Sharing folder programmatically
![Francois Piette [ICS & Midware]'s profile photo](http://lh3.googleusercontent.com/a-/ALV-UjWsPz2R8NIHvbt_RHT6X0B3eGm1thwNE-2bdWVw8dIKGPn1j1q_=s40-c)
Francois Piette [ICS & Midware]
not sure which API to use. Searching on Google, I've found a set of classes
by Colin Wilson (http://www.wilsonc.demon.co.uk/delphi.htm) but there is no
demo.
The task is very simple to accomplish manually using Windows Explorer (right
click on folder, select sharing, then permission button and add user to the
list, giving read, write or total control). I want to do that
programmatically.
Any help appreciated.
--
francoi...@overbyte.be
Author of ICS (Internet Component Suite, freeware)
Author of MidWare (Multi-tier framework, freeware)
http://www.overbyte.be
Paul
I've this link in my list.
Paul
"Francois Piette [ICS & Midware]" <francoi...@overbyte.be> schreef in
bericht news:44bcd75a$1...@newsgroups.borland.com...
Finn Tolderlund
Enjoy!
unit ShareFolderUnit;
// This is for the NT platform.
interface
uses
Windows, SysUtils;
function FolderShareAdd(Path, NetName, Remark: WideString): Boolean;
function FolderShareDel(NetName: WideString): Boolean;
type
SHARE_INFO_2 = record
shi2_netname : PWideChar;
shi2_type : Integer;
shi2_remark : PWideChar;
shi2_permissions : Integer;
shi2_max_uses : Integer;
shi2_current_uses : Integer;
shi2_path : PWideChar;
shi2_passwd : PWideChar;
end;
function NetShareAdd (
serverName : PWideChar;
level : DWord;
buf : PChar;
var parm_err : DWord
) : DWord; stdcall;
function NetShareDel (
serverName, netName : PWideChar;
reserved : Integer
) : DWord; stdcall;
implementation
const
STYPE_DISKTREE =0;
netapi32 = 'NETAPI32.DLL';
function NetShareAdd; external netapi32 name 'NetShareAdd';
function NetShareDel; external netapi32 name 'NetShareDel';
function FolderShareAdd(Path, NetName, Remark: WideString): Boolean;
var
ParamErr : DWord;
ShareInfo : SHARE_INFO_2;
//NetName, remark, path: string;
Res : DWord;
Buf : PChar;
Str: string;
begin
FillChar(ShareInfo, SizeOf(ShareInfo), 0);
with ShareInfo do
begin
//NetName := 'Testing';
shi2_NetName := PWideChar(NetName);
shi2_Type := STYPE_DISKTREE;
//Remark := 'No Remarks';
shi2_Remark := PWideChar(Remark);
shi2_Permissions := 0;
shi2_Max_Uses := -1;
shi2_Current_Uses := 0;
//Path := 'C:\Temp';
shi2_Path := PWideChar(Path);
shi2_Passwd := nil;
end;
ParamErr := 0;
//Res := NetShareAdd(PWideChar(''), 2, @ShareInfo, ParamErr);
Res := NetShareAdd(nil, 2, @ShareInfo, ParamErr);
Result := Res = 0;
if Res <> 0 then
begin
Buf := StrAlloc(255);
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, nil, Res, 0, Buf, 255, nil);
Str := Buf;
StrDispose(Buf);
//ShowMessage(Str);
raise Exception.Create(Str);
end;
end;
function FolderShareDel(NetName: WideString): Boolean;
var
Res : DWord;
Buf : PChar;
Str: string;
begin
//Res := NetShareDel(PWideChar(''), PWideChar(NetName), 0);
Res := NetShareDel(nil, PWideChar(NetName), 0);
Result := Res = 0;
if Res <> 0 then
begin
Buf := StrAlloc(255);
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, nil, Res, 0, Buf, 255, nil);
Str := Buf;
StrDispose(Buf);
//ShowMessage(Str);
end;
end;
end.
--
Finn Tolderlund
http://www.tolderlund.eu/delphi/
"Paul" <paul.bl...@telenet.be> skrev i en meddelelse
news:44bd34ad$1...@newsgroups.borland.com...
http://groups.google.be/group/borland.public.delphi.winapi/browse_thread/thread/b6d12ae4710d58c9/84764f8c66dad7d3%2384764f8c66dad7d3
Francois Piette [ICS & Midware]
--
francoi...@overbyte.be
Author of ICS (Internet Component Suite, freeware)
Author of MidWare (Multi-tier framework, freeware)
http://www.overbyte.be
"Paul" <paul.bl...@telenet.be> a écrit dans le message de
news:44bd34ad$1...@newsgroups.borland.com...
Francois Piette [ICS & Midware]
> Enjoy!
Thank you. I'll have a look.
The code you present is not exactly what I need. In my case, the share
already exists and I have to add a user to the user list for that share and
give either read only access or total control. The share is located on a
Win-2K server in an environment where there are several domains (old NT
domain and new W2K3 domain).
--
francoi...@overbyte.be
Author of ICS (Internet Component Suite, freeware)
Author of MidWare (Multi-tier framework, freeware)
http://www.overbyte.be
"Finn Tolderlund" <n...@spam.dk> a écrit dans le message de
news:44bd...@newsgroups.borland.com...
Finn Tolderlund
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/access_control.asp
Especially this:
The following topics provide example code for access control tasks:
Modifying the ACLs of an Object in C++
It seems rather complicated though.
"Francois Piette [ICS & Midware]" <francoi...@overbyte.be> skrev i en
meddelelse news:44bdd71c$1...@newsgroups.borland.com...
Francois Piette [ICS & Midware]
Indeed !
There is surely some existing Delphi code for this task which looks simple
to me.
A function like:
function SetFolderPermission(
const FolderPath : String;
const LoginName : String;
AccessGrant : DWORD) : Boolean;
From a program running with administrator privilege, I would call this
function like this:
if not SetFolderPermission('c:\MySharedFolder\User\JohnDoe', 'jdoe',
ACCESS_READ_WRITE) then
MessageBow(....);
--
francoi...@overbyte.be
Author of ICS (Internet Component Suite, freeware)
Author of MidWare (Multi-tier framework, freeware)
http://www.overbyte.be
"Finn Tolderlund" <n...@spam.dk> a écrit dans le message de
news:44bdec18$1...@newsgroups.borland.com...
madshi (Mathias Rauen)
http://help.madshi.net/madSecurity.htm
It's very easy to use. Example:
var share : IShare;
begin
share := NewShare('c:\blabla', 'shareName');
share := Share('existingShareName');
share.Acl.SetFileAccess(CurrentUser, true);
share.Acl.SetFileAccess(Account('userName'), true);
end;
madSecurity is free for non-commercial usage.
--
www.madshi.net
high quality low level Delphi components
extended exception handling
API hooking, DLL injection
Finn Tolderlund
"Francois Piette [ICS & Midware]" <francoi...@overbyte.be> skrev i en
meddelelse news:44bd...@newsgroups.borland.com...
Francois Piette [ICS & Midware]
> http://help.madshi.net/madSecurity.htm
That looks very promising !
I already use your very excellent madExcept. Will give a try to your
madSecurity.
Good work Mathias !
--
francoi...@overbyte.be
Author of ICS (Internet Component Suite, freeware)
Author of MidWare (Multi-tier framework, freeware)
http://www.overbyte.be
"madshi (Mathias Rauen)" <de...@no-spam-madshi.net> a écrit dans le message
de news:44bdf31c$2...@newsgroups.borland.com...
Francois Piette [ICS & Midware]
I have not found it, I've just imaginated it without making any
implementation. It was just to show what I need...
--
francoi...@overbyte.be
Author of ICS (Internet Component Suite, freeware)
Author of MidWare (Multi-tier framework, freeware)
http://www.overbyte.be
"Finn Tolderlund" <n...@spam.dk> a écrit dans le message de
news:44bd...@newsgroups.borland.com...
Francois Piette [ICS & Midware]
This function works fine but it grant either read-only or total control of
the folder. I need to set read and write permissions but not total control
permission. Which other function can I use ?
I also need to set some permissions found in the "security" tab in the
explorer. For example I want to suppress "allow inheritable permissions from
parent to propagate to this object". Which function can be used for that
purpose ?
Thanks !
--
francoi...@overbyte.be
Author of ICS (Internet Component Suite, freeware)
Author of MidWare (Multi-tier framework, freeware)
http://www.overbyte.be
"madshi (Mathias Rauen)" <de...@no-spam-madshi.net> a écrit dans le message
de news:44bdf31c$2...@newsgroups.borland.com...
madshi (Mathias Rauen)
> read-only or total control of the folder.
True, "IAcl.SetFileAccess" is a comfort function
which does only these 2 things.
> I need to set read and write permissions but
> not total control permission. Which other
> function can I use ?
You can directly add ACEs (access control entries)
to the ACL (access control list) by doing this:
Share.Acl.NewItem(CurrentUser, accessFlags, atAllowed,
[afObjectInherit, afContainerInherit]);
You can do the following to remove all ACEs of a
specific user:
Share.Acl.DeleteItems(CurrentUser);
Generally, try to use "with" as much as possible
to save performance. E.g. "Share" is a function
which creates and returns a new instance of the
IShare interface. So e.g. using "with Share.Acl"
would be a good idea.
> I also need to set some permissions found in
> the "security" tab in the explorer. For
> example I want to suppress "allow inheritable
> permissions from parent to propagate to this
> object". Which function can be used for that
> purpose ?
The "security" tab can be accessed through
madSecurity by using:
FileSecurity('c:\something');
The entries of the "Security" tab can be
controlled by using "IFileSecurity.DAcl".
E.g. "IFileSecurity.DAcl.Clear" deletes
all items from the "Security" tab. And
"IFileSecurity.DAcl.SetFileAccess" works
similar to how it works with shares.
In order to supress the "allow inheritable
permissions" option, I think you need to
do this:
IFileSecurity.ProtectedDAcl := true;
madshi (Mathias Rauen)
Francois Piette [ICS & Midware]
--
francoi...@overbyte.be
Author of ICS (Internet Component Suite, freeware)
Author of MidWare (Multi-tier framework, freeware)
http://www.overbyte.be
"madshi (Mathias Rauen)" <de...@no-spam-madshi.net> a écrit dans le message
de news:44bf...@newsgroups.borland.com...
Francois Piette [ICS & Midware]
> [afObjectInherit, afContainerInherit]);
Where can I find the definitions for accessFlags ?
--
francoi...@overbyte.be
Author of ICS (Internet Component Suite, freeware)
Author of MidWare (Multi-tier framework, freeware)
http://www.overbyte.be
"madshi (Mathias Rauen)" <de...@no-spam-madshi.net> a écrit dans le message
de news:44bf...@newsgroups.borland.com...
madshi (Mathias Rauen)
http://windowssdk.msdn.microsoft.com/en-us/library/ms685569.aspx
Basically these access flags have a different meaning
depending on what object we're talking about. E.g.
for file security ACLs the same cardinal access flags
have a different meaning than the same cardinal value
would have for e.g. service or process ACLs.
The easiest way to find the flags you're looking for
is to setup access via shell in exactly the way you
want it - and then check out the ACEs to see which
cardinal access flags Windows has used.