Is there a FileSecurity method that can determine if the current
WindowsIdentity has write access to a file?
I can get the current windows identity and use FileSecurity to return
the AuthorizationRu leCollection and then search for the
FileSystemAcces sRule's that apply to my identity. The problem is my
current identity may be "MYDOMAIN\JDOE" , but I do not know how to
determine if a group this identity belongs, for example "EVERYONE",
permits write access for the identity?
Background
----------
I need to test if I my application has read/write access to a file based
database. The database may be running on a client or as a webservice on
a server. I could try to create a new dummy record and hope the
database provider gives me an error or an exception but there must be a
more elegant solution?
Thanks in advance for any tips or suggestions,
-Ed
// This does not work but shows what I wish to achieve
private static bool IdentityHasAccc es(FileInfo fileInfo,
FileSystemRight s
fileSystemRight s)
{
System.Security .Principal.Wind owsIdentity windowsIdentity =
System.Security .Principal.Wind owsIdentity.Get Current();
FileSecurity fileSecutiy = fileInfo.GetAcc essControl();
AuthorizationRu leCollection authorizationRu leCollection =
fileInfo.GetAcc essControl().Ge tAccessRules(tr ue, true, typeof(NTAccoun t));
foreach (FileSystemAcce ssRule fileSystemAcces sRule in
authorizationRu leCollection)
{
if ( true == (AccessControlT ype.Allow ==
fileSystemAcces sRule.AccessCon trolType &&
fileSystemRight s ==
(fileSystemAcce ssRule.FileSyst emRights & fileSystemRight s)))
{
// Test if this FileSystemAcces sRule IdentityReferen ce is
one of the Groups the current identity belongs to
foreach(Identit yReference identityReferen ce in
windowsIdentity .Groups)
{
if( identityReferen ce ==
fileSystemAcces sRule.IdentityR eference)
{
return true;
}
}
}
}
return false;
}