*======================================================================================== * Setting file permissions. * * Based on Emmet Gray's code at http://home.hot.rr.com/graye/Articles/SetPermissions.htm. *======================================================================================== Lparameters strPath, strUserName, iPermm * Test code strPath = Addbs(GetEnv("TEMP"))+"test\test.txt" struserName = "Users" iPerm = 1179785 * Full Control = 20321127 * Modify = 1245631 * Read & Execute = 1179817 * Read = 1179785 * Write = 1179926 * Execute = 1179808 * Type of Securable Object we are using SE_FILE_OBJECT = 1 * The Security Information constants required DACL_SECURITY_INFORMATION = 4 SET_ACCESS = 2 * Standard access rights extracted from WinNT.h SYNCHRONIZE = 0x100000 READ_CONTROL = 0x20000 WRITE_DAC = 0x40000 WRITE_OWNER = 0x80000 STANDARD_RIGHTS_READ = (READ_CONTROL) STANDARD_RIGHTS_WRITE = (READ_CONTROL) DELETE = 0x10000 DELETE_CHILD = 0x40 ALL_ACCESS = Bitor(0xF0000,SYNCHRONIZE,0x1FF) * Generic access rights extracted from WinNT.h GENERIC_ALL = 0x10000000 GENERIC_EXECUTE = 0x20000000 GENERIC_READ = 0x80000000 GENERIC_WRITE = 0x40000000 * Inheritance Flags CONTAINER_INHERIT_ACE = 2 OBJECT_INHERIT_ACE = 1 Declare Long BuildExplicitAccessWithName in "AdvAPI32.DLL" ; Integer pExplicitAccess, ; String pTrusteeName, ; Integer AccessPermissions, ; Short AccessMode, ; Integer Inheritance Declare Integer SetEntriesInAcl In "AdvAPI32.DLL" ; Integer cCountOfExplicitEntries, ; Integer pListOfExplicitEntries, ; Integer OldAcl, ; Integer @NewAcl Declare Integer GetNamedSecurityInfo in "AdvAPI32.DLL" ; String pObjectName, ; Integer ObjectType, ; Integer SecurityInfo, ; Integer @ppsidOwner, ; Integer @ppsidGroup, ; Integer @ppDacl, ; Integer @ppSacl, ; Integer @ppSecurityDescriptor Declare Integer SetNamedSecurityInfo in "AdvAPI32.DLL" ; String pObjectName, ; Integer ObjectType, ; Integer SecurityInfo, ; Integer psidOwner, ; Integer psidGroup, ; Integer pDacl, ; Integer pSacl Declare Integer LocalFree in "kernel32" ; Integer hMem * get the Security Descriptor and DACL Local pOldDACL, pSecDesc pOldDACL = 0 pSecDesc = 0 ret = GetNamedSecurityInfo(strPath, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, 0, 0, @pOldDACL, 0, @pSecDesc) If ret <> 0 Then Throw "Win32Error.Message" Endif *-------------------------------------------------------------------------------------- * Declare API functions *-------------------------------------------------------------------------------------- Declare Long HeapAlloc in win32api Long, Long, Long Declare Long GetProcessHeap in win32api Declare Long HeapFree in win32api Long, Long, Long Local lnMem lnMem = HeapAlloc( GetProcessHeap(), 0, 6000 ) * build an explicit access structure BuildExplicitAccessWithName(lnMem, strUserName, iPerm, SET_ACCESS, BitOr(CONTAINER_INHERIT_ACE,OBJECT_INHERIT_ACE) ) * merge this Explict Access with the existing DACL Local pNewDACL pNewDACL = 0 ret = SetEntriesInAcl(1, lnMem, pOldDACL, @pNewDACL) If ret <> 0 Then Throw "Win32Error.Message" EndIf * write the new Security Descriptor/DACL back ret = SetNamedSecurityInfo(strPath, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, 0, 0, pNewDACL, 0) If ret <> 0 Then Throw "Win32Error.Message" EndIf * clean up and go home HeapFree( GetProcessHeap(), 0, m.lnMem ) LocalFree(pNewDACL) LocalFree(pSecDesc)