简体   繁体   中英

Get access rights of specific folder for actual user

I hope you can help me. I need to obtain access rights (read, write etc.) of specific folder for actual user (which started the program) or for his group (users/administrators...)

Code below working but I cannot obtain info which I want in format similar to:

C:\\Windows (R+W)


C:\\Windows (Full Control)

Thank you.

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.AccessControl;
using System.Security.Principal;
using System.Text;
using System.Threading.Tasks;

namespace ConsoleApp1
    class Program

        static void Main(string[] args)

        static string getRights(string path)
            string rights = "eeeeee";
                DirectorySecurity dSecurity = Directory.GetAccessControl(path);
                foreach (FileSystemAccessRule rule in dSecurity.GetAccessRules(true, true, typeof(NTAccount)))
                    rights += rule.FileSystemRights.ToString() + "\n";
                    rights += rule.IdentityReference.Value + "\n";
                    rights += "\n\n";
                rights = "";

            return rights;

If I got it right, you need something like this:

internal class Program
    private static void Main(string[] args)
        string path = @"C:\Windows";
        Console.WriteLine($"{path} - {getRights(path)}");

    static string getRights(string path)
        DirectoryInfo directoryInfo = new DirectoryInfo(path);
        if (!directoryInfo.Exists)
            return "Directory doesn't exist";
        FileSystemRights fsRights = 0;
        DirectorySecurity directorySecurity = directoryInfo.GetAccessControl();
        AuthorizationRuleCollection authRules = directorySecurity.GetAccessRules(true, true, typeof(NTAccount));
        WindowsIdentity currentUser = WindowsIdentity.GetCurrent();
        WindowsPrincipal principal = new WindowsPrincipal(currentUser);

        foreach (AuthorizationRule rule in authRules)
            FileSystemAccessRule fsRule = rule as FileSystemAccessRule;

            if (fsRule != null)
                NTAccount ntAccount = rule.IdentityReference as NTAccount;

                if (principal.IsInRole(ntAccount.Value))
                    if (fsRule.FileSystemRights > fsRights)
                        fsRights = fsRule.FileSystemRights;

        switch (fsRights)
            case FileSystemRights.FullControl:
                return "Full Control";
            case FileSystemRights r when (r >= FileSystemRights.Write):
                return "Write";
            case FileSystemRights r when (r >= FileSystemRights.ReadData):
                return "Read";
                return "No rights";


public enum FileSystemRights
    ReadData = 1,
    ListDirectory = 1,
    WriteData = 2,
    CreateFiles = 2,
    AppendData = 4,
    CreateDirectories = 4,
    ReadExtendedAttributes = 8,
    WriteExtendedAttributes = 16,
    ExecuteFile = 32,
    Traverse = 32,
    DeleteSubdirectoriesAndFiles = 64,
    ReadAttributes = 128,
    WriteAttributes = 256,
    Write = 278,
    Delete = 65536,
    ReadPermissions = 131072,
    Read = 131209,
    ReadAndExecute = 131241,
    Modify = 197055,
    ChangePermissions = 262144,
    TakeOwnership = 524288,
    Synchronize = 1048576,
    FullControl = 2032127

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

粤ICP备18138465号  © 2020-2024 STACKOOM.COM