采用C#代码动态设置文件权限

 public FileSystemAccessRule(   IdentityReference identity,   FileSystemRights fileSystemRights,   AccessControlType type )   : this(    identity,    AccessMaskFromRights( fileSystemRights, type ),    false,    InheritanceFlags.None,    PropagationFlags.None,    type )  {  }  public FileSystemAccessRule(   String identity,   FileSystemRights fileSystemRights,   AccessControlType type )   : this(    new NTAccount(identity),    AccessMaskFromRights( fileSystemRights, type ),    false,    InheritanceFlags.None,    PropagationFlags.None,    type )  {  }  //  // Constructor for creating access rules for folder objects  //  public FileSystemAccessRule(   IdentityReference identity,   FileSystemRights fileSystemRights,   InheritanceFlags inheritanceFlags,   PropagationFlags propagationFlags,   AccessControlType type )   : this(    identity,    AccessMaskFromRights( fileSystemRights, type ),    false,    inheritanceFlags,    propagationFlags,    type )  {  }  public FileSystemAccessRule(   String identity,   FileSystemRights fileSystemRights,   InheritanceFlags inheritanceFlags,   PropagationFlags propagationFlags,   AccessControlType type )   : this(    new NTAccount(identity),    AccessMaskFromRights( fileSystemRights, type ),    false,    inheritanceFlags,    propagationFlags,    type )  {  }  internal FileSystemAccessRule(   IdentityReference identity,   int accessMask,   bool isInherited,   InheritanceFlags inheritanceFlags,   PropagationFlags propagationFlags,   AccessControlType type )   : base(    identity,    accessMask,    isInherited,    inheritanceFlags,    propagationFlags,    type )  {  }  #endregion  #region Public properties  public FileSystemRights FileSystemRights  {   get { return RightsFromAccessMask( base.AccessMask ); }  }  internal static int AccessMaskFromRights( FileSystemRights fileSystemRights, AccessControlType controlType )  {   if (fileSystemRights < (FileSystemRights) 0 || fileSystemRights > FileSystemRights.FullControl)    throw new ArgumentOutOfRangeException("fileSystemRights", Environment.GetResourceString("Argument_InvalidEnumValue", fileSystemRights, "FileSystemRights"));   Contract.EndContractBlock();   if (controlType == AccessControlType.Allow) {    fileSystemRights |= FileSystemRights.Synchronize;   }   else if (controlType == AccessControlType.Deny) {    if (fileSystemRights != FileSystemRights.FullControl &&     fileSystemRights != (FileSystemRights.FullControl & ~FileSystemRights.DeleteSubdirectoriesAndFiles))     fileSystemRights &= ~FileSystemRights.Synchronize;   }   return ( int )fileSystemRights;  }  internal static FileSystemRights RightsFromAccessMask( int accessMask )  {   return ( FileSystemRights )accessMask;  } }

/// <summary> /// 表示用户的标识、访问掩码和访问控制类型（允许或拒绝）的组合。<see cref="T:System.Security.AccessControl.AccessRule"/> 对象还包含有关子对象如何继承规则以及如何传播继承的信息。 /// </summary> public abstract class AccessRule : AuthorizationRule { /// <summary> /// 使用指定的值初始化 <see cref="T:System.Security.AccessControl.AccessRule"/> 类的一个新实例。 /// </summary> /// <param name="identity">应用访问规则的标识。此参数必须是可以强制转换为 <see cref="T:System.Security.Principal.SecurityIdentifier"/> 的对象。</param><param name="accessMask">此规则的访问掩码。访问掩码是一个 32 位的匿名位集合，其含义是由每个集成器定义的。</param><param name="isInherited">如果此规则继承自父容器，则为 true。</param><param name="inheritanceFlags">访问规则的继承属性。</param><param name="propagationFlags">继承的访问规则是否自动传播。如果 <paramref name="inheritanceFlags"/> 设置为 <see cref="F:System.Security.AccessControl.InheritanceFlags.None"/>，则将忽略传播标志。</param><param name="type">有效的访问控制类型。</param><exception cref="T:System.ArgumentException"><paramref name="identity"/> 参数的值不能强制转换为 <see cref="T:System.Security.Principal.SecurityIdentifier"/>，或者 <paramref name="type"/> 参数包含无效值。</exception><exception cref="T:System.ArgumentOutOfRangeException"><paramref name="accessMask"/> 参数的值为零，或者 <paramref name="inheritanceFlags"/> 或 <paramref name="propagationFlags"/> 参数包含无法识别的标志值。</exception> protected AccessRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type); /// <summary> /// 获取与此 <see cref="T:System.Security.AccessControl.AccessRule"/> 对象关联的 <see cref="T:System.Security.AccessControl.AccessControlType"/> 对象。 /// </summary> ///  /// <returns> /// 与此 <see cref="T:System.Security.AccessControl.AccessRule"/> 对象关联的 <see cref="T:System.Security.AccessControl.AccessControlType"/> 对象。 /// </returns> public AccessControlType AccessControlType { get; } }

 /// <summary>  /// 获取目录权限列表  /// </summary>  /// <param name="path">目录的路径。</param>  /// <returns>指示目录的权限列表</returns>  public IList<FileSystemRights> GetDirectoryPermission(string path)  {   try   {    if (!DirectoryExists(path))     return null;    IList<FileSystemRights> result = new List<FileSystemRights>();    var dSecurity = Directory.GetAccessControl(new DirectoryInfo(path).FullName);    foreach (FileSystemAccessRule rule in dSecurity.GetAccessRules(true, true, typeof(NTAccount)))     result.Add(rule.FileSystemRights);    return result;   }   catch (Exception e)   {    throw new Exception(e.Message, e);   }  }

 /// <summary>  ///设置目录权限  /// </summary>  /// <param name="path">目录的路径。</param>  /// <param name="permission">在目录上设置的权限。</param>  /// <returns>指示是否在目录上应用权限的值。</returns>  public bool SetDirectoryPermission(string path, FileSystemRights permission)  {   try   {    if (!DirectoryExists(path))     return false;    var accessRule = new FileSystemAccessRule("Users", permission,           InheritanceFlags.None,           PropagationFlags.NoPropagateInherit,           AccessControlType.Allow);    var info = new DirectoryInfo(path);    var security = info.GetAccessControl(AccessControlSections.Access);    bool result;    security.ModifyAccessRule(AccessControlModification.Set, accessRule, out result);    if (!result)     return false;    const InheritanceFlags iFlags = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;    accessRule = new FileSystemAccessRule("Users", permission,           iFlags,           PropagationFlags.InheritOnly,           AccessControlType.Allow);    security.ModifyAccessRule(AccessControlModification.Add, accessRule, out result);    if (!result)     return false;    info.SetAccessControl(security);    return true;   }   catch (Exception e)   {    throw new Exception(e.Message, e);   }  }

 /// <summary>  /// 设置目录权限列表  /// </summary>  /// <param name="path">目录的路径。</param>  /// <param name="permissions">在目录上设置的权限。</param>  /// <returns>指示是否在目录上应用权限的值。</returns>  public bool SetDirectoryPermissions(string path, FileSystemRights[] permissions)  {   try   {    if (!DirectoryExists(path) || permissions == null || !permissions.Any())     return false;    foreach (var permission in permissions)     if (!SetDirectoryPermission(path, permission))      return false;     return true;   }   catch (Exception e)   {    throw new Exception(e.Message, e);   }  }