0

I'm scanning the folder for files and I need to get each file's permissions for current user in any way to be represented as a string. So for the attached file's properties I would like to represent something like f-m-r-w string.

I'm trying to accomplish this in my scan loop like this, but getting empty strings. Could you hint to where should I go from here or chose another approach? Thanks in advance!

            string permissionShort = string.Empty;
            DirectorySecurity dSecurity = Directory.GetAccessControl(_directory.FullName);
            foreach (FileSystemAccessRule rule in dSecurity.GetAccessRules(true, true, typeof(NTAccount)))
            {
                if (rule.FileSystemRights == FileSystemRights.Write)
                    permissionShort = permissionShort + "x";
                if (rule.FileSystemRights == FileSystemRights.Read)
                    permissionShort = permissionShort + "x";
                if (rule.FileSystemRights == FileSystemRights.AppendData)
                    permissionShort = permissionShort + "x";
                if (rule.FileSystemRights == FileSystemRights.Modify)
                    permissionShort = permissionShort + "x";
                if (rule.FileSystemRights == FileSystemRights.ExecuteFile)
                    permissionShort = permissionShort + "x";
            }
Madcode
  • 71
  • 5
  • Probably should be duplicate of http://stackoverflow.com/questions/1339976/how-to-check-if-any-flags-of-a-flag-combination-are-set, but need some tweaking of the question... so just comment instead of VTC. – Alexei Levenkov Feb 15 '17 at 21:38

1 Answers1

0

FileSystemRights is a flagged enum, that means you must perform an AND operation to test for a single value of the enum.

    string scanPath = @"C:\Test";
    string permissionShort = string.Empty;
    DirectorySecurity dSecurity = Directory.GetAccessControl(scanPath);
    foreach (FileSystemAccessRule rule in dSecurity.GetAccessRules(true, true, typeof(NTAccount)))
    {
        permissionShort += rule.FileSystemRights.ToString() + " : ";
        permissionShort += ((rule.FileSystemRights & FileSystemRights.FullControl) == FileSystemRights.FullControl) ? "f" : "-";
        permissionShort += ((rule.FileSystemRights & FileSystemRights.Write)== FileSystemRights.Write) ? "w" : "-";
        permissionShort += ((rule.FileSystemRights & FileSystemRights.Read) == FileSystemRights.Read) ? "r" : "-";
        permissionShort += ((rule.FileSystemRights & FileSystemRights.AppendData) == FileSystemRights.AppendData) ? "a" : "-";
        permissionShort += ((rule.FileSystemRights & FileSystemRights.Modify) == FileSystemRights.Modify) ? "m" : "-";
        permissionShort += ((rule.FileSystemRights & FileSystemRights.ExecuteFile) == FileSystemRights.ExecuteFile) ? "e" : "-";
        permissionShort += "\n";
    }
Ehz
  • 1,962
  • 1
  • 11
  • 11
  • Thanks. It workes but gives result 3 times, I suspect it counts all the accounts on the system. – Madcode Feb 16 '17 at 07:07