Add "Everyone" Privilege to Folder Using C#.Net

Add Everyone privilege to folder using C#.NET

First thing I want to tell you is how I found this solution. This is probably more important than the answer because file permissions are hard to get correct.

First thing I did was set the permissions I wanted using the Windows dialogs and checkboxes. I added a rule for "Everyone" and ticked all boxes except "Full Control".

Then I wrote this C# code to tell me exactly what parameters I need to duplicate the Windows settings:

string path = @"C:\Users\you\Desktop\perms"; // path to directory whose settings you have already correctly configured
DirectorySecurity sec = Directory.GetAccessControl(path);
foreach (FileSystemAccessRule acr in sec.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount))) {
    Console.WriteLine("{0} | {1} | {2} | {3} | {4}", acr.IdentityReference.Value, acr.FileSystemRights, acr.InheritanceFlags, acr.PropagationFlags, acr.AccessControlType);
}

This gave me this line of output:

Everyone | Modify, Synchronize | ContainerInherit, ObjectInherit | None | Allow

So the solution is simple (yet hard to get right if you don't know what to look for!):

DirectorySecurity sec = Directory.GetAccessControl(path);
// Using this instead of the "Everyone" string means we work on non-English systems.
SecurityIdentifier everyone = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
sec.AddAccessRule(new FileSystemAccessRule(everyone, FileSystemRights.Modify | FileSystemRights.Synchronize, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
Directory.SetAccessControl(path, sec);

This will make the checkboxes on the Windows security dialog match what you have already set for your test directory.

How to assign access rights Everyone to a directory

Try the following,

DirectorySecurity sec = Directory.GetAccessControl(path);
        // Using this instead of the "Everyone" string means we work on non-English systems.
        SecurityIdentifier everyone = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
        sec.AddAccessRule(new FileSystemAccessRule(everyone, FileSystemRights.Modify | FileSystemRights.Synchronize, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow));
        Directory.SetAccessControl(path, sec);

Note: You must be an administrator to make this work

How to give permissions for folders in c#?

I know your pain - filesystem ACLs are a pain to modify and even if it seems to work, it might break in some circumstances. In your case, there's a simple solution, fortunately.

The problem lies with PropagationFlags.InheritOnly. This means that this permission is only applied to items that inherit permissions - e.g. you are granting rights only for the files in this directory and not in any subdirectories.

To grant directory rights that inherit "normally" (i.e. propagate to subdirectories and all files), use the following values for InheritanceFlags and PropagationFlags:
InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit and PropagationFlags.None.

How to grant full permission to a file created by my application for ALL users?

Note to people using this.

When using literal strings for the FileSystemAccessRule, it should be WellKnownSidType.WorldSid instead of "everyone".

The reason is because there are multiple Window languages and Everyone only applies to EN ones, so for Spanish, it might be "Todos" (or something else).

using System.Security.AccessControl;
using System.Security.Principal;
using System.IO;

private void GrantAccess(string fullPath)
{
    DirectoryInfo dInfo = new DirectoryInfo(fullPath);
    DirectorySecurity dSecurity = dInfo.GetAccessControl();
    dSecurity.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.NoPropagateInherit, AccessControlType.Allow));
    dInfo.SetAccessControl(dSecurity);
}

Set write permission on folder create

Simply, when your asp.net application running you can open Task Manager and find process w3wp.
W3wp process like any other has user identity (by default - application pool identity - DefaultAppPool(like application pool name)).
And if it so, you should add write permissions for user named DefaultAppPool. To do it you should open security tab in folder's properties window, then change->add and type IIS AppPool/DefaultAppPool and choose local machine.

This post should help you!

How to grant access to all subfolders of a folder in asp.net

What you need to do is give the asp.net worker process write permission to the reports folder and this has nothing to do with the web config

You can find the steps in the following answer
https://stackoverflow.com/a/14654062/499930


Related Topics

Intersection of Lists

Text Difference Algorithm

Entity Framework Left Join

Overhead of a .Net Array

Getting Return Value from Stored Procedure in C#

Pair-Wise Iteration in C# or Sliding Window Enumerator

How to Test for the Presence of an Action Filter with Constructor Arguments

Why Doesn't Include Have Any Effect

Parsing Visual Studio Solution Files

How to Get the CPU Temperature

Why Learn Perl, Python, Ruby If the Company Is Using C++, C# or Java as the Application Language

How Would You Code an Efficient Circular Buffer in Java or C#

String Escape into Xml

Alternatives to System.Drawing for Use with ASP.NET

How to Get the "Friendly" Os Version Name

An Attribute Argument Must Be a Constant Expression, ...- Create an Attribute of Type Array

Word Wrap a String in Multiple Lines

C# Tcpclient: Send Serialized Objects Using Separators


Leave a reply



Submit