设置Windows系统NTFS某个目录的用户访问权限(c#)

类别:.NET开发 点击:0 评论:0 推荐:

using System;

using System.Drawing;

using System.Collections;

using System.ComponentModel;

using System.Windows.Forms;

using System.Data;

using System.Management;

using System.Text;

using System.Runtime.InteropServices;

namespace SetAcl

{

     /// <summary>

     /// Form1 的摘要说明。

     /// </summary>

     public class Form1 : System.Windows.Forms.Form

     {

         private System.Windows.Forms.TextBox textBox1;

         private System.Windows.Forms.TextBox textBox2;

         private System.Windows.Forms.Button SetAcl;

         private System.Windows.Forms.Label label1;

         private System.Windows.Forms.Label label2;

         private System.Windows.Forms.Button button1;

         /// <summary>

         /// 必需的设计器变量。

         /// </summary>

         private System.ComponentModel.Container components = null;

 

         public Form1()

         {

              //

              // Windows 窗体设计器支持所必需的

              //

              InitializeComponent();

 

              //

              // TODO: 在 InitializeComponent 调用后添加任何构造函数代码

              //

         }

 

         /// <summary>

         /// 清理所有正在使用的资源。

         /// </summary>

         protected override void Dispose( bool disposing )

         {

              if( disposing )

              {

                   if (components != null)

                   {

                       components.Dispose();

                   }

              }

              base.Dispose( disposing );

         }

 

         #region Windows Form Designer generated code

         /// <summary>

         /// 设计器支持所需的方法 - 不要使用代码编辑器修改

         /// 此方法的内容。

         /// </summary>

         private void InitializeComponent()

         {

              this.textBox1 = new System.Windows.Forms.TextBox();

              this.textBox2 = new System.Windows.Forms.TextBox();

              this.SetAcl = new System.Windows.Forms.Button();

              this.label1 = new System.Windows.Forms.Label();

              this.label2 = new System.Windows.Forms.Label();

              this.button1 = new System.Windows.Forms.Button();

              this.SuspendLayout();

              //

              // textBox1

              //

              this.textBox1.Location = new System.Drawing.Point(80, 32);

              this.textBox1.Name = "textBox1";

              this.textBox1.Size = new System.Drawing.Size(152, 21);

              this.textBox1.TabIndex = 0;

              this.textBox1.Text = "c:\\test";

              //

              // textBox2

              //

              this.textBox2.Location = new System.Drawing.Point(80, 80);

              this.textBox2.Name = "textBox2";

              this.textBox2.Size = new System.Drawing.Size(152, 21);

              this.textBox2.TabIndex = 1;

              this.textBox2.Text = "ASPNET";

              //

              // SetAcl

              //

              this.SetAcl.Location = new System.Drawing.Point(152, 136);

              this.SetAcl.Name = "SetAcl";

              this.SetAcl.TabIndex = 2;

              this.SetAcl.Text = "设置";

              this.SetAcl.Click += new System.EventHandler(this.SetAcl_Click);

              //

              // label1

              //

              this.label1.Location = new System.Drawing.Point(24, 80);

              this.label1.Name = "label1";

              this.label1.Size = new System.Drawing.Size(48, 23);

              this.label1.TabIndex = 5;

              this.label1.Text = "用户:";

              //

              // label2

              //

              this.label2.Location = new System.Drawing.Point(24, 32);

              this.label2.Name = "label2";

              this.label2.Size = new System.Drawing.Size(48, 23);

              this.label2.TabIndex = 6;

              this.label2.Text = "目录:";

              //

              // button1

              //

              this.button1.Location = new System.Drawing.Point(8, 168);

              this.button1.Name = "button1";

              this.button1.TabIndex = 7;

              this.button1.Text = "button1";

              this.button1.Click += new System.EventHandler(this.button1_Click);

              //

              // Form1

              //

              this.AutoScaleBaseSize = new System.Drawing.Size(6, 14);

              this.ClientSize = new System.Drawing.Size(280, 197);

              this.Controls.Add(this.button1);

              this.Controls.Add(this.label2);

              this.Controls.Add(this.label1);

              this.Controls.Add(this.SetAcl);

              this.Controls.Add(this.textBox2);

              this.Controls.Add(this.textBox1);

              this.MaximizeBox = false;

              this.MinimizeBox = false;

              this.Name = "Form1";

              this.Text = "Form1";

              this.ResumeLayout(false);

 

         }

         #endregion

 

         /// <summary>

         /// 应用程序的主入口点。

         /// </summary>

         [STAThread]

         static void Main()

         {

              Application.Run(new Form1());

         }

         [DllImport("advapi32.dll")]

         public static extern bool LookupAccountName(string lpSystemName, string lpAccountName,byte[] sid,ref int cbSid, StringBuilder ReferencedDomainName, ref int cbReferencedDomainName,ref int peUse);

        

         private void SetAcl_Click(object sender, System.EventArgs e)

         {

              string filePath=this.textBox1.Text;

              string userName=this.textBox2.Text;

              if(GetFileSystem(filePath.Substring(0,1))!="NTFS")

                   return;

              if(FindTrustee(filePath,userName))

                   return;

              SetDACL(filePath,userName);

         }

         private string GetFileSystem(string diskName)

         {

              string fileSystem="";

              System.Management.ManagementObjectSearcher diskClass=new ManagementObjectSearcher("select filesystem from Win32_LogicalDisk where name='"+diskName+":'");

              ManagementObjectCollection disks=diskClass.Get();

              foreach(ManagementObject disk in disks)

              {

                   PropertyDataCollection diskProperties=disk.Properties;

                   foreach (PropertyData diskProperty in diskProperties)

                   {

                       fileSystem = diskProperty.Value.ToString();

                   }

              }

              return fileSystem;

             

         }

         private bool FindTrustee(string filePath,string userName)

         {

              ArrayList trusteesName=new ArrayList();

              ManagementPath path = new ManagementPath( );

              path.Server = ".";

              path.NamespacePath = @"root\cimv2";

              path.RelativePath = @"Win32_LogicalFileSecuritySetting.Path='"+filePath+"'";                                    //定位到文件夹

              ManagementObject dir = new ManagementObject(path);

              ManagementBaseObject outParams = dir.InvokeMethod("GetSecurityDescriptor", null, null);                         //获取安全描述符

 

              if (((uint)(outParams.Properties["ReturnValue"].Value)) != 0)                                                        //OK

              {

                   throw new Exception("获取文件描述符失败");

              }

              ManagementBaseObject Descriptor = ((ManagementBaseObject)(outParams.Properties["Descriptor"].Value));

              ManagementBaseObject[] DaclObject = ((ManagementBaseObject[])(Descriptor.Properties["Dacl"].Value));   //获取访问控制列表

              for(int i=0;i<DaclObject.Length;i++)

              {

                   trusteesName.Add(((ManagementBaseObject)DaclObject[i].Properties["Trustee"].Value).Properties["Name"].Value);

              }

              return trusteesName.Contains(userName);                

         }

         private void SetDACL(string filePath,string userName)

         {

              //获取帐户信息

              int cbSid = 100;

              byte[] userSid = new byte[28] ;

              StringBuilder domainName=new StringBuilder(255);

              int domainNameLength = 255;

              int sidType =255;

              bool result = LookupAccountName(null, userName,userSid, ref cbSid, domainName,ref domainNameLength,ref sidType);

              if(!result)

                   return;

              //获取文件描述符

              ManagementPath path = new ManagementPath();

              path.Server = ".";

              path.NamespacePath = @"root\cimv2";

              path.RelativePath = @"Win32_LogicalFileSecuritySetting.Path='"+filePath+"'";

              ManagementObject dir = new ManagementObject(path);

              ManagementBaseObject outParams = dir.InvokeMethod("GetSecurityDescriptor", null, null);

              if (((uint)(outParams.Properties["ReturnValue"].Value)) != 0)

              {

                   throw new Exception("获取文件描述符失败");

              }

              ManagementBaseObject Descriptor = ((ManagementBaseObject)(outParams.Properties["Descriptor"].Value));

              //获取访问控制列表

              ManagementBaseObject[] DaclObject = ((ManagementBaseObject[])(Descriptor.Properties["Dacl"].Value));

             

              //复制一个访问控制项

              ManagementBaseObject ace=(ManagementBaseObject)DaclObject[0].Clone();

                           

              //设置访问控制项属性

              ManagementBaseObject trustee=(ManagementBaseObject)ace.Properties["Trustee"].Value;

              trustee.Properties["Domain"].Value=domainName.ToString();

              trustee.Properties["Name"].Value=userName;

              trustee.Properties["SID"].Value=userSid;

              trustee.Properties["SidLength"].Value=28;//trustee.Properties["SIDString"].Value="S-1-5-21-602162358-708899826-854245398-1005";

              ace.Properties["Trustee"].Value=trustee;

              ace.Properties["AccessMask"].Value=2032127;

              ace.Properties["AceFlags"].Value=3;

              ace.Properties["AceType"].Value=0;

              //复制一份访问控制列表,并将以上生成的访问控制项添加到其后。

              ManagementBaseObject[] newDacl=new ManagementBaseObject[DaclObject.Length+1];

              for(int i=0;i<DaclObject.Length;i++)

              {

                   newDacl[i]=DaclObject[i];

              }

              newDacl[DaclObject.Length]=ace;

              //将安全描述符的DACL属性设为新生成的访问控制列表

              Descriptor.Properties["Dacl"].Value=newDacl;

              //设置安全描述符

              dir.Scope.Options.EnablePrivileges=true;

              ManagementBaseObject inProperties=dir.GetMethodParameters("SetSecurityDescriptor");

              inProperties["Descriptor"] = Descriptor;

              outParams = dir.InvokeMethod("SetSecurityDescriptor", inProperties, null);

         }

 

         private void button1_Click(object sender, System.EventArgs e)

         {

              System.Management.ManagementObjectSearcher cmicWmi=new System.Management.ManagementObjectSearcher("SELECT * FROM Win32_BaseBoard");

              foreach(System.Management.ManagementObject cmicWmiObj in cmicWmi.Get())

              {

                   //Debug.WriteLine("bios序列号" & cmicWmiObj["SerialNumber"]);

                   this.textBox1.Text = "bios序列号" + cmicWmiObj["product"];

              }

 

 

         }

     }

}

 

本文地址:http://com.8s8s.com/it/it43686.htm