static private AccessMaskFromRights ( FileSystemRights fileSystemRights, AccessControlType controlType ) : int | ||
fileSystemRights | FileSystemRights | |
controlType | AccessControlType | |
return | int |
internal static int AccessMaskFromRights(FileSystemRights fileSystemRights, AccessControlType controlType)
{
if (fileSystemRights < (FileSystemRights)0 || fileSystemRights > FileSystemRights.FullControl)
throw new ArgumentOutOfRangeException(nameof(fileSystemRights), SR.Format(SR.Argument_InvalidEnumValue, fileSystemRights, nameof(AccessControl.FileSystemRights)));
Contract.EndContractBlock();
if (controlType == AccessControlType.Allow)
{
fileSystemRights |= FileSystemRights.Synchronize;
}
else if (controlType == AccessControlType.Deny)
{
if (fileSystemRights != FileSystemRights.FullControl &&
fileSystemRights != (FileSystemRights.FullControl & ~FileSystemRights.DeleteSubdirectoriesAndFiles))
fileSystemRights &= ~FileSystemRights.Synchronize;
}
return (int)fileSystemRights;
}
public void RemoveAccessRuleSpecific(FileSystemAccessRule rule) { ArgumentNullException.ThrowIfNull(rule); // If the rule to be removed matches what is there currently then // remove it unaltered. That is, don't mask off the Synchronize bit // This is to avoid dangling synchronize bit AuthorizationRuleCollection rules = GetAccessRules(true, true, rule.IdentityReference.GetType()); for (int i = 0; i < rules.Count; i++) { if ((rules[i] is FileSystemAccessRule fsrule) && (fsrule.FileSystemRights == rule.FileSystemRights) && (fsrule.IdentityReference == rule.IdentityReference) && (fsrule.AccessControlType == rule.AccessControlType)) { base.RemoveAccessRuleSpecific(rule); return; } } // Mask off the synchronize bit (that is automatically added for Allow) // before removing the ACL. The logic here should be same as Deny and hence // fake a call to AccessMaskFromRights as though the ACL is for Deny FileSystemAccessRule ruleNew = new FileSystemAccessRule( rule.IdentityReference, FileSystemAccessRule.AccessMaskFromRights(rule.FileSystemRights, AccessControlType.Deny), rule.IsInherited, rule.InheritanceFlags, rule.PropagationFlags, rule.AccessControlType); base.RemoveAccessRuleSpecific(ruleNew); }