Solved

vb.net adding permissions to a folder for multiple users? help me with this code please

Posted on 2013-01-10
6
1,232 Views
Last Modified: 2013-01-10
This procedure works great for adding ONE user to a folder but if I run it for multiple times (one for each user) it overwrites the security of the whole folder. Is there a way to just append the rights without overwriting everything?


Imports System.Security.AccessControl

    Friend Enum DirectoryPermission
        Full
        Modify
        AllExceptModifyAndFull
        AllExceptFull
        ReadAndExecute
        ListContents
        Read
        Write
        Custom
        None
    End Enum

Private Sub SetDirectoryPermissions(ByVal Directory As String, ByVal Permissions As DirectoryPermission, Optional ByVal Domain As String = Nothing, Optional ByVal User As String = Nothing, Optional ByVal Custom As Long = 0)
        ' Get the ACL for the directory just created
        Dim oACL As Security.AccessControl.DirectorySecurity = IO.Directory.GetAccessControl(IO.Path.GetDirectoryName(Directory), Security.AccessControl.AccessControlSections.Access)
        Dim lRights As Long = 0
        Dim lInheritance As Long


        'Dim oUserSid As Security.Principal.SecurityIdentifier
        'If Not IsNothing(Domain) AndAlso Not IsNothing(User) Then
        '    oUserSid = New Security.Principal.NTAccount(Domain, User).Translate(GetType(Security.Principal.SecurityIdentifier))
        'ElseIf Not IsNothing(User) Then
        '    oUserSid = New Security.Principal.NTAccount(User).Translate(GetType(Security.Principal.SecurityIdentifier))
        'Else
        '    ' Create a security Identifier for the BUILTIN\Users group to be passed to the new access rule
        '    oUserSid = New Security.Principal.SecurityIdentifier(Security.Principal.WellKnownSidType.BuiltinUsersSid, Nothing)
        'End If


        Dim oUserSid As Security.Principal.SecurityIdentifier
        Try
            oUserSid = New Security.Principal.NTAccount(Domain, User).Translate(GetType(Security.Principal.SecurityIdentifier))
        Catch
            frmDebug.Message(vbCrLf & "**** Unable to find user! ****" & vbCrLf)
            Exit Sub
        End Try



        Select Case Permissions
            Case DirectoryPermission.Full
                lRights = Security.AccessControl.FileSystemRights.FullControl
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.Modify
                lRights = Security.AccessControl.FileSystemRights.Modify Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.ReadAndExecute
                lRights = Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.AllExceptModifyAndFull
                lRights = Security.AccessControl.FileSystemRights.Write Or Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.AllExceptFull
                lRights = Security.AccessControl.FileSystemRights.Write Or Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Modify Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.ListContents
                lRights = Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit
            Case DirectoryPermission.Read
                lRights = Security.AccessControl.FileSystemRights.Read Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.Write
                lRights = Security.AccessControl.FileSystemRights.Write Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.Custom
                lRights = Custom
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.None
                lRights = 0
                lInheritance = 0
        End Select

        ' Create the rule that needs to be added to the ACL
        Dim oRule As New Security.AccessControl.FileSystemAccessRule(oUserSid,
                                                                     lRights,
                                                                     lInheritance,
                                                                     Security.AccessControl.PropagationFlags.None,
                                                                     Security.AccessControl.AccessControlType.Allow)

        ' Add the new rule to our ACL
        oACL.AddAccessRule(oRule)
       



        ' Update the directory to include the new rules created
        System.IO.Directory.SetAccessControl(Directory, oACL)





    End Sub
0
Comment
Question by:WTarlton
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 83

Expert Comment

by:CodeCruiser
ID: 38763463
What happens if you change this

Dim oACL As Security.AccessControl.DirectorySecurity = IO.Directory.GetAccessControl(IO.Path.GetDirectoryName(Directory), Security.AccessControl.AccessControlSections.Access)

to

Dim oACL As Security.AccessControl.DirectorySecurity = IO.Directory.GetAccessControl(IO.Path.GetDirectoryName(Directory))

?
0
 
LVL 42

Accepted Solution

by:
sedgwick earned 500 total points
ID: 38763489
try the following function:
    Private Sub SetPermission(username As String, folder As String, fsRights As FileSystemRights)
        Dim di As DirectoryInfo = New DirectoryInfo(folder)
        Dim ds As DirectorySecurity = di.GetAccessControl()
        ds.AddAccessRule(New FileSystemAccessRule(username, fsRights, InheritanceFlags.ContainerInherit & InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow))
        di.SetAccessControl(ds)
    End Sub

Open in new window

0
 

Author Comment

by:WTarlton
ID: 38763494
Thanks for trying to help. Same behavior made no difference.
0
Monthly Recap

May was a big month for new releases from Linux Academy! Take a look at what our team built recently in our blog. You can access the newest releases from our blog.

 
LVL 42

Expert Comment

by:sedgwick
ID: 38763500
example usage:

  SetPermission(Environment.MachineName & "\ASPNET", "c:\shared", FileSystemRights.Read & FileSystemRights.Write)

Open in new window

0
 

Author Comment

by:WTarlton
ID: 38763541
sedgwick,

That worked and was able to add multiple users. I had to change the InheritanceFlags.ContainerInherit & InheritanceFlags.ObjectInherit to InheritanceFlags.None because it threw an error.

One problem with this method however is that it is adding the rights as "Special Permissions" which I don't want.
0
 

Author Comment

by:WTarlton
ID: 38763558
Got it fixed! This is your code with the changes

 Private Sub SetPermission(username As String, folder As String, fsRights As FileSystemRights)
        Dim di As DirectoryInfo = New DirectoryInfo(folder)
        Dim ds As DirectorySecurity = di.GetAccessControl()
        ds.AddAccessRule(New FileSystemAccessRule(username, fsRights, Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow))
        di.SetAccessControl(ds)
    End Sub
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Parsing a CSV file is a task that we are confronted with regularly, and although there are a vast number of means to do this, as a newbie, the field can be confusing and the tools can seem complex. A simple solution to parsing a customized CSV fi…
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question