您的位置: 首页  >  技术问答  >  如何为我的应用程序为所有用户创建的文件授予完全权限

如何为我的应用程序为所有用户创建的文件授予完全权限

分类: 技术问答 2022-03-17 13:37:50

如何为我的应用程序为所有用户创建的文件授予完全权限

问题描述:

我想对我的应用程序中创建的文件进行完全读写访问,我已编写代码



I want to give full read and write access on a file created in my application,I have written code 

string directory = AppDomain.CurrentDomain.BaseDirectory + "CustomerPayment.xml";
           exporter.SetFilename(directory);
           exporter.SetFileType(PeachwIEFileType.peachwIEFileTypeXML);

           if (!File.Exists(directory))
           {
               File.Create(directory);
           }

           IdentityReference everyoneIdentity = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
           DirectorySecurity dir_security = Directory.GetAccessControl(directory);
           FileSystemAccessRule full_access_rule = new FileSystemAccessRule(everyoneIdentity,FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None,AccessControlType.Allow);
           dir_security.AddAccessRule(full_access_rule);

           Directory.SetAccessControl(directory, dir_security);





但是出现错误试图执行未经授权的操作。



请帮助我,我想对上面的xml文件给予完整的读写权限



我尝试过:



我试图对我的应用程序创建的文件进行完全访问控制



but error is coming that "attempted to perform an unauthorized operation.

please help me, i want to give full read and write permission on my above xml file

What I have tried:

I tried to give full access control on a file created by my application

尝试在web.config中添加设置

< configuration>

< system.web>

< identity impersonate =true>


Try adding settings in web.config
<configuration>
<system.web>
<identity impersonate="true">


要做的第一件事就是使用可访问的目录通常,您应该使用所有用户文档上的子目录。



事实上,你永远不应该将用户数据存储在程序文件中!



另一种方法是使用应用程序数据目录。



可以使用 Environment.GetFolderPath 函数轻松找到这些目录。



如果您使用应用程序数据,您可能希望在安装过程中调整权限,因为我认为您在没有要求提升的情况下作为用户运行时不会这样做。我不认为所有用户文档需要它(除非默认安全性搞砸了)。
The first thing to do would be to use a directory that is accessible by all users. Typically, you should use a subdirectory on All users documents.

In fact, you should never store user data in Program Files!

An alternative would be to use Application data directory.

Those directories can easily be found using Environment.GetFolderPath function.

If you use Application data, you might want to adjust permission during the installation as I don't think you would be able to do that while running as a user without asking elevation. I don't think it is needed for All users documents (unless default security was messed up).


如果这是一个ASP.NET应用程序,那么你的代码在一个非常有限的帐户下运行。



如果这是一个正常的Windows窗体或WPF,或其他一些桌面应用程序,代码正在运行作为启动它的用户。



在任何情况下,您的代码都不能授予其作为运行代码的帐户已有的内容的更多权限。
If this is an ASP.NET app, your code is running under a very limited account.

If this is a normal Windows Forms or WPF, or some other desktop app, the code is running AS THE USER THAT LAUNCHED IT.

In any case, your code cannot grant more permissions to something that it already has as the account the code is running under.


相关推荐