轉載請註明出處:
原創作者: Jaron , CSDN IIS技術版主 2007/3/25
- CSDN
- 佳融軟件
什麼是AccessFlags ?
AccessFlags 屬性中包含有用於配置文件訪問權限的標誌。詳細的說明可參考 MSDN中相關的文檔http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iissdk/html/6018a18d-6811-48b7-80e7-3beac7357e0d.asp,或IIS6幫助說明中,Internet信息服務 --> 參考 --> 配置數據庫屬性參考部分。
在開發IIS管理應用程序中,我們可以通過編程來實現創建和修改站點或虛擬目錄,以下示例可以獲取IIS站點的詳細信息。
/// <summary>
/// 獲取站點信息 /// </summary> /// <param name="SiteID"></param>
/// <returns></returns>
public WebSites GetWebSites(int SiteID) { string entPath = "IIS://" + SiteInfo.DomainName + "/W3SVC/" + SiteID.ToString(); DirectoryEntry childs = new DirectoryEntry(entPath); WebSites siteinfo = new WebSites(); WebSiteInfo stru = new WebSiteInfo(); if (childs.SchemaClassName == "IIsWebServer")
{
stru.WebSiteID = int.Parse(childs.Name); stru.ServerComment = childs.Properties["ServerComment"].Value.ToString(); stru.ServerAutoStart = bool.Parse(childs.Properties["ServerAutoStart"].Value.ToString()); stru.LogFileDirectory = childs.Properties["LogFileDirectory"].Value.ToString(); stru.FrontPageWeb = bool.Parse(childs.Properties["FrontPageWeb"].Value.ToString()); ServerBinding sBinding = new ServerBinding(); ServerBindings sBindings = new ServerBindings(); for (int i = 0; i < childs.Properties["ServerBindings"].Count; i++) { ServerBinding insBindingValue = new ServerBinding(); sBinding.AdsiValue = childs.Properties["ServerBindings"][i].ToString(); insBindingValue.AdsiValue = childs.Properties["ServerBindings"][i].ToString(); insBindingValue.Header = sBinding.GetHeader(); insBindingValue.IPAddress = sBinding.GetIPAddress(); insBindingValue.Port = sBinding.GetPort(); sBindings.Add(insBindingValue);
} stru.ServerBindings = sBindings; DirectoryEntry child = new DirectoryEntry(childs.Path + "/Root"); stru.IISDirectoryEntry = child.Path; stru.RootPath = child.Properties["Path"].Value.ToString(); if (IsCalculateDirectory) { stru.DirectorySize = GetDirectorySize(child.Properties["Path"].Value.ToString()); } else { stru.DirectorySize = -1; } stru.AccessFlags = int.Parse(childs.Properties["AccessFlags"].Value.ToString()); stru.AppPoolId = childs.Properties["AppPoolId"].Value.ToString(); stru.AspAllowSessionState = bool.Parse(child.Properties["AspAllowSessionState"].Value.ToString()); stru.AspBufferingOn = bool.Parse(child.Properties["AspBufferingOn"].Value.ToString()); stru.AspEnableParentPaths = bool.Parse(child.Properties["AspEnableParentPaths"].Value.ToString()); stru.AspScriptTimeout = int.Parse(child.Properties["AspScriptTimeout"].Value.ToString()); stru.AspSessionTimeout = int.Parse(child.Properties["AspSessionTimeout"].Value.ToString()); stru.AuthFlags = int.Parse(childs.Properties["AuthFlags"].Value.ToString()); stru.ConnectionTimeout = int.Parse(childs.Properties["ConnectionTimeout"].Value.ToString()); stru.DefaultDoc = child.Properties["DefaultDoc"].Value.ToString(); stru.DefaultDocFooter = child.Properties["DefaultDocFooter"].Value.ToString(); stru.DirBrowseFlags = int.Parse(childs.Properties["DirBrowseFlags"].Value.ToString()); stru.DomainName = SiteInfo.DomainName; stru.DontLog = bool.Parse(childs.Properties["DontLog"].Value.ToString()); stru.EnableDocFooter = bool.Parse(child.Properties["EnableDocFooter"].Value.ToString()); stru.HttpCustomHeaders = childs.Properties["HttpCustomHeaders"].Value.ToString(); stru.LogonMethod = int.Parse(childs.Properties["LogonMethod"].Value.ToString()); //日誌記錄模式 stru.MaxConnections = int.Parse(childs.Properties["MaxConnections"].Value.ToString()); stru.ServerSize = byte.Parse(childs.Properties["ServerSize"].Value.ToString()); siteinfo.Add(stru); } return siteinfo; }AccessFlags這個屬性應該如何來設置?這裏直接引用MSDN中的說明,http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iissdk/html/1e030be8-2659-4d09-bb45-79ee7d2073d4.asp
For example, the AccessFlags property contains flags that specify different levels of security access like AccessRead, AccessWrite , and so on. You can use WMI (IIS 6.0 only), ADSI, or ABO to set properties with flags to a DWORD value. If the AccessFlags property is set to 529, this is equal to 0x00000211 in hexadecimal. Broken down, 0x00000200 refers to the AccessScript flag, 0x00000010 refers to the AccessSource flag, and 0x00000001 refers to the AccessRead flag. 簡單點說,AccessFlags屬性值就是由AccessRead(1),AccessScript(512),AccessExecute(4) 等等的值相加而得來的,如:需要配置站點的執行權限爲 純腳本,使用 AccessRead(1) + AccessScript(512) ,得出的值 是513,在設置IIS站點時,直接賦予AccessFlags屬性值爲513就可以了。
/// <summary> /// 處理Flag數據 /// </summary> public class handelFlags { /// <summary> /// 由ADSI值拆分成數值 /// </summary> /// <param name="adsiValue">ADSI值</param> /// <param name="Collections">數據集合</param> /// <returns></returns> public static ArrayList Convert(int adsiValue, int[] Collections) { int x = adsiValue; Array.Sort(Collections); Array.Reverse(Collections); ArrayList list = new ArrayList(); for (int i = 0; i < Collections.Length; i++) { if (x - Collections[i] >= 0) { x = x - int.Parse(Collections[i].ToString()); list.Add(Collections[i]); } } return list; }}/// <summary> /// AccessFlag 屬性處理 /// </summary> public class AccessFlags { /// <summary> /// 值 true 表示可通過 Microsoft Internet Explorer 讀取文件或文件夾的內容。 /// </summary> public bool AccessRead = false;//1 (hex 0x00000001) /// <summary> /// 值 true 表示如果是腳本文件或靜態內容,則可以執行文件或文件夾的內容。值 false 只允許提供靜態文件,如 HTML 文件。 /// </summary> public bool AccessScript = false;//512 (hex 0x00000200) /// <summary> /// 值 true 表示不論文件類型是什麼,文件或文件夾的內容都可以執行。 /// </summary> public bool AccessExecute = false;//4 (hex 0x00000004) /// <summary> /// 值 true 表示如果設置了讀取或寫入權限,則允許用戶訪問源代碼。源代碼包括 Microsoft Active Server Pages (ASP) 應用程序中的腳本。 /// </summary> public bool AccessSource = false;//16 (hex 0x00000010) /// <summary> /// 值 true 表示允許用戶將文件及其相關屬性上載到服務器上已啓用的目錄中,或者更改可寫文件的內容。只有使用支持 HTTP 1.1 協議標準的 PUT 功能的瀏覽器,才能執行寫入操作。 /// </summary> public bool AccessWrite = false;//2 (hex 0x00000002) /// <summary> /// AccessNoPhysicalDir /// </summary> public bool AccessNoPhysicalDir = false;//32768 (hex 0x00008000) /// <summary> /// 值 true 表示拒絕遠程請求執行應用程序;如果將 AccessExecute 屬性設置爲 true,只有來自 IIS 服務器所在的相同計算機的請求才會成功。您不能將 AccessNoRemoteExecute 設置爲 false 來啓用遠程請求,或將 AccessExecute 設置爲 false 來禁止本地請求。 /// </summary> public bool AccessNoRemoteExecute = false;//8192 (hex 0x00002000) /// <summary> /// 值 true 表示拒絕遠程請求查看文件;如果將 AccessRead 屬性設置爲 true,只有來自 IIS 服務器所在的相同計算機的請求才會成功。您不能將 AccessNoRemoteRead 設置爲 false 來啓用遠程請求,或將 AccessRead 設置爲 false 來禁止本地請求。 /// </summary> public bool AccessNoRemoteRead = false;//4096 (hex 0x00001000) /// <summary> /// 值 true 表示拒絕遠程請求查看動態內容;如果將 AccessScript 屬性設置爲 true,只有來自 IIS 服務器所在的相同計算機的請求才會成功。您不能將 AccessNoRemoteScript 設置爲 false 來啓用遠程請求,或將 AccessScript 設置爲 false 來禁止本地請求。 /// </summary> public bool AccessNoRemoteScript = false;//16384 (hex 0x00004000) /// <summary> /// 值 true 表示拒絕遠程請求創建或更改文件;如果將 AccessWrite 屬性設置爲 true,只有來自 IIS 服務器所在的相同計算機的請求才會成功。您不能將 AccessNoRemoteWrite 設置爲 false 來啓用遠程請求,或將 AccessWrite 設置爲 false 來禁止本地請求。 /// </summary> public bool AccessNoRemoteWrite = false;//1024 (hex 0x00000400) /// <summary> /// AccessFlag 值定義 /// </summary> public int[] AccessFlagValueCollections = new int[10] { 1, 512, 4, 16, 2, 32768, 8192, 4096, 16384, 1024 }; private int AccessReadValue = 0x00000000; private int AccessScriptValue = 0x00000000; private int AccessExecuteValue = 0x00000000; private int AccessSourceValue = 0x00000000; private int AccessWriteValue = 0x00000000; private int AccessNoPhysicalDirValue = 0x00000000; private int AccessNoRemoteExecuteValue = 0x00000000; private int AccessNoRemoteReadValue = 0x00000000; private int AccessNoRemoteScriptValue = 0x00000000; private int AccessNoRemoteWriteValue = 0x00000000; /// <summary> /// 轉換爲整型 /// * 使用說明 /// AccessFlag af = new AccessFlag(); /// af.AccessRead = true; /// af.AccessScript = true; /// Console.WriteLine(af.Value().tostring); //=513 /// </summary> /// <returns></returns> public int Value() { if (AccessRead) AccessReadValue = 0x00000001; if (AccessScript) AccessScriptValue = 0x00000200; if (AccessExecute) AccessExecuteValue = 0x00000004; if (AccessSource) AccessSourceValue = 0x00000010; if (AccessWrite) AccessWriteValue = 0x00000002; if (AccessNoPhysicalDir) AccessNoPhysicalDirValue = 0x00008000; if (AccessNoRemoteExecute) AccessNoRemoteExecuteValue = 0x00002000; if (AccessNoRemoteRead) AccessNoRemoteReadValue = 0x00001000; if (AccessNoRemoteScript) AccessNoRemoteScriptValue = 0x00004000; if (AccessNoRemoteWrite) AccessNoRemoteWriteValue = 0x00000400; return AccessReadValue + AccessScriptValue + AccessExecuteValue + AccessSourceValue + AccessWriteValue + AccessNoPhysicalDirValue + AccessNoRemoteExecuteValue + AccessNoRemoteReadValue + AccessNoRemoteScriptValue + AccessNoRemoteWriteValue; } /// <summary> /// 轉換爲自定義的AccessFlag屬性 /// * 使用說明 /// AccessFlags af = new AccessFlags(); /// af = af.ValueToProperty(513); /// if (af.AccessRead) this.AccessFlags.SelectedValue = "AccessRead"; /// if (af.AccessScript) this.AccessFlags.SelectedValue = "AccessScript"; /// if (af.AccessExecute) this.AccessFlags.SelectedValue = "AccessExecute"; /// if (af.AccessSource) this.AccessFlagOthers.Items[0].Selected = true; /// if (af.AccessWrite) this.AccessFlagOthers.Items[1].Selected = true; /// </summary> /// <param name="Value"></param> /// <returns></returns> public AccessFlags ValueToProperty(int Value) { ArrayList al = handelFlags.Convert(Value, this.AccessFlagValueCollections); AccessFlags af = new AccessFlags(); for (int i = 0; i < al.Count; i++) { switch (int.Parse(al[i].ToString())) { //1, 512, 4, 16, 2, 32768, 8192, 4096, 16384, 1024 case 1: af.AccessRead = true; af.AccessReadValue = int.Parse(al[i].ToString()); break; case 512: af.AccessScript = true; af.AccessScriptValue = int.Parse(al[i].ToString()); break; case 4: af.AccessExecute = true; af.AccessExecuteValue = int.Parse(al[i].ToString()); break; case 16: af.AccessSource = true; af.AccessSourceValue = int.Parse(al[i].ToString()); break; case 2: af.AccessWrite = true; af.AccessWriteValue = int.Parse(al[i].ToString()); break; case 32768: af.AccessNoPhysicalDir = true; af.AccessNoPhysicalDirValue = int.Parse(al[i].ToString()); break; case 8192: af.AccessNoRemoteExecute = true; af.AccessNoRemoteExecuteValue = int.Parse(al[i].ToString()); break; case 4096: af.AccessNoRemoteRead = true; af.AccessNoRemoteReadValue = int.Parse(al[i].ToString()); break; case 16384: af.AccessNoRemoteScript = true; af.AccessNoRemoteScriptValue = int.Parse(al[i].ToString()); break; case 1024: af.AccessNoRemoteWrite = true; af.AccessNoRemoteWriteValue = int.Parse(al[i].ToString()); break; } } return af; } }
相反,在讀取站點信息時,得到站點的執行權限爲“腳本和可執行文件”,即517,並沒有提供逆算的方法,參照以下的示例我們能計算出這個數值是由哪些權限組成。
AuthFlags 可以使用同樣的方法來處理。DirBrowseFlags比較複雜,將在以後的文章介紹.