使用什么来代替 SecurityManager.IsGranted？

Question

我还没有找到我要问的确切问题。

我想查看用户是否有权删除给定的文件或文件夹

我正在使用这个：

Private Function UserHasPermissionsToSource(ByVal source As String) As Boolean    
    Dim writePermission As FileIOPermission = New FileIOPermission(FileIOPermissionAccess.Write, source)
    Return SecurityManager.IsGranted(writePermission)
End Function

但是对于已过时的 isGranted，我不确定用什么替换它。这是我目前所拥有的，有人可以确认这是否正确吗？

Private Function UserHasPermissionsToSource(ByVal source As String) As Boolean
    'Get the permissions of the file/folder
    Dim writePermission As FileIOPermission = New FileIOPermission(FileIOPermissionAccess.Write, source)

    'Create your permission set and add file permissions for write
    Dim permissionSet As PermissionSet = New PermissionSet(PermissionState.None)
    permissionSet.AddPermission(writePermission)

    'checks permissions????
    If permissionSet.IsSubsetOf(AppDomain.CurrentDomain.PermissionSet) Then
        Return True
    End If

    Return False
End Function

对于相同的结果，似乎需要做更多的工作。

Answer 1

以上不正确，我找到了解决方案。

Private Function GetFileAccessControl(ByVal source As String) As String

        Dim denied As Boolean = False
        Dim allowed As Boolean = False

        'Gets the current User
        Dim wid As WindowsIdentity = WindowsIdentity.GetCurrent()

        Try
            Dim arc As AuthorizationRuleCollection = GetAuthorizationRuleCollection(source)
            Dim ars As IList(Of FileSystemAccessRule) = New List(Of FileSystemAccessRule)(arc.OfType(Of FileSystemAccessRule))
            Dim widgs As IList(Of IdentityReference) = New List(Of IdentityReference)

            For Each g As SecurityIdentifier In wid.Groups
                If g.IsAccountSid() Then
                    widgs.Add(g)
                End If
            Next

            'User not inherited rules
            For Each rule As FileSystemAccessRule In (From r In ars Where r.IdentityReference.Equals(wid.User) AndAlso Not r.IsInherited)
                denied = denied Or DeniesWriteAccess(rule)
                allowed = allowed Or AllowsWriteAccess(rule)
            Next

            For Each rule As FileSystemAccessRule In (From r In ars Where r.IdentityReference.Equals(wid.User) AndAlso r.IsInherited)
                denied = denied Or DeniesWriteAccess(rule)
                allowed = allowed Or AllowsWriteAccess(rule)
            Next

            For Each rule As FileSystemAccessRule In (From r In ars Where widgs.Contains(r.IdentityReference) AndAlso Not r.IsInherited)
                denied = denied Or DeniesWriteAccess(rule)
                allowed = allowed Or AllowsWriteAccess(rule)
            Next

            For Each rule As FileSystemAccessRule In (From r In ars Where widgs.Contains(r.IdentityReference) AndAlso r.IsInherited)
                denied = denied Or DeniesWriteAccess(rule)
                allowed = allowed Or AllowsWriteAccess(rule)
            Next
        Catch ex As UnauthorizedAccessException

        End Try

        If Not denied AndAlso allowed Then
            Return True
        End If

        Return False
    End Function

    Private Function GetAuthorizationRuleCollection(ByVal source As String) As AuthorizationRuleCollection

        'Gets the current User
        Dim wid As WindowsIdentity = WindowsIdentity.GetCurrent()
        Dim arc As AuthorizationRuleCollection
        arc = Nothing

        If (Directory.Exists(source)) Then
            Dim di As DirectoryInfo = New DirectoryInfo(source)
            Dim acl As DirectorySecurity = di.GetAccessControl()
            arc = acl.GetAccessRules(True, True, GetType(SecurityIdentifier))
        ElseIf File.Exists(source) Then
            Dim fi As FileInfo = New FileInfo(source)
            Dim acl As FileSecurity = fi.GetAccessControl()
            arc = acl.GetAccessRules(True, True, GetType(SecurityIdentifier))
        End If

        Return arc
    End Function

    Private Function AllowsWriteAccess(rule As FileSystemAccessRule) As Boolean
        If rule.AccessControlType = AccessControlType.Allow AndAlso
                (rule.FileSystemRights.HasFlag(FileSystemRights.Write) OrElse
                rule.FileSystemRights.HasFlag(FileSystemRights.WriteData) OrElse
                rule.FileSystemRights.HasFlag(FileSystemRights.CreateDirectories) OrElse
                rule.FileSystemRights.HasFlag(FileSystemRights.CreateFiles)) Then
            Return True
        End If
        Return False
    End Function

    Private Function DeniesWriteAccess(rule As FileSystemAccessRule) As Boolean
        If rule.AccessControlType = AccessControlType.Deny AndAlso
                (rule.FileSystemRights.HasFlag(FileSystemRights.Write) OrElse
                rule.FileSystemRights.HasFlag(FileSystemRights.WriteData) OrElse
                rule.FileSystemRights.HasFlag(FileSystemRights.CreateDirectories) OrElse
                rule.FileSystemRights.HasFlag(FileSystemRights.CreateFiles)) Then
            Return True
        End If
        Return False
    End Function