Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

vb.net adding permissions to a folder for multiple users? help me with this code please

Posted on 2013-01-10
6
Medium Priority
?
1,302 Views
Last Modified: 2013-01-10
This procedure works great for adding ONE user to a folder but if I run it for multiple times (one for each user) it overwrites the security of the whole folder. Is there a way to just append the rights without overwriting everything?


Imports System.Security.AccessControl

    Friend Enum DirectoryPermission
        Full
        Modify
        AllExceptModifyAndFull
        AllExceptFull
        ReadAndExecute
        ListContents
        Read
        Write
        Custom
        None
    End Enum

Private Sub SetDirectoryPermissions(ByVal Directory As String, ByVal Permissions As DirectoryPermission, Optional ByVal Domain As String = Nothing, Optional ByVal User As String = Nothing, Optional ByVal Custom As Long = 0)
        ' Get the ACL for the directory just created
        Dim oACL As Security.AccessControl.DirectorySecurity = IO.Directory.GetAccessControl(IO.Path.GetDirectoryName(Directory), Security.AccessControl.AccessControlSections.Access)
        Dim lRights As Long = 0
        Dim lInheritance As Long


        'Dim oUserSid As Security.Principal.SecurityIdentifier
        'If Not IsNothing(Domain) AndAlso Not IsNothing(User) Then
        '    oUserSid = New Security.Principal.NTAccount(Domain, User).Translate(GetType(Security.Principal.SecurityIdentifier))
        'ElseIf Not IsNothing(User) Then
        '    oUserSid = New Security.Principal.NTAccount(User).Translate(GetType(Security.Principal.SecurityIdentifier))
        'Else
        '    ' Create a security Identifier for the BUILTIN\Users group to be passed to the new access rule
        '    oUserSid = New Security.Principal.SecurityIdentifier(Security.Principal.WellKnownSidType.BuiltinUsersSid, Nothing)
        'End If


        Dim oUserSid As Security.Principal.SecurityIdentifier
        Try
            oUserSid = New Security.Principal.NTAccount(Domain, User).Translate(GetType(Security.Principal.SecurityIdentifier))
        Catch
            frmDebug.Message(vbCrLf & "**** Unable to find user! ****" & vbCrLf)
            Exit Sub
        End Try



        Select Case Permissions
            Case DirectoryPermission.Full
                lRights = Security.AccessControl.FileSystemRights.FullControl
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.Modify
                lRights = Security.AccessControl.FileSystemRights.Modify Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.ReadAndExecute
                lRights = Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.AllExceptModifyAndFull
                lRights = Security.AccessControl.FileSystemRights.Write Or Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.AllExceptFull
                lRights = Security.AccessControl.FileSystemRights.Write Or Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Modify Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.ListContents
                lRights = Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit
            Case DirectoryPermission.Read
                lRights = Security.AccessControl.FileSystemRights.Read Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.Write
                lRights = Security.AccessControl.FileSystemRights.Write Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.Custom
                lRights = Custom
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.None
                lRights = 0
                lInheritance = 0
        End Select

        ' Create the rule that needs to be added to the ACL
        Dim oRule As New Security.AccessControl.FileSystemAccessRule(oUserSid,
                                                                     lRights,
                                                                     lInheritance,
                                                                     Security.AccessControl.PropagationFlags.None,
                                                                     Security.AccessControl.AccessControlType.Allow)

        ' Add the new rule to our ACL
        oACL.AddAccessRule(oRule)
       



        ' Update the directory to include the new rules created
        System.IO.Directory.SetAccessControl(Directory, oACL)





    End Sub
0
Comment
Question by:WTarlton
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 83

Expert Comment

by:CodeCruiser
ID: 38763463
What happens if you change this

Dim oACL As Security.AccessControl.DirectorySecurity = IO.Directory.GetAccessControl(IO.Path.GetDirectoryName(Directory), Security.AccessControl.AccessControlSections.Access)

to

Dim oACL As Security.AccessControl.DirectorySecurity = IO.Directory.GetAccessControl(IO.Path.GetDirectoryName(Directory))

?
0
 
LVL 42

Accepted Solution

by:
Meir Rivkin earned 2000 total points
ID: 38763489
try the following function:
    Private Sub SetPermission(username As String, folder As String, fsRights As FileSystemRights)
        Dim di As DirectoryInfo = New DirectoryInfo(folder)
        Dim ds As DirectorySecurity = di.GetAccessControl()
        ds.AddAccessRule(New FileSystemAccessRule(username, fsRights, InheritanceFlags.ContainerInherit & InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow))
        di.SetAccessControl(ds)
    End Sub

Open in new window

0
 

Author Comment

by:WTarlton
ID: 38763494
Thanks for trying to help. Same behavior made no difference.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 42

Expert Comment

by:Meir Rivkin
ID: 38763500
example usage:

  SetPermission(Environment.MachineName & "\ASPNET", "c:\shared", FileSystemRights.Read & FileSystemRights.Write)

Open in new window

0
 

Author Comment

by:WTarlton
ID: 38763541
sedgwick,

That worked and was able to add multiple users. I had to change the InheritanceFlags.ContainerInherit & InheritanceFlags.ObjectInherit to InheritanceFlags.None because it threw an error.

One problem with this method however is that it is adding the rights as "Special Permissions" which I don't want.
0
 

Author Comment

by:WTarlton
ID: 38763558
Got it fixed! This is your code with the changes

 Private Sub SetPermission(username As String, folder As String, fsRights As FileSystemRights)
        Dim di As DirectoryInfo = New DirectoryInfo(folder)
        Dim ds As DirectorySecurity = di.GetAccessControl()
        ds.AddAccessRule(New FileSystemAccessRule(username, fsRights, Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow))
        di.SetAccessControl(ds)
    End Sub
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Creating an analog clock UserControl seems fairly straight forward.  It is, after all, essentially just a circle with several lines in it!  Two common approaches for rendering an analog clock typically involve either manually calculating points with…
A long time ago (May 2011), I have written an article showing you how to create a DLL using Visual Studio 2005 to be hosted in SQL Server 2005. That was valid at that time and it is still valid if you are still using these versions. You can still re…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question