Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

How to check if I can read a folder

3 views
Skip to first unread message

Lalo

unread,
Jan 10, 2005, 4:35:04 PM1/10/05
to
I wrote some small piece of code to build a treeview, which should display an
image of the file system, but only the folders the logged user has access to.

I'm pretty sure there is a more elegant way to do this. Any suggestion?

Here is the code. It's inside a method (FillChildNodes) which is called
recursively

-------------
DirectoryInfo[] subDirs = rootFolder.GetDirectories();

if (subDirs != null && subDirs.Length > 0)
{
foreach (DirectoryInfo dir in subDirs)
{
if (dir.Exists)
{
try
{
TreeNode tn = BuildTreeNode(dir);
FillChildNodes(tn,dir);
tn.Nodes.Add(tn);
}
catch (UnauthorizedAccessException uaex)
{
}
}
}
}
-------------------
BuildTreeNode method only does:
-------------------
tn.ID = dir.ToString();
tn.Text = dir.Name;
-------------------

What concerns me if the test method I'm using to check if I can read the
directory.
I've tried using DirectoryInfo.Exists attribute an Directory.Exists()
method, but neither worked.

The above method works fine on an XP Pro with SP2, IIS configured with
integrated security and no anonymous access allowed, and <identity
impersonate="true"/> in the web.config file.

Nicole Calinoiu

unread,
Jan 11, 2005, 9:19:19 AM1/11/05
to
The GetDirectories methods and the Exists methods will all acknowledge the
existence of a directory whose path the user can discover (assuming CAS
permissions also allow the path discovery). Depending on how exactly you
define "folders the logged user has access to", testing whether a call to
dir.GetDirectories or dir.GetFiles succeeds might be sufficient. If it's
not, reading the ACL on the directory would probably be your best bet. The
production versions of the .NET Framework do not contain functionality for
this, but you can find a wrapper to the Windows API functions at
http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=e6098575-dda0-48b8-9abf-e0705af065d9.

HTH,
Nicole

"Lalo" <La...@discussions.microsoft.com> wrote in message
news:ECE0BE42-F127-442A...@microsoft.com...

Lalo

unread,
Jan 12, 2005, 9:57:04 AM1/12/05
to
By "folders the logged user has access to" i meant exactly that.
We have a file system structure with folders and report files inside them,
but our users don't have access (neither read, execute, or list files) to all
of them, but to some using roles and adding users to the same role.

What we want to do is implement something like windows explorer, via web,
but instead of saying "Hey, you can't access that folder", filter the folders
the user can't access and don't show them in the tree.

Nicole Calinoiu

unread,
Jan 12, 2005, 10:29:31 AM1/12/05
to
I understand that, but "access" can be a tricky thing to define. ACL
hierarchies can be quite complex, and you might need to account for at least
some of this complexity in your application. For example, if the user only
has traversal permission on a given folder but has read access on at least
some of its subfolders, would you want to display the folder or not?


"Lalo" <La...@discussions.microsoft.com> wrote in message

news:2F1AC1E4-97A1-4532...@microsoft.com...

Lalo

unread,
Jan 12, 2005, 12:39:01 PM1/12/05
to
I see. As the tree shouldn't display the folder if the user don't have access
to it, all the subfolders and files won't be accessible to him.

If the user needs a report file inside some folder, our security
administrator should grant access to all the folders in the path to reach
that file.

0 new messages