<PackageReference Include="System.Security.AccessControl" Version="4.6.0" />

ObjectSecurity

public abstract class ObjectSecurity
Provides the ability to control access to objects without direct manipulation of Access Control Lists (ACLs). This class is the abstract base class for the CommonObjectSecurity and DirectoryObjectSecurity classes.
public abstract Type AccessRightType { get; }

Gets the Type of the securable object associated with this ObjectSecurity object.

protected bool AccessRulesModified { get; protected set; }

Gets or sets a Boolean value that specifies whether the access rules associated with this ObjectSecurity object have been modified.

public abstract Type AccessRuleType { get; }

Gets the Type of the object associated with the access rules of this ObjectSecurity object. The Type object must be an object that can be cast as a SecurityIdentifier object.

public bool AreAccessRulesCanonical { get; }

Gets a Boolean value that specifies whether the access rules associated with this ObjectSecurity object are in canonical order.

public bool AreAccessRulesProtected { get; }

Gets a Boolean value that specifies whether the Discretionary Access Control List (DACL) associated with this ObjectSecurity object is protected.

public bool AreAuditRulesCanonical { get; }

Gets a Boolean value that specifies whether the audit rules associated with this ObjectSecurity object are in canonical order.

public bool AreAuditRulesProtected { get; }

Gets a Boolean value that specifies whether the System Access Control List (SACL) associated with this ObjectSecurity object is protected.

protected bool AuditRulesModified { get; protected set; }

Gets or sets a Boolean value that specifies whether the audit rules associated with this ObjectSecurity object have been modified.

public abstract Type AuditRuleType { get; }

Gets the Type object associated with the audit rules of this ObjectSecurity object. The Type object must be an object that can be cast as a SecurityIdentifier object.

protected bool GroupModified { get; protected set; }

Gets or sets a Boolean value that specifies whether the group associated with the securable object has been modified.

protected bool IsContainer { get; }

Gets a Boolean value that specifies whether this ObjectSecurity object is a container object.

protected bool IsDS { get; }

Gets a Boolean value that specifies whether this ObjectSecurity object is a directory object.

protected bool OwnerModified { get; protected set; }

Gets or sets a Boolean value that specifies whether the owner of the securable object has been modified.

protected CommonSecurityDescriptor SecurityDescriptor { get; }

Gets the security descriptor for this instance.

protected ObjectSecurity()

Initializes a new instance of the ObjectSecurity class.

protected ObjectSecurity(bool isContainer, bool isDS)

Initializes a new instance of the ObjectSecurity class.

protected ObjectSecurity(CommonSecurityDescriptor securityDescriptor)

Initializes a new instance of the ObjectSecurity class.

public static bool IsSddlConversionSupported()

Returns a Boolean value that specifies whether the security descriptor associated with this ObjectSecurity object can be converted to the Security Descriptor Definition Language (SDDL) format.

public abstract AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type)

Initializes a new instance of the AccessRule class with the specified values.

public abstract AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)

Initializes a new instance of the AuditRule class with the specified values.

public IdentityReference GetGroup(Type targetType)

Gets the primary group associated with the specified owner.

public IdentityReference GetOwner(Type targetType)

Gets the owner associated with the specified primary group.

public byte[] GetSecurityDescriptorBinaryForm()

Returns an array of byte values that represents the security descriptor information for this ObjectSecurity object.

public string GetSecurityDescriptorSddlForm(AccessControlSections includeSections)

Returns the Security Descriptor Definition Language (SDDL) representation of the specified sections of the security descriptor associated with this ObjectSecurity object.

protected abstract bool ModifyAccess(AccessControlModification modification, AccessRule rule, out bool modified)

Applies the specified modification to the Discretionary Access Control List (DACL) associated with this ObjectSecurity object.

public virtual bool ModifyAccessRule(AccessControlModification modification, AccessRule rule, out bool modified)

Applies the specified modification to the Discretionary Access Control List (DACL) associated with this ObjectSecurity object.

protected abstract bool ModifyAudit(AccessControlModification modification, AuditRule rule, out bool modified)

Applies the specified modification to the System Access Control List (SACL) associated with this ObjectSecurity object.

public virtual bool ModifyAuditRule(AccessControlModification modification, AuditRule rule, out bool modified)

Applies the specified modification to the System Access Control List (SACL) associated with this ObjectSecurity object.

protected virtual void Persist(bool enableOwnershipPrivilege, string name, AccessControlSections includeSections)

Saves the specified sections of the security descriptor associated with this ObjectSecurity object to permanent storage. We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

protected virtual void Persist(SafeHandle handle, AccessControlSections includeSections)

Saves the specified sections of the security descriptor associated with this ObjectSecurity object to permanent storage. We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

protected virtual void Persist(string name, AccessControlSections includeSections)

Saves the specified sections of the security descriptor associated with this ObjectSecurity object to permanent storage. We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

public virtual void PurgeAccessRules(IdentityReference identity)

Removes all access rules associated with the specified IdentityReference.

public virtual void PurgeAuditRules(IdentityReference identity)

Removes all audit rules associated with the specified IdentityReference.

protected void ReadLock()

Locks this ObjectSecurity object for read access.

protected void ReadUnlock()

Unlocks this ObjectSecurity object for read access.

public void SetAccessRuleProtection(bool isProtected, bool preserveInheritance)

Sets or removes protection of the access rules associated with this ObjectSecurity object. Protected access rules cannot be modified by parent objects through inheritance.

public void SetAuditRuleProtection(bool isProtected, bool preserveInheritance)

Sets or removes protection of the audit rules associated with this ObjectSecurity object. Protected audit rules cannot be modified by parent objects through inheritance.

public void SetGroup(IdentityReference identity)

Sets the primary group for the security descriptor associated with this ObjectSecurity object.

public void SetOwner(IdentityReference identity)

Sets the owner for the security descriptor associated with this ObjectSecurity object.

public void SetSecurityDescriptorBinaryForm(byte[] binaryForm)

Sets the security descriptor for this ObjectSecurity object from the specified array of byte values.

public void SetSecurityDescriptorBinaryForm(byte[] binaryForm, AccessControlSections includeSections)

Sets the specified sections of the security descriptor for this ObjectSecurity object from the specified array of byte values.

public void SetSecurityDescriptorSddlForm(string sddlForm)

Sets the security descriptor for this ObjectSecurity object from the specified Security Descriptor Definition Language (SDDL) string.

public void SetSecurityDescriptorSddlForm(string sddlForm, AccessControlSections includeSections)

Sets the specified sections of the security descriptor for this ObjectSecurity object from the specified Security Descriptor Definition Language (SDDL) string.

protected void WriteLock()

Locks this ObjectSecurity object for write access.

protected void WriteUnlock()

Unlocks this ObjectSecurity object for write access.