ACL List - Trying to duplicate Security screen in Folder Properties box

Sprint

Well-known member
Joined
Feb 3, 2006
Messages
58
Location
Ohio
Programming Experience
5-10
I'm looking to duplicate the Windows Explorer security screen for a directory, the one you get when you right click a directory, go to properties, and click on the Security tab. At the top it lists "Groups or user names" then if you click a user at the bottom it will show the permissions (Full Control, Modify, Read & Execute, etc). So far I've been able to duplicate the Groups or user names box (for the most part) but I'm having trouble pulling the actual allow and deny permissions. I've seen some C++ examples on assigning or removing premissions but thats not what I want and I wasn't able to use those examples to pull the actual permissions correctly. Heres basically what I have so far:

VB.NET:
' Get directory info for selected directory
myDirInfo = My.Computer.FileSystem.GetDirectoryInfo(DirectoryStructureTreeView.SelectedNode.Text)
' Get the folders owner
Dim myOwner As Security.Principal.IdentityReference = myDirInfo.GetAccessControl.GetOwner(GetType(Security.Principal.NTAccount))
OwnerLabel.Text = myOwner.ToString
' Get our ACL, or what I think is the ACL
myARC = myDirInfo.GetAccessControl.GetAccessRules(True, True, GetType(Security.Principal.NTAccount))
' Fill the ListView with the users in the Access Control List
Dim x As Integer = 0
For Each ar As AccessRule In myARC
     GroupsandUsersListView.Items.Add(ar.IdentityReference.Value.ToString).Text = ar.IdentityReference.Value.ToString
     If ar.IsInherited.ToString = "True" Then
          GroupsandUsersListView.Items(x).SubItems.Add("(Inherited)")
     End If
     x += 1
Next
This so far lets a user click a directory from a tree, pulls some info (not all listed..like accessed date, created date, etc) including the owner and the lsit of users on the ACL (Although some names just come up as BUILTIN\USER and not actual names....). It tags those that are inherited from a parent folder with (Inherited). Then I want someone to be able to click a name and pull up the actual permissions but I can't seem to get to these properties. This is in VB.Net 2005 (.Net v2).

-Allan.
 
O.k...I've made progress using the directory security properties and I can add/remove inheritence from a folder and remove all a users permissions from a folder. That works dandy. But I'm still having issues pulling the ACL. I'm using something like this:

For Each fsar As FileSystemAccessRule In dSecurity.GetAccessRules(True, True, GetType(Principal.NTAccount))

to get my access rules. Then I go through the rules and using a line like this:

if fsar.IdentityReference.Value.ToString = (the user I'm checking)

I can continue on to pull the properties of the rule, at least I thought I could. I tried using something like this:

If fsar.FileSystemRights.Equals(FileSystemRights.FullControl) Then
If fsar.AccessControlType.Equals(AccessControlType.Allow) = True Then
(set a check box for allow)
(...etc for rest of rules).

But for some reason it doesn't seem to be making these checks. I've seen the full control one work but none of the others (read, Write, Modify, etc) seem to "equal" anything. The FileSystemRights property is a bitwise combination of a bunch of properties so maybe my comparision is wrong. How do I look to see if something like FileSystemRights.Modify is within my fsar.FileSystemRights?
 
Back
Top