SemaphoreSecurity.RemoveAccessRuleAll(SemaphoreAccessRule) Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Searches for all access control rules with the same user and AccessControlType (allow or deny) as the specified rule and, if found, removes them.
public:
void RemoveAccessRuleAll(System::Security::AccessControl::SemaphoreAccessRule ^ rule);
public void RemoveAccessRuleAll (System.Security.AccessControl.SemaphoreAccessRule rule);
override this.RemoveAccessRuleAll : System.Security.AccessControl.SemaphoreAccessRule -> unit
Public Sub RemoveAccessRuleAll (rule As SemaphoreAccessRule)
Parameters
- rule
- SemaphoreAccessRule
A SemaphoreAccessRule that specifies the user and AccessControlType to search for. Any rights specified by this rule are ignored.
Exceptions
rule
is null
.
Examples
The following code example shows that the RemoveAccessRuleAll method removes all rules that match user and AccessControlType, ignoring rights.
The example creates a SemaphoreSecurity object, adds rules that allow and deny various rights for the current user, and then merges additional rights into the Allow rule. The example then creates a new rule that allows the current user to take ownership, and uses that rule to remove the Allow rule from the SemaphoreSecurity object.
Note
This example does not attach the security object to a Semaphore object. Examples that attach security objects can be found in Semaphore.GetAccessControl and Semaphore.SetAccessControl.
using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;
public class Example
{
public static void Main()
{
// Create a string representing the current user.
string user = Environment.UserDomainName + "\\" +
Environment.UserName;
// Create a security object that grants no access.
SemaphoreSecurity mSec = new SemaphoreSecurity();
// Add a rule that grants the current user the
// right to enter or release the semaphore.
SemaphoreAccessRule rule = new SemaphoreAccessRule(user,
SemaphoreRights.Synchronize | SemaphoreRights.Modify,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
// Add a rule that denies the current user the
// right to change permissions on the semaphore.
rule = new SemaphoreAccessRule(user,
SemaphoreRights.ChangePermissions,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
// Display the rules in the security object.
ShowSecurity(mSec);
// Add a rule that allows the current user the
// right to read permissions on the semaphore. This rule
// is merged with the existing Allow rule.
rule = new SemaphoreAccessRule(user,
SemaphoreRights.ReadPermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
ShowSecurity(mSec);
// Create a rule that allows the current user to
// change the owner of the semaphore, and use that rule
// to remove the existing allow access rule from
// the SemaphoreSecurity object, showing that the user
// and access type must match, while the rights are
// ignored.
Console.WriteLine("Use RemoveAccessRuleAll to remove the Allow rule.");
rule = new SemaphoreAccessRule(user,
SemaphoreRights.TakeOwnership,
AccessControlType.Allow);
mSec.RemoveAccessRuleAll(rule);
ShowSecurity(mSec);
}
private static void ShowSecurity(SemaphoreSecurity security)
{
Console.WriteLine("\r\nCurrent access rules:\r\n");
foreach(SemaphoreAccessRule ar in
security.GetAccessRules(true, true, typeof(NTAccount)))
{
Console.WriteLine(" User: {0}", ar.IdentityReference);
Console.WriteLine(" Type: {0}", ar.AccessControlType);
Console.WriteLine(" Rights: {0}", ar.SemaphoreRights);
Console.WriteLine();
}
}
}
/*This code example produces output similar to following:
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, Synchronize
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, ReadPermissions, Synchronize
Use RemoveAccessRuleAll to remove the Allow rule.
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
*/
Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal
Public Class Example
Public Shared Sub Main()
' Create a string representing the current user.
Dim user As String = Environment.UserDomainName _
& "\" & Environment.UserName
' Create a security object that grants no access.
Dim mSec As New SemaphoreSecurity()
' Add a rule that grants the current user the
' right to enter or release the semaphore.
Dim rule As New SemaphoreAccessRule(user, _
SemaphoreRights.Synchronize _
Or SemaphoreRights.Modify, _
AccessControlType.Allow)
mSec.AddAccessRule(rule)
' Add a rule that denies the current user the
' right to change permissions on the semaphore.
rule = New SemaphoreAccessRule(user, _
SemaphoreRights.ChangePermissions, _
AccessControlType.Deny)
mSec.AddAccessRule(rule)
' Display the rules in the security object.
ShowSecurity(mSec)
' Add a rule that allows the current user the
' right to read permissions on the semaphore. This rule
' is merged with the existing Allow rule.
rule = New SemaphoreAccessRule(user, _
SemaphoreRights.ReadPermissions, _
AccessControlType.Allow)
mSec.AddAccessRule(rule)
ShowSecurity(mSec)
' Create a rule that allows the current user to
' change the owner of the semaphore, and use that rule
' to remove the existing allow access rule from
' the SemaphoreSecurity object, showing that the user
' and access type must match, while the rights are
' ignored.
Console.WriteLine("Use RemoveAccessRuleAll to remove the Allow rule.")
rule = New SemaphoreAccessRule(user, _
SemaphoreRights.TakeOwnership, _
AccessControlType.Allow)
mSec.RemoveAccessRuleAll(rule)
ShowSecurity(mSec)
End Sub
Private Shared Sub ShowSecurity(ByVal security As SemaphoreSecurity)
Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)
For Each ar As SemaphoreAccessRule In _
security.GetAccessRules(True, True, GetType(NTAccount))
Console.WriteLine(" User: {0}", ar.IdentityReference)
Console.WriteLine(" Type: {0}", ar.AccessControlType)
Console.WriteLine(" Rights: {0}", ar.SemaphoreRights)
Console.WriteLine()
Next
End Sub
End Class
'This code example produces output similar to following:
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, Synchronize
'
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, ReadPermissions, Synchronize
'
'Use RemoveAccessRuleAll to remove the Allow rule.
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
Remarks
The current SemaphoreSecurity object is searched for rules that have the same user and the same AccessControlType value as rule
. Any rights specified by rule
are ignored when performing this search. If no matching rules are found, no action is taken.
Applies to
.NET