Получать информацию о разрешениях папки пользователя, заверенного в windows в vb.net

Я хотел бы получить информацию о разрешениях, у которой есть пользователь, заверенный в Windows на папке, выбранной в vb.net.

Пока у меня есть нечто похожее:

 Dim fileSec = System.IO.File.GetAccessControl("F:\User\jguillen\Carpeta", Security.AccessControl.AccessControlSections.Access)
    Dim accessRules = fileSec.GetAccessRules(True, True, GetType(System.Security.Principal.NTAccount))

    Console.WriteLine(rule.IdentityReference.Value)
    Console.WriteLine(rule.AccessControlType.ToString())
    Console.WriteLine(rule.FileSystemRights.ToString())

Но он показывает мне информацию всех пользователей в домене и только я требую пользователя, который инициализировал сеанс.

introducir la descripción de la imagen aquí

Это результат:

0
задан 14.02.2017, 04:29
0 ответов

Para obtener los accesos de una carpeta, había utilizado una clase que ya lo habían desarrollado, la pongo en referencia .

Clase UserFileAccessRights que permite obtener los permisos.

Imports System.IO
Imports System.Security.AccessControl
Imports System.Security.Principal

Namespace WFATMP1
    Public Class UserFileAccessRights
        Private _denyAppendData As Boolean
        Private _denyChangePermissions As Boolean
        Private _denyCreateDirectories As Boolean
        Private _denyCreateFiles As Boolean
        Private _denyDelete As Boolean
        Private _denyDeleteSubdirectoriesAndFiles As Boolean
        Private _denyExecuteFile As Boolean
        Private _denyFullControl As Boolean
        Private _denyListDirectory As Boolean
        Private _denyModify As Boolean
        Private _denyRead As Boolean
        Private _denyReadAndExecute As Boolean
        Private _denyReadAttributes As Boolean
        Private _denyReadData As Boolean
        Private _denyReadExtendedAttributes As Boolean
        Private _denyReadPermissions As Boolean
        Private _denySynchronize As Boolean
        Private _denyTakeOwnership As Boolean
        Private _denyTraverse As Boolean
        Private _denyWrite As Boolean
        Private _denyWriteAttributes As Boolean
        Private _denyWriteData As Boolean
        Private _denyWriteExtendedAttributes As Boolean

        Private _allowAppendData As Boolean
        Private _allowChangePermissions As Boolean
        Private _allowCreateDirectories As Boolean
        Private _allowCreateFiles As Boolean
        Private _allowDelete As Boolean
        Private _allowDeleteSubdirectoriesAndFiles As Boolean
        Private _allowExecuteFile As Boolean
        Private _allowFullControl As Boolean
        Private _allowListDirectory As Boolean
        Private _allowModify As Boolean
        Private _allowRead As Boolean
        Private _allowReadAndExecute As Boolean
        Private _allowReadAttributes As Boolean
        Private _allowReadData As Boolean
        Private _allowReadExtendedAttributes As Boolean
        Private _allowReadPermissions As Boolean
        Private _allowSynchronize As Boolean
        Private _allowTakeOwnership As Boolean
        Private _allowTraverse As Boolean
        Private _allowWrite As Boolean
        Private _allowWriteAttributes As Boolean
        Private _allowWriteData As Boolean
        Private _allowWriteExtendedAttributes As Boolean

        Public Function CanAppendData() As Boolean
            Return Not _denyAppendData AndAlso _allowAppendData
        End Function
        Public Function CanChangePermissions() As Boolean
            Return Not _denyChangePermissions AndAlso _allowChangePermissions
        End Function
        Public Function CanCreateDirectories() As Boolean
            Return Not _denyCreateDirectories AndAlso _allowCreateDirectories
        End Function
        Public Function CanCreateFiles() As Boolean
            Return Not _denyCreateFiles AndAlso _allowCreateFiles
        End Function
        Public Function CanDelete() As Boolean
            Return Not _denyDelete AndAlso _allowDelete
        End Function
        Public Function CanDeleteSubdirectoriesAndFiles() As Boolean
            Return Not _denyDeleteSubdirectoriesAndFiles AndAlso _allowDeleteSubdirectoriesAndFiles
        End Function
        Public Function CanExecuteFile() As Boolean
            Return Not _denyExecuteFile AndAlso _allowExecuteFile
        End Function
        Public Function CanFullControl() As Boolean
            Return Not _denyFullControl AndAlso _allowFullControl
        End Function
        Public Function CanListDirectory() As Boolean
            Return Not _denyListDirectory AndAlso _allowListDirectory
        End Function
        Public Function CanModify() As Boolean
            Return Not _denyModify AndAlso _allowModify
        End Function
        Public Function CanRead() As Boolean
            Return Not _denyRead AndAlso _allowRead
        End Function
        Public Function CanReadAndExecute() As Boolean
            Return Not _denyReadAndExecute AndAlso _allowReadAndExecute
        End Function
        Public Function CanReadAttributes() As Boolean
            Return Not _denyReadAttributes AndAlso _allowReadAttributes
        End Function
        Public Function CanReadData() As Boolean
            Return Not _denyReadData AndAlso _allowReadData
        End Function
        Public Function CanReadExtendedAttributes() As Boolean
            Return Not _denyReadExtendedAttributes AndAlso _allowReadExtendedAttributes
        End Function
        Public Function CanReadPermissions() As Boolean
            Return Not _denyReadPermissions AndAlso _allowReadPermissions
        End Function
        Public Function CanSynchronize() As Boolean
            Return Not _denySynchronize AndAlso _allowSynchronize
        End Function
        Public Function CanTakeOwnership() As Boolean
            Return Not _denyTakeOwnership AndAlso _allowTakeOwnership
        End Function
        Public Function CanTraverse() As Boolean
            Return Not _denyTraverse AndAlso _allowTraverse
        End Function
        Public Function CanWrite() As Boolean
            Return Not _denyWrite AndAlso _allowWrite
        End Function
        Public Function CanWriteAttributes() As Boolean
            Return Not _denyWriteAttributes AndAlso _allowWriteAttributes
        End Function
        Public Function CanWriteData() As Boolean
            Return Not _denyWriteData AndAlso _allowWriteData
        End Function
        Public Function CanWriteExtendedAttributes() As Boolean
            Return Not _denyWriteExtendedAttributes AndAlso _allowWriteExtendedAttributes
        End Function

        Public Sub New(path As String)
            Me.New(path, WindowsIdentity.GetCurrent())
        End Sub

        Public Sub New(path As String, principal As WindowsIdentity)
            Dim fi As New FileInfo(path)
            Dim acl As AuthorizationRuleCollection = fi.GetAccessControl().GetAccessRules(True, True, GetType(SecurityIdentifier))

            For i As Integer = 0 To acl.Count - 1
                Dim rule As FileSystemAccessRule = DirectCast(acl(i), FileSystemAccessRule)

                If rule Is Nothing OrElse Not principal.User.Equals(rule.IdentityReference) Then
                    Continue For
                End If

                If AccessControlType.Deny.Equals(rule.AccessControlType) Then
                    If Contains(FileSystemRights.AppendData, rule) Then
                        _denyAppendData = True
                    End If
                    If Contains(FileSystemRights.ChangePermissions, rule) Then
                        _denyChangePermissions = True
                    End If
                    If Contains(FileSystemRights.CreateDirectories, rule) Then
                        _denyCreateDirectories = True
                    End If
                    If Contains(FileSystemRights.CreateFiles, rule) Then
                        _denyCreateFiles = True
                    End If
                    If Contains(FileSystemRights.Delete, rule) Then
                        _denyDelete = True
                    End If
                    If Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule) Then
                        _denyDeleteSubdirectoriesAndFiles = True
                    End If
                    If Contains(FileSystemRights.ExecuteFile, rule) Then
                        _denyExecuteFile = True
                    End If
                    If Contains(FileSystemRights.FullControl, rule) Then
                        _denyFullControl = True
                    End If
                    If Contains(FileSystemRights.ListDirectory, rule) Then
                        _denyListDirectory = True
                    End If
                    If Contains(FileSystemRights.Modify, rule) Then
                        _denyModify = True
                    End If
                    If Contains(FileSystemRights.Read, rule) Then
                        _denyRead = True
                    End If
                    If Contains(FileSystemRights.ReadAndExecute, rule) Then
                        _denyReadAndExecute = True
                    End If
                    If Contains(FileSystemRights.ReadAttributes, rule) Then
                        _denyReadAttributes = True
                    End If
                    If Contains(FileSystemRights.ReadData, rule) Then
                        _denyReadData = True
                    End If
                    If Contains(FileSystemRights.ReadExtendedAttributes, rule) Then
                        _denyReadExtendedAttributes = True
                    End If
                    If Contains(FileSystemRights.ReadPermissions, rule) Then
                        _denyReadPermissions = True
                    End If
                    If Contains(FileSystemRights.Synchronize, rule) Then
                        _denySynchronize = True
                    End If
                    If Contains(FileSystemRights.TakeOwnership, rule) Then
                        _denyTakeOwnership = True
                    End If
                    If Contains(FileSystemRights.Traverse, rule) Then
                        _denyTraverse = True
                    End If
                    If Contains(FileSystemRights.Write, rule) Then
                        _denyWrite = True
                    End If
                    If Contains(FileSystemRights.WriteAttributes, rule) Then
                        _denyWriteAttributes = True
                    End If
                    If Contains(FileSystemRights.WriteData, rule) Then
                        _denyWriteData = True
                    End If
                    If Contains(FileSystemRights.WriteExtendedAttributes, rule) Then
                        _denyWriteExtendedAttributes = True
                    End If
                ElseIf AccessControlType.Allow.Equals(rule.AccessControlType) Then
                    If Contains(FileSystemRights.AppendData, rule) Then
                        _allowAppendData = True
                    End If
                    If Contains(FileSystemRights.ChangePermissions, rule) Then
                        _allowChangePermissions = True
                    End If
                    If Contains(FileSystemRights.CreateDirectories, rule) Then
                        _allowCreateDirectories = True
                    End If
                    If Contains(FileSystemRights.CreateFiles, rule) Then
                        _allowCreateFiles = True
                    End If
                    If Contains(FileSystemRights.Delete, rule) Then
                        _allowDelete = True
                    End If
                    If Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule) Then
                        _allowDeleteSubdirectoriesAndFiles = True
                    End If
                    If Contains(FileSystemRights.ExecuteFile, rule) Then
                        _allowExecuteFile = True
                    End If
                    If Contains(FileSystemRights.FullControl, rule) Then
                        _allowFullControl = True
                    End If
                    If Contains(FileSystemRights.ListDirectory, rule) Then
                        _allowListDirectory = True
                    End If
                    If Contains(FileSystemRights.Modify, rule) Then
                        _allowModify = True
                    End If
                    If Contains(FileSystemRights.Read, rule) Then
                        _allowRead = True
                    End If
                    If Contains(FileSystemRights.ReadAndExecute, rule) Then
                        _allowReadAndExecute = True
                    End If
                    If Contains(FileSystemRights.ReadAttributes, rule) Then
                        _allowReadAttributes = True
                    End If
                    If Contains(FileSystemRights.ReadData, rule) Then
                        _allowReadData = True
                    End If
                    If Contains(FileSystemRights.ReadExtendedAttributes, rule) Then
                        _allowReadExtendedAttributes = True
                    End If
                    If Contains(FileSystemRights.ReadPermissions, rule) Then
                        _allowReadPermissions = True
                    End If
                    If Contains(FileSystemRights.Synchronize, rule) Then
                        _allowSynchronize = True
                    End If
                    If Contains(FileSystemRights.TakeOwnership, rule) Then
                        _allowTakeOwnership = True
                    End If
                    If Contains(FileSystemRights.Traverse, rule) Then
                        _allowTraverse = True
                    End If
                    If Contains(FileSystemRights.Write, rule) Then
                        _allowWrite = True
                    End If
                    If Contains(FileSystemRights.WriteAttributes, rule) Then
                        _allowWriteAttributes = True
                    End If
                    If Contains(FileSystemRights.WriteData, rule) Then
                        _allowWriteData = True
                    End If
                    If Contains(FileSystemRights.WriteExtendedAttributes, rule) Then
                        _allowWriteExtendedAttributes = True
                    End If
                End If
            Next

            Dim groups As IdentityReferenceCollection = principal.Groups

            For j As Integer = 0 To groups.Count - 1
                For i As Integer = 0 To acl.Count - 1
                    Dim rule As FileSystemAccessRule = DirectCast(acl(i), FileSystemAccessRule)

                    If Not groups(j).Equals(rule.IdentityReference) Then
                        Continue For
                    End If

                    If AccessControlType.Deny.Equals(rule.AccessControlType) Then
                        If Contains(FileSystemRights.AppendData, rule) Then
                            _denyAppendData = True
                        End If
                        If Contains(FileSystemRights.ChangePermissions, rule) Then
                            _denyChangePermissions = True
                        End If
                        If Contains(FileSystemRights.CreateDirectories, rule) Then
                            _denyCreateDirectories = True
                        End If
                        If Contains(FileSystemRights.CreateFiles, rule) Then
                            _denyCreateFiles = True
                        End If
                        If Contains(FileSystemRights.Delete, rule) Then
                            _denyDelete = True
                        End If
                        If Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule) Then
                            _denyDeleteSubdirectoriesAndFiles = True
                        End If
                        If Contains(FileSystemRights.ExecuteFile, rule) Then
                            _denyExecuteFile = True
                        End If
                        If Contains(FileSystemRights.FullControl, rule) Then
                            _denyFullControl = True
                        End If
                        If Contains(FileSystemRights.ListDirectory, rule) Then
                            _denyListDirectory = True
                        End If
                        If Contains(FileSystemRights.Modify, rule) Then
                            _denyModify = True
                        End If
                        If Contains(FileSystemRights.Read, rule) Then
                            _denyRead = True
                        End If
                        If Contains(FileSystemRights.ReadAndExecute, rule) Then
                            _denyReadAndExecute = True
                        End If
                        If Contains(FileSystemRights.ReadAttributes, rule) Then
                            _denyReadAttributes = True
                        End If
                        If Contains(FileSystemRights.ReadData, rule) Then
                            _denyReadData = True
                        End If
                        If Contains(FileSystemRights.ReadExtendedAttributes, rule) Then
                            _denyReadExtendedAttributes = True
                        End If
                        If Contains(FileSystemRights.ReadPermissions, rule) Then
                            _denyReadPermissions = True
                        End If
                        If Contains(FileSystemRights.Synchronize, rule) Then
                            _denySynchronize = True
                        End If
                        If Contains(FileSystemRights.TakeOwnership, rule) Then
                            _denyTakeOwnership = True
                        End If
                        If Contains(FileSystemRights.Traverse, rule) Then
                            _denyTraverse = True
                        End If
                        If Contains(FileSystemRights.Write, rule) Then
                            _denyWrite = True
                        End If
                        If Contains(FileSystemRights.WriteAttributes, rule) Then
                            _denyWriteAttributes = True
                        End If
                        If Contains(FileSystemRights.WriteData, rule) Then
                            _denyWriteData = True
                        End If
                        If Contains(FileSystemRights.WriteExtendedAttributes, rule) Then
                            _denyWriteExtendedAttributes = True
                        End If
                    ElseIf AccessControlType.Allow.Equals(rule.AccessControlType) Then
                        If Contains(FileSystemRights.AppendData, rule) Then
                            _allowAppendData = True
                        End If
                        If Contains(FileSystemRights.ChangePermissions, rule) Then
                            _allowChangePermissions = True
                        End If
                        If Contains(FileSystemRights.CreateDirectories, rule) Then
                            _allowCreateDirectories = True
                        End If
                        If Contains(FileSystemRights.CreateFiles, rule) Then
                            _allowCreateFiles = True
                        End If
                        If Contains(FileSystemRights.Delete, rule) Then
                            _allowDelete = True
                        End If
                        If Contains(FileSystemRights.DeleteSubdirectoriesAndFiles, rule) Then
                            _allowDeleteSubdirectoriesAndFiles = True
                        End If
                        If Contains(FileSystemRights.ExecuteFile, rule) Then
                            _allowExecuteFile = True
                        End If
                        If Contains(FileSystemRights.FullControl, rule) Then
                            _allowFullControl = True
                        End If
                        If Contains(FileSystemRights.ListDirectory, rule) Then
                            _allowListDirectory = True
                        End If
                        If Contains(FileSystemRights.Modify, rule) Then
                            _allowModify = True
                        End If
                        If Contains(FileSystemRights.Read, rule) Then
                            _allowRead = True
                        End If
                        If Contains(FileSystemRights.ReadAndExecute, rule) Then
                            _allowReadAndExecute = True
                        End If
                        If Contains(FileSystemRights.ReadAttributes, rule) Then
                            _allowReadAttributes = True
                        End If
                        If Contains(FileSystemRights.ReadData, rule) Then
                            _allowReadData = True
                        End If
                        If Contains(FileSystemRights.ReadExtendedAttributes, rule) Then
                            _allowReadExtendedAttributes = True
                        End If
                        If Contains(FileSystemRights.ReadPermissions, rule) Then
                            _allowReadPermissions = True
                        End If
                        If Contains(FileSystemRights.Synchronize, rule) Then
                            _allowSynchronize = True
                        End If
                        If Contains(FileSystemRights.TakeOwnership, rule) Then
                            _allowTakeOwnership = True
                        End If
                        If Contains(FileSystemRights.Traverse, rule) Then
                            _allowTraverse = True
                        End If
                        If Contains(FileSystemRights.Write, rule) Then
                            _allowWrite = True
                        End If
                        If Contains(FileSystemRights.WriteAttributes, rule) Then
                            _allowWriteAttributes = True
                        End If
                        If Contains(FileSystemRights.WriteData, rule) Then
                            _allowWriteData = True
                        End If
                        If Contains(FileSystemRights.WriteExtendedAttributes, rule) Then
                            _allowWriteExtendedAttributes = True
                        End If
                    End If
                Next
            Next
        End Sub

        Public Overrides Function ToString() As String
            Dim str As String = ""

            If CanAppendData() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "AppendData"
            End If
            If CanChangePermissions() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "ChangePermissions"
            End If
            If CanCreateDirectories() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "CreateDirectories"
            End If
            If CanCreateFiles() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "CreateFiles"
            End If
            If CanDelete() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "Delete"
            End If
            If CanDeleteSubdirectoriesAndFiles() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "DeleteSubdirectoriesAndFiles"
            End If
            If CanExecuteFile() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "ExecuteFile"
            End If
            If CanFullControl() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "FullControl"
            End If
            If CanListDirectory() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "ListDirectory"
            End If
            If CanModify() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "Modify"
            End If
            If CanRead() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "Read"
            End If
            If CanReadAndExecute() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "ReadAndExecute"
            End If
            If CanReadAttributes() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "ReadAttributes"
            End If
            If CanReadData() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "ReadData"
            End If
            If CanReadExtendedAttributes() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "ReadExtendedAttributes"
            End If
            If CanReadPermissions() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "ReadPermissions"
            End If
            If CanSynchronize() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "Synchronize"
            End If
            If CanTakeOwnership() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "TakeOwnership"
            End If
            If CanTraverse() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "Traverse"
            End If
            If CanWrite() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "Write"
            End If
            If CanWriteAttributes() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "WriteAttributes"
            End If
            If CanWriteData() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "WriteData"
            End If
            If CanWriteExtendedAttributes() Then
                If Not String.IsNullOrEmpty(str) Then
                    str += ","
                End If
                str += "WriteExtendedAttributes"
            End If
            If String.IsNullOrEmpty(str) Then
                str = "None"
            End If

            Return str
        End Function

        Private Function Contains(right As FileSystemRights, rule As FileSystemAccessRule) As Boolean
            Return (CInt(right) And CInt(rule.FileSystemRights)) = CInt(right)
        End Function
    End Class
End Namespace

Para realizar una prueba соло сухожилия:

    Dim rights = New UserFileAccessRights("C:\Inetpub")
    Console.WriteLine(rights.ToString())

    If (rights.CanWrite() And rights.CanRead()) Then
        Console.WriteLine("Acceso de lectura y escritura")
    Else
        If (rights.CanWrite()) Then
            Console.WriteLine("Acceso de solo escritura")
        ElseIf (rights.CanRead()) Then
            Console.WriteLine("Acceso de solo lectura")
        Else
            Console.WriteLine(rights.ToString())
        End If
    End If

En base al código incredriís que adecuar lo que necescesas.


1
ответ дан 03.12.2019, 17:05
  • 1
    Большое спасибо, probaré с có я говорю, что ты делишь меня, и комментирую позже результаты. –  14.02.2017, 18:39