/// <summary> /// 设置文件夹的ACL /// </summary> /// <param name="folderPath">文件夹路径</param> /// <param name="userName">用户</param> /// <param name="rights">权限</param> /// <param name="allowOrDeny">拒绝访问</param> /// <returns></returns> public static bool SetFolderACL( string folderPath, string userName, FileSystemRights rights, AccessControlType allowOrDeny) { //设定文件ACL继承 InheritanceFlags inherits = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit; return SetFolderACL(folderPath, userName, rights, allowOrDeny, inherits, PropagationFlags.None, AccessControlModification.Add); } /// <summary> /// 设置文件夹的ACL /// </summary> /// <param name="folderPath">文件夹路径</param> /// <param name="userName">用户</param> /// <param name="rights">权限</param> /// <param name="allowOrDeny">拒绝访问</param> /// <param name="inherits">ACL继承</param> /// <param name="propagateToChildren">应用于子文件夹及子文件</param> /// <param name="addResetOrRemove">修改类型</param> /// <returns></returns> public static bool SetFolderACL( string folderPath, string userName, FileSystemRights rights, AccessControlType allowOrDeny, InheritanceFlags inherits, PropagationFlags propagateToChildren, AccessControlModification addResetOrRemove) { bool result; //获取目录信息 var folder = new DirectoryInfo(folderPath); //获取当前文件夹ACL var dSecurity = folder.GetAccessControl(AccessControlSections.All); //设置新的ACL规则 var accRule = new FileSystemAccessRule(userName, rights, inherits, propagateToChildren, allowOrDeny); //修改文件夹ACL dSecurity.ModifyAccessRule(addResetOrRemove, accRule, out result); //应用新的ACL规则到文件夹 folder.SetAccessControl(dSecurity); //返回结果 return result; }
下面这样调用
var folderPath = System.AppDomain.CurrentDomain.BaseDirectory; var userName = "Users"; SetFolderACL(folderPath, userName, FileSystemRights.FullControl, AccessControlType.Allow);