FileSecurity - Test if WindowsIdentity has write access?

Discussion in 'ASP .Net' started by Ed Sutton, Oct 11, 2006.

  1. Ed Sutton

    Ed Sutton Guest

    Is there a FileSecurity method that can determine if the current
    WindowsIdentity has write access to a file?

    I can get the current windows identity and use FileSecurity to return
    the AuthorizationRuleCollection and then search for the
    FileSystemAccessRule's that apply to my identity. The problem is my
    current identity may be "MYDOMAIN\JDOE", but I do not know how to
    determine if a group this identity belongs, for example "EVERYONE",
    permits write access for the identity?

    Background
    ----------
    I need to test if I my application has read/write access to a file based
    database. The database may be running on a client or as a webservice on
    a server. I could try to create a new dummy record and hope the
    database provider gives me an error or an exception but there must be a
    more elegant solution?

    Thanks in advance for any tips or suggestions,

    -Ed


    // This does not work but shows what I wish to achieve
    private static bool IdentityHasAccces(FileInfo fileInfo,
    FileSystemRights
    fileSystemRights)
    {
    System.Security.Principal.WindowsIdentity windowsIdentity =
    System.Security.Principal.WindowsIdentity.GetCurrent();

    FileSecurity fileSecutiy = fileInfo.GetAccessControl();
    AuthorizationRuleCollection authorizationRuleCollection =
    fileInfo.GetAccessControl().GetAccessRules(true, true, typeof(NTAccount));
    foreach (FileSystemAccessRule fileSystemAccessRule in
    authorizationRuleCollection)
    {
    if ( true == (AccessControlType.Allow ==
    fileSystemAccessRule.AccessControlType &&
    fileSystemRights ==
    (fileSystemAccessRule.FileSystemRights & fileSystemRights)))
    {
    // Test if this FileSystemAccessRule IdentityReference is
    one of the Groups the current identity belongs to
    foreach(IdentityReference identityReference in
    windowsIdentity.Groups)
    {
    if( identityReference ==
    fileSystemAccessRule.IdentityReference)
    {
    return true;
    }
    }
    }
    }
    return false;
    }
    Ed Sutton, Oct 11, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Eric Pearson
    Replies:
    2
    Views:
    634
    Eric Pearson
    May 30, 2006
  2. Robert Phillips

    Access is denied in WindowsIdentity.GetCurrent

    Robert Phillips, Jan 13, 2005, in forum: ASP .Net Security
    Replies:
    0
    Views:
    152
    Robert Phillips
    Jan 13, 2005
  3. Marco Herrn

    Access Denied on WindowsIdentity.GetCurrent()

    Marco Herrn, Mar 7, 2005, in forum: ASP .Net Security
    Replies:
    1
    Views:
    180
    Paul Clement
    Mar 7, 2005
  4. Eric Pearson
    Replies:
    0
    Views:
    119
    Eric Pearson
    May 30, 2006
  5. perl coder

    Win32::FileSecurity doesn't show all perms?

    perl coder, Apr 2, 2004, in forum: Perl Misc
    Replies:
    1
    Views:
    255
Loading...

Share This Page