• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 616
  • Last Modified:

More Security Info on a directory

Using VB2005.
Thanks to some previous help I got here, I have working code that gets security information on a supplied directory. A sample of the code is below.
There are two things I can't figure out:
1) If one clicks on the Advanced button when viewing security, there are two ticks. "Inherit from parent the permission entries that apply to child objects." and "Replace permissions on all child objects..." How can I read the values of these

2) When changing permissions, there is an option to select "This Folder Only", "Subfolder and Files" etc.
How do I read these values? Its important as a user could have full rights on subfolders, but only read rights on the main folder.

Thanks



    Dim rowPermissions As FolderRightsRow
      Dim getInfo As System.IO.DirectoryInfo
      getInfo = My.Computer.FileSystem.GetDirectoryInfo(stDirectory)

      Try
         Dim col As AuthorizationRuleCollection = getInfo.GetAccessControl.GetAccessRules(True, True, Type.GetType("System.Security.Principal.NTAccount"))

         For Each rule As AuthorizationRule In col
            Dim frule As FileSystemAccessRule = CType(rule, FileSystemAccessRule)

            If (frule.FileSystemRights > 0) And (frule.FileSystemRights <= FileSystemRights.FullControl) Then

               rowPermissions = dtPermissions.NewRow

               rowPermissions.AC_Type = frule.AccessControlType.ToString()
               rowPermissions.RightsList = frule.FileSystemRights.ToString()

               If (frule.FileSystemRights And FileSystemRights.FullControl) = FileSystemRights.FullControl Then
                  rowPermissions.FullControl = True
               End If
0
jdhackett
Asked:
jdhackett
  • 3
  • 3
  • 2
2 Solutions
 
gbzhhuCommented:
0
 
grayeCommented:
Unfortuneately, those attributes are not supported by the built-in AccessControl classes.   That means you'll need to venture into the "dark side" of API programming.

I've got an article that might be of interest... it has downloadable VB.Net source code examples:

http://home.hot.rr.com/graye/Articles/PermissionCheck.htm
0
 
jdhackettAuthor Commented:
graye -thats a nice site you have there.
I'll try what gbzhhu suggests first, and come back when I've checked that out.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
jdhackettAuthor Commented:
Right, here's what I figured out so far for the values.

frule.PropagationFlags:
0: This is the default.
1: NoPropagateInherit. Set if 'Apply there Permissions to objects and/or containters within this container only' is ticked.
2: InheritOnly. Indicates permissions on Subfolder and Files only. Or Files only. Or Subfolders only. Need to check InheritanceFlags for more info.
3: NoPropagateInherit and InheritOnly are set.

frule.IsInherited:
True means that "Inherit from parent the permission entries that apply to child objects."  is ticked
False means its not ticked.

frule.InheritanceFlags
0: ThisFolderOnly is selected
1: ContainerInherit. Subfolders only is selected. Or This Folder and Subfolder
2: ObjectInherit. Files Only. Or This Folder and Files.
3: Default. 'This Folder, Sub Folder and Files' is selected.

I didn't find 'Replace Permissions on all child objects'. This flag doesn't stay set, you just tick it and click apply. Any ideas how I would that through code?
0
 
grayeCommented:
'Replace Permissions on all child objects' isn't an attribute... its an action.  (just like "delete" isn't an attribute of a file)
0
 
gbzhhuCommented:
Check out the DirectoryObjectSecurity class.  It has a method called SetAccessRuleProtection (inherited from ObjectSecurity base class)

Read the bottom of this page
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.objectsecurity.setaccessruleprotection.aspx

Note multiline URL!
0
 
jdhackettAuthor Commented:
Ok, reckon thats everything I need. Thanks lads.
0
 
gbzhhuCommented:
You are very welcome
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now