当前位置: 文江博客话题详情

如何检查用户是否对共享文件夹具有完全控制权限?

发布于 2024-12-11 17:26:16 字数 1092 浏览 0 评论 0原文

我使用以下代码来检查 DACL 中是否存在某个用户:

Dim l_managemantObject As ManagementBaseObject() = CType(securityDescriptor.Properties("DACL").Value, ManagementBaseObject())

For Each mObject As ManagementBaseObject In l_managemantObject
    l_name = CType(mObject.GetPropertyValue("Trustee"), ManagementBaseObject).Properties("Name").Value.ToString
    If CType(mObject.GetPropertyValue("Trustee"), ManagementBaseObject).Properties("Domain").Value IsNot Nothing Then
       l_domain = CType(mObject.GetPropertyValue("Trustee"), ManagementBaseObject).Properties("Domain").Value.ToString()
    End If

    If users.UserName.ToLower = (l_domain & "\" & l_name).ToLower Then
       Return True                
    End If
Next

如您所见,我能够获取用户名和域。但如何检查用户是否拥有 FullControl 权限?

编辑:

我做了进一步的调查,发现使用GetAccessMask,我可以检索对代表其返回实例的用户或组所持有的共享的访问权限。

所以剩下要找出的是: 如何获取特定用户AccessMask

MSDN 上的 AccessMask

原文

I use the following code in order to check if certin user exists in the DACL:

Dim l_managemantObject As ManagementBaseObject() = CType(securityDescriptor.Properties("DACL").Value, ManagementBaseObject())

For Each mObject As ManagementBaseObject In l_managemantObject
    l_name = CType(mObject.GetPropertyValue("Trustee"), ManagementBaseObject).Properties("Name").Value.ToString
    If CType(mObject.GetPropertyValue("Trustee"), ManagementBaseObject).Properties("Domain").Value IsNot Nothing Then
       l_domain = CType(mObject.GetPropertyValue("Trustee"), ManagementBaseObject).Properties("Domain").Value.ToString()
    End If

    If users.UserName.ToLower = (l_domain & "\" & l_name).ToLower Then
       Return True                
    End If
Next

As you can see, I'm able to get the username and domain. But how do I check if the user has FullControl permissions?

Edit:

I've done furthur investigation and found that using GetAccessMask, I can retrieve the access rights to the share held by the user or group on whose behalf the instance is returned.

So whats left to find out is:
How to get a specific user AccessMask?

AccessMask on MSDN

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

听你说爱我 2024-12-18 17:26:16

它一直在我眼皮子底下,在 managementObject 上使用 GetPropertyValue("AccessMask") 获取权限级别。

完整方法:

 Dim l_managemantObject As ManagementBaseObject() = CType(securityDescriptor.Properties("DACL").Value, ManagementBaseObject())

    For Each mObject As ManagementBaseObject In l_managemantObject
        l_name = CType(mObject.GetPropertyValue("Trustee"), ManagementBaseObject).Properties("Name").Value.ToString
        If CType(mObject.GetPropertyValue("Trustee"), ManagementBaseObject).Properties("Domain").Value IsNot Nothing Then
           l_domain = CType(mObject.GetPropertyValue("Trustee"), ManagementBaseObject).Properties("Domain").Value.ToString()
        End If

        Dim l_accessMask as UInteger = mObject.GetPropertyValue("AccessMask")

        If users.UserName.ToLower = (l_domain & "\" & l_name).ToLower Then
           if l_accessMask = 2032127 then
              Return True  
           endif                             
        End If
    Next

It was under my nose all the time, using GetPropertyValue("AccessMask") on the managementObject gets the permission level.

Full method:

 Dim l_managemantObject As ManagementBaseObject() = CType(securityDescriptor.Properties("DACL").Value, ManagementBaseObject())

    For Each mObject As ManagementBaseObject In l_managemantObject
        l_name = CType(mObject.GetPropertyValue("Trustee"), ManagementBaseObject).Properties("Name").Value.ToString
        If CType(mObject.GetPropertyValue("Trustee"), ManagementBaseObject).Properties("Domain").Value IsNot Nothing Then
           l_domain = CType(mObject.GetPropertyValue("Trustee"), ManagementBaseObject).Properties("Domain").Value.ToString()
        End If

        Dim l_accessMask as UInteger = mObject.GetPropertyValue("AccessMask")

        If users.UserName.ToLower = (l_domain & "\" & l_name).ToLower Then
           if l_accessMask = 2032127 then
              Return True  
           endif                             
        End If
    Next
回复 原文
~没有更多了~

关于作者

小红帽

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

已经忘了多久

文章 0 评论 0

15867725375

文章 0 评论 0

LonelySnow

文章 0 评论 0

走过海棠暮

文章 0 评论 0

轻许诺言

文章 0 评论 0

信馬由缰

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文