none
Is it possible to read the permissions for a specific user on a specific folder without looping? RRS feed

  • Question

  • Hello,

    I've got a C# function that's setting the permissions for a built-in on a particular folder.  That's not that difficult.  I'm having problem with READING the permissions for a specific user and specific folder.  All the examples I find have you using the .GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)) to populate an AuthorizationRuleCollection. 

    Then they loop through each FileSystemAccessRule  in the collection.  I would expect that you could take your AuthorizationRuleCollection and pass in a  user name as a parameter and get back the rules for that user, but this doesn't seem possible.  If I knew the index of my user in the collection I could do something like AuthorizationRuleCollection[12], but I don't know the index.

    -Charlie

    Tuesday, July 17, 2012 7:29 PM

Answers

All replies

  • Hi Charlie,

    Welcome to the MSDN Forum.

    How about this way:

    AuthorizationRuleCollection[AuthorizationRuleCollection.InnerList.IndexOf(User)] 

    I hope this will be helpful.

    Best regards,


    Mike Feng
    MSDN Community Support | Feedback to us
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Wednesday, July 18, 2012 8:03 AM
    Moderator
  • It looks like that ought to work, according to:

    Help for AuthorizationRuleCollection

    What's strange is that I have the following code snippet and Intellisense seems to think that InnerList doesn't exist.  Any idea why?

    DirectorySecurity ds = new DirectorySecurity(myPath, AccessControlSections.All);
    ds.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)).InnerList  //Intellisense doesn't like InnerList here
    //I also tried assigning it to a variable like so
    AuthorizationRuleCollection arc = ds.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount));
    arc.InnerList;  //Intellisense doens't see InnerList here either.

    Thanks,

    Charlie


    Thursday, July 19, 2012 1:28 PM
  • I think that the problem is that InnerList is protected, so it's only accessible inside objects that inherit from ReadOnlyCollectionBase.  Meanwhile, AuthorizationRuleCollection is a sealed class, so I can't inherit from it.  If it weren't sealed I think I could derive a class from AuthorizationRuleCollection and then expose the InnerList somehow.  If I understand these class modifiers correctly, I don't think it's possible to get at the InnerList.  Intellisense does find InnerList in the following snippet:

        public class rocbChild : ReadOnlyCollectionBase
        {
            public ArrayList myInnerList;
            public rocbChild()
            {
                myInnerList = this.InnerList;
            }
        }

    -Charlie


    Thursday, July 19, 2012 2:57 PM
  • Hi Charlie,

    Yes, you are right, it is indeed because the "protected" modifier.

    How about this way: http://msdn.microsoft.com/en-us/library/system.security.accesscontrol.authorizationrulecollection.copyto.aspx 

    And this method should help you to find the index: http://msdn.microsoft.com/en-us/library/7eddebat.aspx  

    And then you can use this index to get your object.

    I hope this would be helpful this time.

    Best regards,


    Mike Feng
    MSDN Community Support | Feedback to us
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Friday, July 20, 2012 2:28 AM
    Moderator
  • Hi Mike,

    I'm not clear on how to use the CopyTo method or the array in this context.  The parameters are an AuthorizationRule(), which gets passed back out, apparently and an integer that tells it where to start copying from, so I'd pass zero for the second parm to get back everything. 

    What's confusing to me is that AuthorizationRule() is an abstract class.  So how would I pass one as a parameter to this method?  It appears I'd need to create a derived class that inherited from AuthorizationRule(), then instantiate a new object that's an instance of my derived class, then pass that as the first parameter to the CopyTo method.

    Thanks,

    -Charlie

    Monday, July 23, 2012 6:58 PM
  • Hi Charlie,

    The first parameter is an array, you don't need to make a derived class. This code works fine:

    AuthorizationRule[] rules = new AuthorizationRule[100];

    Best regards,


    Mike Feng
    MSDN Community Support | Feedback to us
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Tuesday, July 24, 2012 3:01 AM
    Moderator