I have a program that's creating a secure directory for user output. This is working correctly, but the files I create in it (or copy to it) are ending up with only administrator access.
DirectoryInfo outputDirectory =
baseOutputDirectory.CreateSubdirectory(outputDirectoryName,
GetDirectorySecurity(searchHits.Request.UserId));
...
private DirectorySecurity GetDirectorySecurity(string owner)
{
const string LOG_SOURCE = "GetDirectorySecurity";
DirectorySecurity ds = new DirectorySecurity();
System.Security.Principal.NTAccount ownerAccount =
new System.Security.Principal.NTAccount(owner);
ds.SetOwner(ownerAccount);
ds.AddAccessRule(
new FileSystemAccessRule(owner,
FileSystemRights.FullControl,
AccessControlType.Allow));
//AdminUsers is a List<string> that contains a list from configuration
// That represents the admins who should be allowed
foreach (string adminUser in AdminUsers)
{
ds.AddAccessRule(
new FileSystemAccessRule(adminUser,
FileSystemRights.FullControl,
AccessControlType.Allow));
}
return ds;
}
/// <summary>
/// This method copies any static supporting files, such as javascripts
/// </summary>
/// <param name="outputDirectory"></param>
private void CopySupportingFiles(DirectoryInfo outputDirectory)
{
foreach (FileInfo file in SupportingFiles)
{
file.CopyTo(
Path.Combine(outputDirectory.FullName, file.Name));
}
}
etc, etc, etc.
What am I doing wrong? Why aren't the permissions cascading?
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…