How check is app has file write security permissions?

  • Thread starter Thread starter Ed Sutton
  • Start date Start date
E

Ed Sutton

Is there an easy way to check using .NET 2.0?

Thanks in advance,

-Ed
 
Hi,

Ed said:
Is there an easy way to check using .NET 2.0?

Thanks in advance,

-Ed

Try to write, and catch the Exception.

HTH,
Laurent
 
|I answer to my own question, I wrote the following which does what I
needed.


/// <summary>
/// Returns true if specified identity name has the file system
rights for the specified file
/// </summary>
private static bool IdentityHasAccces(string identityName,
FileInfo fileInfo,
FileSystemRights
fileSystemRights)
{
identityName = identityName.ToUpper();
AuthorizationRuleCollection authorizationRuleCollection =
fileInfo.GetAccessControl().GetAccessRules(true, true,
typeof(NTAccount));
foreach (FileSystemAccessRule fileSystemAccessRule in
authorizationRuleCollection)
{
if (identityName ==
fileSystemAccessRule.IdentityReference.Value.ToUpper())
{
return AccessControlType.Allow ==
fileSystemAccessRule.AccessControlType &&
fileSystemRights ==
(fileSystemAccessRule.FileSystemRights & fileSystemRights);
}
}
return false;
}


if (false ==
IdentityHasAccces(System.Security.Principal.WindowsIdentity.GetCurrent().Name,

dbFileInfo,
FileSystemRights.Read | FileSystemRights.Write))
{
return;
}
|
 
Hi Laurent,

Thank you for your reply.
Try to write, and catch the Exception.

Good idea, that would have been much easier. I ended up writing a lot
of code using the following method:


/// <summary>
/// Returns true if specified identity name has the file system
/// rights for the specified file
/// </summary>
private static bool IdentityHasAccces(string identityName,
FileInfo fileInfo,
FileSystemRights
fileSystemRights)
{
identityName = identityName.ToUpper();
AuthorizationRuleCollection authorizationRuleCollection =
fileInfo.GetAccessControl().GetAccessRules(true,
true,typeof(NTAccount));

foreach (FileSystemAccessRule fileSystemAccessRule in
authorizationRuleCollection)
{
if (identityName ==
fileSystemAccessRule.IdentityReference.Value.ToUpper())
{
return AccessControlType.Allow ==
fileSystemAccessRule.AccessControlType && fileSystemRights
==(fileSystemAccessRule.FileSystemRights & fileSystemRights);
}
}
return false;
}

Example Usage:
--------------

if (false ==
IdentityHasAccces(System.Security.Principal.WindowsIdentity.GetCurrent().Name,
dbFileInfo,
FileSystemRights.Read | FileSystemRights.Write))
{
return;
}
 
Hi,

Ed said:
Hi Laurent,

Thank you for your reply.



Good idea, that would have been much easier. I ended up writing a lot
of code using the following method:

When did you get my message on your newsreader? I replied on the 28th of
Sept, 10 minutes after you posted. One day later you posted again in the
same thread, giving no indication that you had read my post. Maybe you
should consider using a different provider if my post showed late. It
would have saved you from writing the long code :-)

Greetings,
Laurent
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top