0

I need to check the Read/Write permissions on a certain path. But the big problem is, I don't want to check my own instead I want to check them for another user.

This checks the user who runs the program.

System.Security.Principal.NTAccount

How am I able to check for example the user "OTHERUSER"?

This is my code so far.

   private Boolean CheckZugriff(string str_projektpfad)
    {
        str_projektpfad = Path.GetDirectoryName(str_projektpfad);
        bool isWriteAccess = false;
        try
        {
            AuthorizationRuleCollection collection = Directory.GetAccessControl(str_projektpfad).GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount));
            foreach (FileSystemAccessRule rule in collection)
            {
                if (rule.AccessControlType == AccessControlType.Allow)
                {
                    isWriteAccess = true;
                    break;
                }
            }
        }
        catch (UnauthorizedAccessException ex)
        {
            isWriteAccess = false;
        }
        catch (Exception ex)
        {
            isWriteAccess = false;

        }
        if (!isWriteAccess)
        {
            //handle notifications                 
        }

        return isWriteAccess;
    }

1 Answers1

1

Found two things that may help you...

1) This code checks what permissions set for the folder for all users:

    string directory = "your path";

    DirectoryInfo di = new DirectoryInfo(directory);

    DirectorySecurity ds = di.GetAccessControl();

2) This code checks if your user has administrator rights :

bool isElevated;
WindowsIdentity identity = new WindowsIdentity("user principal name goes here");
WindowsPrincipal principal = new WindowsPrincipal(identity);
isElevated = principal.IsInRole(WindowsBuiltInRole.Administrator);

It's logical that if user is not an admin and there is no rule set for him - he cannot access the folder. Not sure if it address your problem but hope it helps.

Fabjan
  • 13,506
  • 4
  • 25
  • 52
  • 1
    This just helps a little bit its not what I need because your code would give me all users. Am I able to cross check all users with the use i want ? How is `ds` going to help me? What do I have to do with `ds`? –  Jun 23 '15 at 13:50
  • Not sure if it's possible to do with your approach. On the other hand now you can get Read/Write permissions for all users and it shouldn't be a big deal to find permission rules that are set for one particular user, right? It's a good starting point. – Fabjan Jun 23 '15 at 14:00
  • Maybe I am stupid but how do I use the `ds` to do what you just said ? –  Jun 23 '15 at 15:05