We can assign a specific builtin access control to a file using FileSecurity class. Similary way that access control can revoke from the same file. Access
control is defined by 2 things as combined.
1. FileSystemRights [ Read, Right, Delete et....]
2. AccessControlType[Grant or Deny]
eg :- Read + Grant, Delete + Deny etc.
I have one text file in my local c:\text.txt. I executed each on that file. You please assign access control to this file and try to open that. For eg:- once
you assign the Read + Deny and tried to open that file, it will alert you regarding access restriction. To overcome this youe need to revoke that assigned
access control. My code behind is here. I used only some of FileSystemRights. But you needs to try with more. Two things need to take care
1. Create a text file in path "c:\test.txt" for testing purose. Try to open/read/modify this files after each access control execution.
2. I used "Administrator" as user. This need to be relaced with your own UserID. If you are in a domain, use DomainName\UserID. I am not in a network domain. So wrote UserID directly.
protected void Page_Load(object sender, EventArgs e)
{
try
{
string fileName = @"c:\test.txt";
// Add the access control entry to the file. Please replace with your UserID. I used Administrator as UserID
MakeSecure(fileName, @"Administrator", FileSystemRights.ReadData, AccessControlType.Deny);
//MakeSecure(fileName, @"Administrator", FileSystemRights.Modify, AccessControlType.Deny);
//MakeSecure(fileName, @"Administrator", FileSystemRights.AppendData, AccessControlType.Deny);
//MakeSecure(fileName, @"Administrator", FileSystemRights.Write, AccessControlType.Deny);
// Remove the access control entry from the file.
ReleaseSecurity(fileName, @"Administrator", FileSystemRights.ReadData, AccessControlType.Deny);
}
catch
{
}
}
//Adding specific security to the file
public static void MakeSecure(string fileName, string userAccount, FileSystemRights rights, AccessControlType controlType)
{
//Creating a FileSecurity object
FileSecurity fileSecurity = File.GetAccessControl(fileName);
//Adding accessrules to the file security object using FileSystemAccessRule object
fileSecurity.AddAccessRule(new FileSystemAccessRule(userAccount, rights, controlType));
//Setting the created access rule to the file
File.SetAccessControl(fileName, fileSecurity);
}
//Rollback specific security from the file
public static void ReleaseSecurity(string fileName, string userAccount, FileSystemRights rights, AccessControlType controlType)
{
//Creating a FileSecurity object
FileSecurity fileSecurity = File.GetAccessControl(fileName);
//Adding accessrules to the file security object using FileSystemAccessRule object
fileSecurity.RemoveAccessRule(new FileSystemAccessRule(userAccount, rights, controlType));
//Removing the created access rule to the file
File.SetAccessControl(fileName, fileSecurity);
}