Check Read and Write Permission in folder with C#

Asked

Viewed 1,022 times

1

I would like to check if the user has read and write permission in a given path.

Update: The folder will most often be in a network path.

  • @Marco Giovanni, sorry, I forgot to mention that the folder is in a network path most of the time.

1 answer

2


Hello... I use the class below to check if the user has access to folders or files...

In the implementation is like this:

if (!CurrentUserSecurity.HasAccess(new DirectoryInfo(temp), System.Security.AccessControl.FileSystemRights.CreateDirectories))
        {
            MessageBox.Show("Sem permissão ao caminho " + temp, "Atenção", MessageBoxButtons.OK, MessageBoxIcon.Error);
            return;
        }


public class CurrentUserSecurity
{
    static WindowsIdentity _currentUser;
    static WindowsPrincipal _currentPrincipal;

    static CurrentUserSecurity()
    {
        _currentUser = WindowsIdentity.GetCurrent();
        _currentPrincipal = new WindowsPrincipal(WindowsIdentity.GetCurrent());
    }

    public static bool HasAccess(DirectoryInfo directory, FileSystemRights right)
    {
        // Get the collection of authorization rules that apply to the directory.
        AuthorizationRuleCollection acl = directory.GetAccessControl()
            .GetAccessRules(true, true, typeof(SecurityIdentifier));
        return HasFileOrDirectoryAccess(right, acl);
    }

    public static bool HasAccess(FileInfo file, FileSystemRights right)
    {
        // Get the collection of authorization rules that apply to the file.
        AuthorizationRuleCollection acl = file.GetAccessControl()
            .GetAccessRules(true, true, typeof(SecurityIdentifier));
        return HasFileOrDirectoryAccess(right, acl);
    }

    private static bool HasFileOrDirectoryAccess(FileSystemRights right,
                                          AuthorizationRuleCollection acl)
    {
        bool allow = false;
        bool inheritedAllow = false;
        bool inheritedDeny = false;

        for (int i = 0; i < acl.Count; i++)
        {
            FileSystemAccessRule currentRule = (FileSystemAccessRule)acl[i];
            // If the current rule applies to the current user.
            if (_currentUser.User.Equals(currentRule.IdentityReference) ||
                _currentPrincipal.IsInRole(
                                (SecurityIdentifier)currentRule.IdentityReference))
            {

                if (currentRule.AccessControlType.Equals(AccessControlType.Deny))
                {
                    if ((currentRule.FileSystemRights & right) == right)
                    {
                        if (currentRule.IsInherited)
                        {
                            inheritedDeny = true;
                        }
                        else
                        { // Non inherited "deny" takes overall precedence.
                            return false;
                        }
                    }
                }
                else if (currentRule.AccessControlType
                                                .Equals(AccessControlType.Allow))
                {
                    if ((currentRule.FileSystemRights & right) == right)
                    {
                        if (currentRule.IsInherited)
                        {
                            inheritedAllow = true;
                        }
                        else
                        {
                            allow = true;
                        }
                    }
                }
            }
        }

        if (allow)
        { // Non inherited "allow" takes precedence over inherited rules.
            return true;
        }
        return inheritedAllow && !inheritedDeny;
    }
}

Browser other questions tagged

You are not signed in. Login or sign up in order to post.