MutexSecurity.RemoveAccessRule(MutexAccessRule) 方法
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
搜索如下的访问控制规则:与指定的访问规则具有相同的用户和 AccessControlType(允许或拒绝),并具有兼容的继承和传播标志;如果找到,则从中移除指定访问规则中包含的权限。
public:
bool RemoveAccessRule(System::Security::AccessControl::MutexAccessRule ^ rule);
public bool RemoveAccessRule (System.Security.AccessControl.MutexAccessRule rule);
override this.RemoveAccessRule : System.Security.AccessControl.MutexAccessRule -> bool
Public Function RemoveAccessRule (rule As MutexAccessRule) As Boolean
参数
- rule
- MutexAccessRule
指定要搜索的用户和 MutexAccessRule 的 AccessControlType,以及匹配规则(如果找到)必须兼容的一组继承和传播标志。 指定要从兼容规则移除的权限(如果找到)。
返回
如果找到一个兼容规则,则为 true
;否则为 false
。
例外
rule
为 null
。
示例
下面的代码示例演示如何使用 RemoveAccessRule 方法从 Allow 对象中的 MutexSecurity 规则中删除权限。 它还显示忽略 中的其他 rule
权限。
该示例创建 一个 MutexSecurity 对象,并添加允许和拒绝当前用户的各种权限的规则。 允许的权限包括 Modify、 ReadPermissions和 Synchronize。 然后,该示例为当前用户(包括 ReadPermissions 和 权限)创建一个新规则,并将该规则与 方法一起使用RemoveAccessRule,从 对象中的AllowMutexSecurity规则中删除ReadPermissionsTakeOwnership。 中rule
无关TakeOwnership的权利将被忽略。
注意
此示例不将安全对象附加到 Mutex 对象。 可以在 和 Mutex.SetAccessControl中找到Mutex.GetAccessControl附加安全对象的示例。
using System;
using System.Threading;
using System.Security.AccessControl;
using System.Security.Principal;
public class Example
{
public static void Main()
{
// Create a string representing the current user.
string user = Environment.UserDomainName + "\\" +
Environment.UserName;
// Create a security object that grants no access.
MutexSecurity mSec = new MutexSecurity();
// Add a rule that grants the current user the
// right to enter or release the mutex and read the
// permissions on the mutex.
MutexAccessRule rule = new MutexAccessRule(user,
MutexRights.Synchronize | MutexRights.Modify
| MutexRights.ReadPermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
// Add a rule that denies the current user the
// right to change permissions on the mutex.
rule = new MutexAccessRule(user,
MutexRights.ChangePermissions,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
// Display the rules in the security object.
ShowSecurity(mSec);
// Create a rule that grants the current user
// the right to read permissions on the mutex, and
// take ownership of the mutex. Use this rule to
// remove the right to read permissions from the
// Allow rule for the current user. The inclusion
// of the right to take ownership has no effect.
rule = new MutexAccessRule(user,
MutexRights.TakeOwnership |
MutexRights.ReadPermissions,
AccessControlType.Allow);
mSec.RemoveAccessRule(rule);
ShowSecurity(mSec);
}
private static void ShowSecurity(MutexSecurity security)
{
Console.WriteLine("\r\nCurrent access rules:\r\n");
foreach(MutexAccessRule ar in
security.GetAccessRules(true, true, typeof(NTAccount)))
{
Console.WriteLine(" User: {0}", ar.IdentityReference);
Console.WriteLine(" Type: {0}", ar.AccessControlType);
Console.WriteLine(" Rights: {0}", ar.MutexRights);
Console.WriteLine();
}
}
}
/*This code example produces output similar to following:
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, ReadPermissions, Synchronize
Current access rules:
User: TestDomain\TestUser
Type: Deny
Rights: ChangePermissions
User: TestDomain\TestUser
Type: Allow
Rights: Modify, Synchronize
*/
Imports System.Threading
Imports System.Security.AccessControl
Imports System.Security.Principal
Public Class Example
Public Shared Sub Main()
' Create a string representing the current user.
Dim user As String = Environment.UserDomainName _
& "\" & Environment.UserName
' Create a security object that grants no access.
Dim mSec As New MutexSecurity()
' Add a rule that grants the current user the
' right to enter or release the mutex, and to
' read its permissions.
Dim rule As New MutexAccessRule(user, _
MutexRights.Synchronize _
Or MutexRights.Modify _
Or MutexRights.ReadPermissions, _
AccessControlType.Allow)
mSec.AddAccessRule(rule)
' Add a rule that denies the current user the
' right to change permissions on the mutex.
rule = New MutexAccessRule(user, _
MutexRights.ChangePermissions, _
AccessControlType.Deny)
mSec.AddAccessRule(rule)
' Display the rules in the security object.
ShowSecurity(mSec)
' Create a rule that grants the current user
' the right to read permissions on the mutex, and
' take ownership of the mutex. Use this rule to
' remove the right to read permissions from the
' Allow rule for the current user. The inclusion
' of the right to take ownership has no effect.
rule = New MutexAccessRule(user, _
MutexRights.TakeOwnership _
Or MutexRights.ReadPermissions, _
AccessControlType.Allow)
mSec.RemoveAccessRule(rule)
ShowSecurity(mSec)
End Sub
Private Shared Sub ShowSecurity(ByVal security As MutexSecurity)
Console.WriteLine(vbCrLf & "Current access rules:" & vbCrLf)
For Each ar As MutexAccessRule In _
security.GetAccessRules(True, True, GetType(NTAccount))
Console.WriteLine(" User: {0}", ar.IdentityReference)
Console.WriteLine(" Type: {0}", ar.AccessControlType)
Console.WriteLine(" Rights: {0}", ar.MutexRights)
Console.WriteLine()
Next
End Sub
End Class
'This code example produces output similar to following:
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, ReadPermissions, Synchronize
'
'
'Current access rules:
'
' User: TestDomain\TestUser
' Type: Deny
' Rights: ChangePermissions
'
' User: TestDomain\TestUser
' Type: Allow
' Rights: Modify, Synchronize
注解
当前 MutexSecurity 搜索与 具有相同用户且值rule
相同的AccessControlType规则。 如果未找到此类规则,则不执行任何操作,并且该方法返回 false
。 如果找到匹配的规则,则会检查其继承和兼容性标志是否与 中指定的 rule
标志兼容。 如果未找到兼容的规则,则不执行任何操作,并且该方法返回 false
。 如果找到具有兼容标志的规则,则会从兼容规则中删除 中指定的 rule
权限,并且该方法返回 true
。 如果 rule
指定了未包含在兼容规则中的权限,则不会对这些权限执行任何操作。 如果从兼容规则中删除所有权限,则会从当前 MutexSecurity 对象中删除整个规则。
重要
尽管可以通过使用 AccessRuleFactory 方法创建互斥访问规则来指定继承和传播标志,但不建议这样做。 继承和传播对命名互斥体没有意义,它们使访问规则的维护更加复杂。