API Reference

Class

AclPermissions

Namespace ComputerX.Acl

Assembly ComputerX

Source ComputerX/Acl/AclPermissions.cs:19

Modifiers static

High-level helpers to Add/Remove/Set permissions for File, Registry, and Service objects. Thin wrappers over AclQuery* and AclWriter* with sensible merge/replace semantics.

Inheritance

Object
AclPermissions

Methods

public static Boolean AddFileAllow(String path, String identity, FileSystemRights rights, AclInheritanceFlags inheritance = None)

ComputerX/Acl/AclPermissions.cs:47

Returns: Boolean

Adds an Allow ACE for a file or directory (merge semantics).

Parameters

path System.String requiredposition: 0
identity System.String requiredposition: 1
rights System.Security.AccessControl.FileSystemRights requiredposition: 2
inheritance ComputerX.Acl.AclInheritanceFlags = None optionalposition: 3

Examples


AclPermissions.AddFileAllow(@"C:\\Data", @"DOMAIN\\Ops", FileSystemRights.Modify, AclInheritanceFlags.ContainerInherit|AclInheritanceFlags.ObjectInherit);

public static Boolean AddFileDeny(String path, String identity, FileSystemRights rights, AclInheritanceFlags inheritance = None)

ComputerX/Acl/AclPermissions.cs:53

Returns: Boolean

Adds a Deny ACE for a file or directory (merge semantics).

Parameters

path System.String requiredposition: 0
identity System.String requiredposition: 1
rights System.Security.AccessControl.FileSystemRights requiredposition: 2
inheritance ComputerX.Acl.AclInheritanceFlags = None optionalposition: 3

AddFilePermission 2 overloads

public static Boolean AddFilePermission(String path, IEnumerable<String> identities, FileSystemRights rights, AclAccessType type = Allow, AclInheritanceFlags inheritance = None)

ComputerX/Acl/AclPermissions.cs:34

Returns: Boolean

Adds an ACE to a file or directory. Merge semantics (existing rights for the same identity/type are unioned).

Parameters

arg1 System.String requiredposition: 0
arg2 System.String requiredposition: 1
arg3 System.Security.AccessControl.FileSystemRights requiredposition: 2
arg4 ComputerX.Acl.AclAccessType = Allow optionalposition: 3
arg5 ComputerX.Acl.AclInheritanceFlags = None optionalposition: 4

AddFilePermission(System.String path, System.Collections.Generic.IEnumerable{System.String} identities, System.Security.AccessControl.FileSystemRights rights, ComputerX.Acl.AclAccessType type, ComputerX.Acl.AclInheritanceFlags inheritance)

Adds an ACE to a file or directory for multiple identities using merge semantics.

Parameters

path System.String required: Target file or directory path.
identities System.Collections.Generic.IEnumerable{System.String} required: Account names or SIDs.
rights System.Security.AccessControl.FileSystemRights required: File system rights to grant or deny.
type ComputerX.Acl.AclAccessType required: Allow or Deny.
inheritance ComputerX.Acl.AclInheritanceFlags required: Inheritance flags applied to the ACE.

public static Boolean AddRegistryAllow(String computer, String keyPath, String identity, RegistryRights rights) #

ComputerX/Acl/AclPermissions.cs:211

Returns: Boolean

Adds an Allow ACE to a registry key (merge semantics).

Parameters

computer System.String requiredposition: 0
keyPath System.String requiredposition: 1
identity System.String requiredposition: 2
rights System.Security.AccessControl.RegistryRights requiredposition: 3

public static Boolean AddRegistryDeny(String computer, String keyPath, String identity, RegistryRights rights) #

ComputerX/Acl/AclPermissions.cs:217

Returns: Boolean

Adds a Deny ACE to a registry key (merge semantics).

Parameters

computer System.String requiredposition: 0
keyPath System.String requiredposition: 1
identity System.String requiredposition: 2
rights System.Security.AccessControl.RegistryRights requiredposition: 3

AddRegistryPermission 2 overloads

public static Boolean AddRegistryPermission(String computer, String keyPath, IEnumerable<String> identities, RegistryRights rights, AclAccessType type = Allow)

ComputerX/Acl/AclPermissions.cs:201

Returns: Boolean

Adds an ACE to a registry key for a single identity (merge semantics).

Parameters

computer System.String requiredposition: 0: Computer name (null/empty for local machine).
keyPath System.String requiredposition: 1: Full registry path (e.g., HKLM\SYSTEM\...).
identity System.String requiredposition: 2: Account name or SID.
rights System.Security.AccessControl.RegistryRights requiredposition: 3: Registry rights to grant or deny.
type ComputerX.Acl.AclAccessType = Allow optionalposition: 4: Allow or Deny.

AddRegistryPermission(System.String arg1, System.String arg2, System.Collections.Generic.IEnumerable{System.String} arg3, System.Security.AccessControl.RegistryRights arg4, ComputerX.Acl.AclAccessType arg5)

Adds an ACE to a registry key for multiple identities (merge semantics).

Parameters

arg1 System.String required
arg2 System.String required
arg3 System.Collections.Generic.IEnumerable{System.String} required
arg4 System.Security.AccessControl.RegistryRights required
arg5 ComputerX.Acl.AclAccessType required

public static Boolean AddServiceAllow(String computer, String serviceName, String identity, ServiceRights rights) #

ComputerX/Acl/AclPermissions.cs:313

Returns: Boolean

Adds an Allow ACE to a service DACL (merge semantics).

Parameters

computer System.String requiredposition: 0
serviceName System.String requiredposition: 1
identity System.String requiredposition: 2
rights ComputerX.Acl.ServiceRights requiredposition: 3

public static Boolean AddServiceDeny(String computer, String serviceName, String identity, ServiceRights rights) #

ComputerX/Acl/AclPermissions.cs:319

Returns: Boolean

Adds a Deny ACE to a service DACL (merge semantics).

Parameters

computer System.String requiredposition: 0
serviceName System.String requiredposition: 1
identity System.String requiredposition: 2
rights ComputerX.Acl.ServiceRights requiredposition: 3

AddServicePermission 2 overloads

public static Boolean AddServicePermission(String computer, String serviceName, IEnumerable<String> identities, ServiceRights rights, AclAccessType type = Allow)

ComputerX/Acl/AclPermissions.cs:303

Returns: Boolean

Adds an ACE to a service DACL for a single identity (merge semantics).

Parameters

computer System.String requiredposition: 0
serviceName System.String requiredposition: 1
identity System.String requiredposition: 2
rights ComputerX.Acl.ServiceRights requiredposition: 3
type ComputerX.Acl.AclAccessType = Allow optionalposition: 4

AddServicePermission(System.String computer, System.String serviceName, System.Collections.Generic.IEnumerable{System.String} identities, ComputerX.Acl.ServiceRights rights, ComputerX.Acl.AclAccessType type)

Adds an ACE to a service DACL for multiple identities (merge semantics).

Parameters

computer System.String required
serviceName System.String required
identities System.Collections.Generic.IEnumerable{System.String} required
rights ComputerX.Acl.ServiceRights required
type ComputerX.Acl.AclAccessType required

RemoveFilePermission 2 overloads

public static Boolean RemoveFilePermission(String path, IEnumerable<String> identities, FileSystemRights rights, AclAccessType type = Allow, Nullable<AclInheritanceFlags> matchInheritance = null)

ComputerX/Acl/AclPermissions.cs:102

Returns: Boolean

Removes specific rights for an identity from a file/directory DACL. When the remaining mask is non‑zero, the ACE is rewritten with the reduced mask.

Parameters

path System.String requiredposition: 0: Target file or directory.
identity System.String requiredposition: 1: Account name or SID.
rights System.Security.AccessControl.FileSystemRights requiredposition: 2: Rights mask to remove.
type ComputerX.Acl.AclAccessType = Allow optionalposition: 3: Allow or Deny ACE to target.
matchInheritance System.Nullable{ComputerX.Acl.AclInheritanceFlags} = null optionalposition: 4: Optional inheritance flags to match; when null, matches any.

RemoveFilePermission(System.String arg1, System.Collections.Generic.IEnumerable{System.String} arg2, System.Security.AccessControl.FileSystemRights arg3, ComputerX.Acl.AclAccessType arg4, System.Nullable{ComputerX.Acl.AclInheritanceFlags} arg5)

Removes rights for multiple identities from a file/directory DACL.

Parameters

arg1 System.String required
arg2 System.Collections.Generic.IEnumerable{System.String} required
arg3 System.Security.AccessControl.FileSystemRights required
arg4 ComputerX.Acl.AclAccessType required
arg5 System.Nullable{ComputerX.Acl.AclInheritanceFlags} required

RemoveRegistryPermission 2 overloads

public static Boolean RemoveRegistryPermission(String computer, String keyPath, IEnumerable<String> identities, RegistryRights rights, AclAccessType type = Allow)

ComputerX/Acl/AclPermissions.cs:259

Returns: Boolean

Removes specific rights for an identity from a registry key DACL.

Parameters

arg1 System.String requiredposition: 0
arg2 System.String requiredposition: 1
arg3 System.String requiredposition: 2
arg4 System.Security.AccessControl.RegistryRights requiredposition: 3
arg5 ComputerX.Acl.AclAccessType = Allow optionalposition: 4

RemoveRegistryPermission(System.String arg1, System.String arg2, System.Collections.Generic.IEnumerable{System.String} arg3, System.Security.AccessControl.RegistryRights arg4, ComputerX.Acl.AclAccessType arg5)

Removes rights for multiple identities from a registry key DACL.

Parameters

arg1 System.String required
arg2 System.String required
arg3 System.Collections.Generic.IEnumerable{System.String} required
arg4 System.Security.AccessControl.RegistryRights required
arg5 ComputerX.Acl.AclAccessType required

RemoveServicePermission 2 overloads

public static Boolean RemoveServicePermission(String computer, String serviceName, IEnumerable<String> identities, ServiceRights rights, AclAccessType type = Allow)

ComputerX/Acl/AclPermissions.cs:358

Returns: Boolean

Removes specific rights for an identity from a service DACL.

Parameters

computer System.String requiredposition: 0
serviceName System.String requiredposition: 1
identity System.String requiredposition: 2
rights ComputerX.Acl.ServiceRights requiredposition: 3
type ComputerX.Acl.AclAccessType = Allow optionalposition: 4

RemoveServicePermission(System.String computer, System.String serviceName, System.Collections.Generic.IEnumerable{System.String} identities, ComputerX.Acl.ServiceRights rights, ComputerX.Acl.AclAccessType type)

Removes rights for multiple identities from a service DACL.

Parameters

computer System.String required
serviceName System.String required
identities System.Collections.Generic.IEnumerable{System.String} required
rights ComputerX.Acl.ServiceRights required
type ComputerX.Acl.AclAccessType required

public static Boolean ResetFileToInherited(String path) #

ComputerX/Acl/AclPermissions.cs:143

Returns: Boolean

Resets a file or directory to inherited permissions only (removes all explicit ACEs and disables DACL protection).

Parameters

path System.String requiredposition: 0

public static Boolean SetFilePermission(String path, String identity, FileSystemRights rights, AclAccessType type = Allow, AclInheritanceFlags inheritance = None)

ComputerX/Acl/AclPermissions.cs:117

Returns: Boolean

Replaces any existing ACE for an identity with the provided rights on a file/directory.

Parameters

path System.String requiredposition: 0: Target file or directory.
identity System.String requiredposition: 1: Account name or SID.
rights System.Security.AccessControl.FileSystemRights requiredposition: 2: Rights mask to apply.
type ComputerX.Acl.AclAccessType = Allow optionalposition: 3: Allow or Deny.
inheritance ComputerX.Acl.AclInheritanceFlags = None optionalposition: 4: Inheritance flags for the new ACE.

public static Boolean SetRegistryPermission(String computer, String keyPath, String identity, RegistryRights rights, AclAccessType type = Allow)

ComputerX/Acl/AclPermissions.cs:269

Returns: Boolean

Replaces any existing ACE for an identity with the provided rights on a registry key.

Parameters

computer System.String requiredposition: 0
keyPath System.String requiredposition: 1
identity System.String requiredposition: 2
rights System.Security.AccessControl.RegistryRights requiredposition: 3
type ComputerX.Acl.AclAccessType = Allow optionalposition: 4

public static Boolean SetServicePermission(String computer, String serviceName, String identity, ServiceRights rights, AclAccessType type = Allow)

ComputerX/Acl/AclPermissions.cs:368

Returns: Boolean

Replaces any existing ACE for an identity with the provided rights on a service DACL.

Parameters

computer System.String requiredposition: 0
serviceName System.String requiredposition: 1
identity System.String requiredposition: 2
rights ComputerX.Acl.ServiceRights requiredposition: 3
type ComputerX.Acl.AclAccessType = Allow optionalposition: 4

Inheritance

Methods

Parameters

Examples

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Inherited Methods

Parameters