Separation between Allow rules and Deny rules, and shows the combination of rights in compatible rules. : SemaphoreSecurity « Security « VB.Net Tutorial






Imports System
Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal

Public Class Example

    Public Shared Sub Main()
        Dim user As String = Environment.UserDomainName & "\" & Environment.UserName

        Dim mSec As New SemaphoreSecurity()

        Dim rule As New SemaphoreAccessRule(user,SemaphoreRights.Synchronize Or SemaphoreRights.Modify,AccessControlType.Allow)
        mSec.AddAccessRule(rule)

        rule = New SemaphoreAccessRule(user,SemaphoreRights.ChangePermissions,AccessControlType.Deny)
        mSec.AddAccessRule(rule)

        ShowSecurity(mSec)

        rule = New SemaphoreAccessRule(user,SemaphoreRights.ReadPermissions,AccessControlType.Allow)
        mSec.AddAccessRule(rule)

        ShowSecurity(mSec)
    End Sub 

    Private Shared Sub ShowSecurity(ByVal security As SemaphoreSecurity)
        For Each ar As SemaphoreAccessRule In security.GetAccessRules(True, True, GetType(NTAccount))
            Console.WriteLine("        User: {0}", ar.IdentityReference)
            Console.WriteLine("        Type: {0}", ar.AccessControlType)
            Console.WriteLine("      Rights: {0}", ar.SemaphoreRights)
        Next
    End Sub
End Class








21.8.SemaphoreSecurity
21.8.1.Separation between Allow rules and Deny rules, and shows the combination of rights in compatible rules.