You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

116 line
4.6 KiB

  1. using Alphaleonis.Win32.Filesystem;
  2. using System.Collections.Generic;
  3. using System.Security.AccessControl;
  4. namespace Security2
  5. {
  6. public partial class FileSystemAuditRule2
  7. {
  8. public static void RemoveFileSystemAuditRule(FileSystemInfo item, IdentityReference2 account, FileSystemRights2 rights, AuditFlags type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
  9. {
  10. FileSystemAuditRule ace = null;
  11. if (item is FileInfo)
  12. {
  13. var file = (FileInfo)item;
  14. var sd = file.GetAccessControl(AccessControlSections.Audit);
  15. ace = (FileSystemAuditRule)sd.AuditRuleFactory(account, (int)rights, false, inheritanceFlags, propagationFlags, type);
  16. sd.RemoveAuditRule(ace);
  17. file.SetAccessControl(sd);
  18. }
  19. else
  20. {
  21. DirectoryInfo directory = (DirectoryInfo)item;
  22. var sd = directory.GetAccessControl(AccessControlSections.Audit);
  23. ace = (FileSystemAuditRule)sd.AuditRuleFactory(account, (int)rights, false, inheritanceFlags, propagationFlags, type);
  24. sd.RemoveAuditRule(ace);
  25. directory.SetAccessControl(sd);
  26. }
  27. }
  28. public static void RemoveFileSystemAuditRule(FileSystemInfo item, List<IdentityReference2> accounts, FileSystemRights2 rights, AuditFlags type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, bool removeSpecific = false)
  29. {
  30. foreach (var account in accounts)
  31. {
  32. RemoveFileSystemAuditRule(item, account, rights, type, inheritanceFlags, propagationFlags);
  33. }
  34. }
  35. public static void RemoveFileSystemAuditRule(FileSystemInfo item, FileSystemAuditRule ace)
  36. {
  37. if (item is FileInfo)
  38. {
  39. var file = (FileInfo)item;
  40. var sd = file.GetAccessControl(AccessControlSections.Audit);
  41. sd.RemoveAuditRuleSpecific(ace);
  42. file.SetAccessControl(sd);
  43. }
  44. else
  45. {
  46. DirectoryInfo directory = (DirectoryInfo)item;
  47. var sd = directory.GetAccessControl(AccessControlSections.Audit);
  48. sd.RemoveAuditRuleSpecific(ace);
  49. directory.SetAccessControl(sd);
  50. }
  51. }
  52. public static void RemoveFileSystemAuditRule(string path, IdentityReference2 account, FileSystemRights2 rights, AuditFlags type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
  53. {
  54. if (File.Exists(path))
  55. {
  56. var item = new FileInfo(path);
  57. RemoveFileSystemAuditRule(item, account, rights, type, inheritanceFlags, propagationFlags);
  58. }
  59. else
  60. {
  61. var item = new DirectoryInfo(path);
  62. RemoveFileSystemAuditRule(item, account, rights, type, inheritanceFlags, propagationFlags);
  63. }
  64. }
  65. public static FileSystemAuditRule2 RemoveFileSystemAuditRule(FileSystemSecurity2 sd, IdentityReference2 account, FileSystemRights2 rights, AuditFlags type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, bool removeSpecific = false)
  66. {
  67. var ace = (FileSystemAuditRule)sd.SecurityDescriptor.AuditRuleFactory(account, (int)rights, false, inheritanceFlags, propagationFlags, type);
  68. if (sd.IsFile)
  69. {
  70. if (removeSpecific)
  71. ((FileSecurity)sd.SecurityDescriptor).RemoveAuditRuleSpecific(ace);
  72. else
  73. ((FileSecurity)sd.SecurityDescriptor).RemoveAuditRule(ace);
  74. }
  75. else
  76. {
  77. if (removeSpecific)
  78. ((DirectorySecurity)sd.SecurityDescriptor).RemoveAuditRuleSpecific(ace);
  79. else
  80. ((DirectorySecurity)sd.SecurityDescriptor).RemoveAuditRule(ace);
  81. }
  82. return ace;
  83. }
  84. public static IEnumerable<FileSystemAuditRule2> RemoveFileSystemAuditRule(FileSystemSecurity2 sd, List<IdentityReference2> accounts, FileSystemRights2 rights, AuditFlags type, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, bool removeSpecific = false)
  85. {
  86. var aces = new List<FileSystemAuditRule2>();
  87. foreach (var account in accounts)
  88. {
  89. aces.Add(RemoveFileSystemAuditRule(sd, account, rights, type, inheritanceFlags, propagationFlags));
  90. }
  91. return aces;
  92. }
  93. }
  94. }