GetAccessControl: returns the Windows access control list (ACL) for a directory
GetAccessRules: gets a collection of the access rules associated with the specified security identifier
Example: check write permission on folder
public static bool HasWritePermission(string dir)
{ bool Allow = false;
bool Deny = false;
DirectorySecurity acl = null;
try
{
acl = Directory.GetAccessControl(dir);
}
catch (System.IO.DirectoryNotFoundException)
{
throw new Exception("DirectoryNotFoundException");
}
if (acl == null)
return false;
AuthorizationRuleCollection arc = acl.GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier));
if (arc == null)
return false;
foreach (FileSystemAccessRule rule in arc)
{
if ((FileSystemRights.Write & rule.FileSystemRights) != FileSystemRights.Write)
continue;
if (rule.AccessControlType == AccessControlType.Allow)
Allow = true;
else if (rule.AccessControlType == AccessControlType.Deny)
Deny = true;
}
return Allow && !Deny;
}
