Add Everyone privilege to folder using C#.NET
First thing I want to tell you is how I found this solution. This is probably more important than the answer because file permissions are hard to get correct.
First thing I did was set the permissions I wanted using the Windows dialogs and checkboxes. I added a rule for "Everyone" and ticked all boxes except "Full Control".
Then I wrote this C# code to tell me exactly what parameters I need to duplicate the Windows settings:
string path = @"C:\Users\you\Desktop\perms"; // path to directory whose settings you have already correctly configured
DirectorySecurity sec = Directory.GetAccessControl(path);
foreach (FileSystemAccessRule acr in sec.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount))) {
Console.WriteLine("{0} | {1} | {2} | {3} | {4}", acr.IdentityReference.Value, acr.FileSystemRights, acr.InheritanceFlags, acr.PropagationFlags, acr.AccessControlType);
}
This gave me this line of output:
Everyone | Modify, Synchronize | ContainerInherit, ObjectInherit | None | Allow
So the solution is simple (yet hard to get right if you don't know what to look for!):
DirectorySecurity sec = Directory.GetAccessControl(path);
// Using this instead of the "Everyone" string means we work on non-English systems.
SecurityIdentifier everyone = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
sec.AddAccessRule(new FileSystemAccessRule(everyone, FileSystemRights.Modify | FileSystemRights.Synchronize, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
Directory.SetAccessControl(path, sec);
This will make the checkboxes on the Windows security dialog match what you have already set for your test directory.
How to assign access rights Everyone to a directory
Try the following,
DirectorySecurity sec = Directory.GetAccessControl(path);
// Using this instead of the "Everyone" string means we work on non-English systems.
SecurityIdentifier everyone = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
sec.AddAccessRule(new FileSystemAccessRule(everyone, FileSystemRights.Modify | FileSystemRights.Synchronize, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
Directory.SetAccessControl(path, sec);
Note: You must be an administrator to make this work
How to give permissions for folders in c#?
I know your pain - filesystem ACLs are a pain to modify and even if it seems to work, it might break in some circumstances. In your case, there's a simple solution, fortunately.
The problem lies with PropagationFlags.InheritOnly
. This means that this permission is only applied to items that inherit permissions - e.g. you are granting rights only for the files in this directory and not in any subdirectories.
To grant directory rights that inherit "normally" (i.e. propagate to subdirectories and all files), use the following values for InheritanceFlags and PropagationFlags:InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit
and PropagationFlags.None
.
How to grant full permission to a file created by my application for ALL users?
Note to people using this.
When using literal strings for the FileSystemAccessRule
, it should be WellKnownSidType.WorldSid
instead of "everyone"
.
The reason is because there are multiple Window languages and Everyone only applies to EN ones, so for Spanish, it might be "Todos" (or something else).
using System.Security.AccessControl;
using System.Security.Principal;
using System.IO;
private void GrantAccess(string fullPath)
{
DirectoryInfo dInfo = new DirectoryInfo(fullPath);
DirectorySecurity dSecurity = dInfo.GetAccessControl();
dSecurity.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.NoPropagateInherit, AccessControlType.Allow));
dInfo.SetAccessControl(dSecurity);
}
Set write permission on folder create
Simply, when your asp.net application running you can open Task Manager and find process w3wp
.
W3wp process like any other has user identity (by default - application pool identity - DefaultAppPool
(like application pool name)).
And if it so, you should add write permissions for user named DefaultAppPool
. To do it you should open security tab in folder's properties window, then change
->add
and type IIS AppPool/DefaultAppPool
and choose local machine.
This post should help you!
How to grant access to all subfolders of a folder in asp.net
What you need to do is give the asp.net worker process write permission to the reports folder and this has nothing to do with the web config
You can find the steps in the following answer
https://stackoverflow.com/a/14654062/499930
Related Topics
Getting Return Value from Stored Procedure in C#
Pair-Wise Iteration in C# or Sliding Window Enumerator
How to Test for the Presence of an Action Filter with Constructor Arguments
Why Doesn't Include Have Any Effect
Parsing Visual Studio Solution Files
How to Get the CPU Temperature
Why Learn Perl, Python, Ruby If the Company Is Using C++, C# or Java as the Application Language
How Would You Code an Efficient Circular Buffer in Java or C#
Alternatives to System.Drawing for Use with ASP.NET
How to Get the "Friendly" Os Version Name
An Attribute Argument Must Be a Constant Expression, ...- Create an Attribute of Type Array