObjectCollection disks=diskClass.Get();
foreach(ManagementObject disk in disks)
{
PropertyDataCollection diskProperties=disk.Properties;
foreach (PropertyData diskProperty in diskProperties)
{
fileSystem = diskProperty.Value.ToString();
}
}
return fileSystem;
}
private bool FindTrustee(string filePath,string userName)
{
ArrayList trusteesName=new ArrayList();
ManagementPath path = new ManagementPath( );
path.Server = ".";
path.NamespacePath = @"root/cimv2";
path.RelativePath = @"Win32_LogicalFileSecuritySetting.Path='"+filePath+"'"; //定位到文件夹
ManagementObject dir = new ManagementObject(path);
ManagementBaseObject outParams = dir.InvokeMethod("GetSecurityDescriptor", null, null); //获取安全描述符
if (((uint)(outParams.Properties["ReturnValue"].Value)) != 0) //OK
{
throw new Exception("获取文件描述符失败");
}
ManagementBaseObject Descriptor = ((ManagementBaseObject)(outParams.Properties["Descriptor"].Value));
ManagementBaseObject[] DaclObject = ((ManagementBaseObject[])(Descriptor.Properties["Dacl"].Value)); //获取访问控制列表
for(int i=0;i<DaclObject.Length;i++)
{
trusteesName.Add(((ManagementBaseObject)DaclObject[i].Properties["Trustee"].Value).Properties["Name"].Value);
}
return trusteesName.Contains(userName);
}
private void SetDACL(string filePath,string userName)
{
//获取帐户信息
int cbSid = 100;
byte[] userSid = new byte[28] ;
StringBuilder domainName=new StringBuilder(255);
int domainNameLength = 255;
int sidType =255;
bool result = LookupAccountName(null, userName,userSid, ref cbSid, domainName,ref domainNameLength,ref sidType);
if(!result)
return;
//获取文件描述符
ManagementPath path = new ManagementPath();
path.Server = ".";
path.NamespacePath = @"root/cimv2";
path.RelativePath = @"Win32_LogicalFileSecuritySetting.Path='"+filePath+"'";
ManagementObject dir = new ManagementObject(path);
ManagementBaseObject outParams = dir.InvokeMethod("GetSecurityDescriptor", null, null);
if (((uint)(outParams.Properties["ReturnValue"].Value)) != 0)
{
throw new Exception("获取文件描述符失败");
}
ManagementBaseObject Descriptor = ((ManagementBaseObject)(outParams.Properties["Descriptor"].Value));
//获取访问控制列表
ManagementBaseObject[] DaclObject = ((ManagementBaseObject[])(Descriptor.Properties["Dacl"].Value));
//复制一个访问控制项
ManagementBaseObject ace=(ManagementBaseObject)DaclObject[0].Clone();
//设置访问控制项属性
ManagementBaseObject trustee=(ManagementBaseObject)ace.Properties["Trustee"].Value;
trustee.Properties["Domain"].Value=domainName.ToString();
trustee.Properties["Name"].Value=userName;
trustee.Properties["SID"].Value=userSid;
trustee.Properties["SidLength"].Value=28;//trustee.Properties["SIDString"].Value="S-1-5-21-602162358-708899826-854245398-1005";
ace.Properties["Trustee"].Value=trustee;
ace.Properties["AccessMask"].Value=2032127;
ace.Properties["AceFlags"].Value=3;
ace.Properties["AceType"].Value=0;
//复制一份访问控制列表,并将以上生成的访问控制项添加到其后。
ManagementBaseObject[] newDacl=new ManagementBaseObject[DaclObject.Length+1];
for(int i=0;i<DaclObject.Length;i++)
{
newDacl[i]=DaclObject[i];
}
newDacl[DaclObject.Length]=ace;
//将安全描述符的DACL属性设为新生成的访问控制列表
Descriptor.Properties["Dacl"].Value=newDacl;
//设置安全描述符
dir.Scope.Options.EnablePrivileges=true;
ManagementBaseObject inProperties=dir.GetMethodParameters("SetSecurityDescriptor");
inProperties["Descriptor"] = Descriptor;
outParams = dir.InvokeMethod("SetSecurityDescriptor", inProperties, null);
}
private void button1_Click(object sender, System.EventArgs e)
{
System.Management.ManagementObjectSearcher cmicWmi=new System.Management.ManagementObjectSearcher("SELECT * FROM Win32_BaseBoard");
foreach(System.Management.ManagementObject cmicWmiObj in cmicWmi.Get())
{
//Debug.WriteLine("bios序列号" & cmicWmiObj["SerialNumber"]);
this.textBox1.Text = "bios序列号" + cmicWmiObj["product"];
}
}
}
}
上一篇:解读C#中的规则表达式
下一篇:Visual C#中的多线程编程
