Menu
In my .NET 2.0 application, I need to check if sufficient permissions exist to create and write to files to a directory. To this end, I have the following function that attempts to create a file and write a single byte to it, deleting itself afterwards to test that permissions do exist.
I figured the best way to check was to actually try and do it, catching any exceptions that occur. I'm not particularly happy about the general Exception catch though, so is there a better or perhaps a more accepted way of doing this?
private const string TEMP_FILE = "\\tempFile.tmp"; /// <summary> /// Checks the ability to create and write to a file in the supplied directory. /// </summary> /// <param name="directory">String representing the directory path to check.</param> /// <returns>True if successful; otherwise false.</returns> private static bool CheckDirectoryAccess(string directory) { bool success = false; string fullPath = directory + TEMP_FILE; if (Directory.Exists(directory)) { try { using (FileStream fs = new FileStream(fullPath, FileMode.CreateNew, FileAccess.Write)) { fs.WriteByte(0xff); } if (File.Exists(fullPath)) { File.Delete(fullPath); success = true; } } catch (Exception) { success = false; } } 
445
I've implemented the following method (in C# 2.0) that attempts to retrieve the security permissions for the folder using Directory. GetAccessControl() method. When I was googling how to test for write access nothing like this came up and it appeared very complicated to actually test permissions in Windows.
To view the permissions for all files in a directory, use the ls command with the -la options. Add other options as desired; for help, see List the files in a directory in Unix. In the output example above, the first character in each line indicates whether the listed object is a file or a directory.
Step 2 – Right-click the folder or file and click “Properties” in the context menu. Step 3 – Switch to “Security” tab and click “Advanced”. Step 4 – In the “Permissions” tab, you can see the permissions held by users over a particular file or folder.
Permissions of 644 mean that the owner of the file has read and write access, while the group members and other users on the system only have read access. For executable files, the equivalent settings would be 700 and 755 which correspond to 600 and 644 except with execution permission.
Directory.GetAccessControl(path) does what you are asking for.
public static bool HasWritePermissionOnDir(string path) { var writeAllow = false; var writeDeny = false; var accessControlList = Directory.GetAccessControl(path); if (accessControlList == null) return false; var accessRules = accessControlList.GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier)); if (accessRules ==null) return false; foreach (FileSystemAccessRule rule in accessRules) { if ((FileSystemRights.Write & rule.FileSystemRights) != FileSystemRights.Write) continue; if (rule.AccessControlType == AccessControlType.Allow) writeAllow = true; else if (rule.AccessControlType == AccessControlType.Deny) writeDeny = true; } return writeAllow && !writeDeny; } (FileSystemRights.Write & rights) == FileSystemRights.Write is using something called "Flags" btw which if you don't know what it is you should really read up on :)
200
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
