The System.Security.AccessControl namespace provides programming elements to control access to and audit security-related actions on securable objects. In this article, we will see how to display security information of files kept in a directory.
Step 1: Our first step is to loop through all the files in the Directory. With .NET 4.0, it becomes easier to enumerate directories and files. We will use the DirectoryInfo.EnumerateFiles which returns an enumerable collection of file information in the current directory as shown below:
C#
string dirLocation = @"C:\Program Files\IIS\Microsoft Web Deploy\";
// IEnumerable<FileInfo> new to .NET 4.0
var fileInfo = new DirectoryInfo(dirLocation)
.EnumerateFiles();
foreach (var file in fileInfo)
{
}
Step 2: In the next step, we will loop through the IEnumerable<FileInfo> collection obtained using DirectoryInfo.EnumerateFiles() and then use the File.GetAccessControl method to access a FileSecurity object, that encapsulates the access control list (ACL) entries for a specified file. This class represents access rights as a set of rules. The FileSystem.GetAccessRules gets a collection of the access rules associated with the specified security identifier, in our case NTAccount which is a user or group account name on the machine.
C#
foreach (var file in fileInfo)
{
Console.WriteLine("----Access Control List Entries for {0}---- \n",
file.Name);
FileSecurity fileSec = file.GetAccessControl();
var authRuleColl =
fileSec.GetAccessRules(true, true, typeof(NTAccount));
...
}
Step 3: The last step is to loop through this collection of access rules (AuthorizationRuleCollection) to access each rule, represented by a FileSystemAccessRule object and print it.
C#
foreach (FileSystemAccessRule fsaRule in authRuleColl)
{
Console.WriteLine("IdentityReference: {0}",
fsaRule.IdentityReference);
Console.WriteLine("AccessControlType: {0}",
fsaRule.AccessControlType);
Console.WriteLine("FileSystemRights: {0}",
fsaRule.FileSystemRights);
Console.WriteLine();
}
The entire source is given here:
C#
using System;
using System.IO;
using System.Security.AccessControl;
using System.Security.Principal;
namespace ConsoleApplication2
{
class Program
{
static void Main(string[] args)
{
string dirLocation = @"C:\Program Files\IIS\Microsoft Web Deploy\";
// IEnumerable<FileInfo> new to .NET 4.0
var fileInfo = new DirectoryInfo(dirLocation)
.EnumerateFiles();
foreach (var file in fileInfo)
{
Console.WriteLine("----Access Control List Entries for {0}---- \n",
file.Name);
FileSecurity fileSec = file.GetAccessControl();
var authRuleColl =
fileSec.GetAccessRules(true, true, typeof(NTAccount));
foreach (FileSystemAccessRule fsaRule in authRuleColl)
{
Console.WriteLine("IdentityReference: {0}",
fsaRule.IdentityReference);
Console.WriteLine("AccessControlType: {0}",
fsaRule.AccessControlType);
Console.WriteLine("FileSystemRights: {0}",
fsaRule.FileSystemRights);
Console.WriteLine();
}
Console.WriteLine("---------------------------");
}
Console.ReadLine();
}
}
}
OUTPUT
No comments:
Post a Comment