How to create a directory in runtime with full rights to all users, using Delphi?

Question

I need to create a directory inside COMMONAPPDATA (if it doesnt exists) with full rights to every user of that computer (everyone will be able to read or write to that dir). I'm looking for native simple code to do this in Delphi, without using third part libs or components.

Answer 1

@WarmBooter, you can use the CreateDirectory function to accomplish this task.

see this example :

program Project645;

{$APPTYPE CONSOLE}

uses
  AccCtrl,
  AclApi,
  Windows,
  SysUtils;


type

  PTrusteeW = ^TTrusteeW;
  TTrusteeW = record
    pMultipleTrustee: PTrusteeW;
    MultipleTrusteeOperation: DWORD;  { MULTIPLE_TRUSTEE_OPERATION }
    TrusteeForm: DWORD;  { TRUSTEE_FORM }
    TrusteeType: DWORD;  { TRUSTEE_TYPE }
    ptstrName: PWideChar;
  end;
  TExplicitAccessW = record
    grfAccessPermissions: DWORD;
    grfAccessMode: DWORD;  { ACCESS_MODE }
    grfInheritance: DWORD;
    Trustee: TTrusteeW;
  end;



Function  CreateDirectoryFullAccess(NewDirectory:String) :Boolean;
var
    SecurityAttributes  : TSecurityAttributes;
    SecurityDescriptor  : PSecurityDescriptor;
    ExplicitAccess      : array[0..0] of TExplicitAccessW;
    easize              : integer;
    pACL                : Windows.PACL;
begin
    ExplicitAccess[0].grfAccessPermissions:= STANDARD_RIGHTS_ALL or SPECIFIC_RIGHTS_ALL;
    ExplicitAccess[0].grfAccessMode:=Ord(SET_ACCESS);
    ExplicitAccess[0].grfInheritance:=SUB_CONTAINERS_AND_OBJECTS_INHERIT;
    ExplicitAccess[0].Trustee.TrusteeForm:=Ord(TRUSTEE_IS_NAME);
    ExplicitAccess[0].Trustee.TrusteeType:=Ord(TRUSTEE_IS_USER);
    ExplicitAccess[0].Trustee.ptstrName:='Everyone';//Access for all users
    SetEntriesinAclW(1,@ExplicitAccess,nil,pACL);//creates a new access control list

    //SecurityDescriptor:= AllocMem(Sizeof(SECURITY_DESCRIPTOR_MIN_LENGTH));
    SecurityDescriptor:= AllocMem(SECURITY_DESCRIPTOR_MIN_LENGTH);
    InitializeSecurityDescriptor(SecurityDescriptor,SECURITY_DESCRIPTOR_REVISION);
    SetSecurityDescriptorDacl(SecurityDescriptor,true,pacl,false);//sets information in a discretionary access control list (DACL).

    FillChar(SecurityAttributes,sizeof(SECURITY_ATTRIBUTES),#0);
    SecurityAttributes.nLength:=sizeof(SECURITY_ATTRIBUTES);
    SecurityAttributes.lpSecurityDescriptor:=SecurityDescriptor;
    SecurityAttributes.bInheritHandle:=false;
    CreateDirectory(PChar(NewDirectory),@SecurityAttributes);
    Result:=GetLastError=0;// if all ok, GetLastError = 0
end;

begin
  if CreateDirectoryFullAccess('C:\MyNewDir') then
   Writeln('Ok')
  else
   Writeln('Failed');

  Readln;
end.

Answer 2

I wish I could comment and ask "why?".

The executable would have to be run in administrator mode (so most of your users would see elevation prompt)

Why not use the APPDATA or LOCALAPPDATA folders, or the public share?

Here's a link to a similar question: Delphi 2009 classes / components to read/write file permissions