轉載請註明出處:
原創作者: Jaron , CSDN IIS技術版主 2007/3/25
- CSDN
- 佳融軟件
什麼是AccessFlags ?
AccessFlags 屬性中包含有用於配置文件訪問權限的標誌。詳細的說明可參考 MSDN中相關的文檔http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iissdk/html/6018a18d-6811-48b7-80e7-3beac7357e0d.asp,或IIS6幫助說明中,Internet信息服務 --> 參考 --> 配置數據庫屬性參考部分。
在開發IIS管理應用程序中,我們可以通過編程來實現創建和修改站點或虛擬目錄,以下示例可以獲取IIS站點的詳細信息。
/// 獲取站點信息
/// </summary>
/// <param name="SiteID"></param>
/// <returns></returns>
public WebSites GetWebSites(int SiteID)
{
string entPath = "IIS://" + SiteInfo.DomainName + "/W3SVC/" + SiteID.ToString();
DirectoryEntry childs = new DirectoryEntry(entPath);
WebSites siteinfo = new WebSites();
WebSiteInfo stru = new WebSiteInfo();
if (childs.SchemaClassName == "IIsWebServer")
{
stru.WebSiteID = int.Parse(childs.Name);
stru.ServerComment = childs.Properties["ServerComment"].Value.ToString();
stru.ServerAutoStart = bool.Parse(childs.Properties["ServerAutoStart"].Value.ToString());
stru.LogFileDirectory = childs.Properties["LogFileDirectory"].Value.ToString();
stru.FrontPageWeb = bool.Parse(childs.Properties["FrontPageWeb"].Value.ToString());
ServerBinding sBinding = new ServerBinding();
ServerBindings sBindings = new ServerBindings();
for (int i = 0; i < childs.Properties["ServerBindings"].Count; i++)
{
ServerBinding insBindingValue = new ServerBinding();
sBinding.AdsiValue = childs.Properties["ServerBindings"][i].ToString();
insBindingValue.AdsiValue = childs.Properties["ServerBindings"][i].ToString();
insBindingValue.Header = sBinding.GetHeader();
insBindingValue.IPAddress = sBinding.GetIPAddress();
insBindingValue.Port = sBinding.GetPort();
sBindings.Add(insBindingValue);
}
stru.ServerBindings = sBindings;
DirectoryEntry child = new DirectoryEntry(childs.Path + "/Root");
stru.IISDirectoryEntry = child.Path;
stru.RootPath = child.Properties["Path"].Value.ToString();
if (IsCalculateDirectory)
{
stru.DirectorySize = GetDirectorySize(child.Properties["Path"].Value.ToString());
}
else
{
stru.DirectorySize = -1;
}
stru.AccessFlags = int.Parse(childs.Properties["AccessFlags"].Value.ToString());
stru.AppPoolId = childs.Properties["AppPoolId"].Value.ToString();
stru.AspAllowSessionState = bool.Parse(child.Properties["AspAllowSessionState"].Value.ToString());
stru.AspBufferingOn = bool.Parse(child.Properties["AspBufferingOn"].Value.ToString());
stru.AspEnableParentPaths = bool.Parse(child.Properties["AspEnableParentPaths"].Value.ToString());
stru.AspScriptTimeout = int.Parse(child.Properties["AspScriptTimeout"].Value.ToString());
stru.AspSessionTimeout = int.Parse(child.Properties["AspSessionTimeout"].Value.ToString());
stru.AuthFlags = int.Parse(childs.Properties["AuthFlags"].Value.ToString());
stru.ConnectionTimeout = int.Parse(childs.Properties["ConnectionTimeout"].Value.ToString());
stru.DefaultDoc = child.Properties["DefaultDoc"].Value.ToString();
stru.DefaultDocFooter = child.Properties["DefaultDocFooter"].Value.ToString();
stru.DirBrowseFlags = int.Parse(childs.Properties["DirBrowseFlags"].Value.ToString());
stru.DomainName = SiteInfo.DomainName;
stru.DontLog = bool.Parse(childs.Properties["DontLog"].Value.ToString());
stru.EnableDocFooter = bool.Parse(child.Properties["EnableDocFooter"].Value.ToString());
stru.HttpCustomHeaders = childs.Properties["HttpCustomHeaders"].Value.ToString();
stru.LogonMethod = int.Parse(childs.Properties["LogonMethod"].Value.ToString()); //日誌記錄模式
stru.MaxConnections = int.Parse(childs.Properties["MaxConnections"].Value.ToString());
stru.ServerSize = byte.Parse(childs.Properties["ServerSize"].Value.ToString());
siteinfo.Add(stru);
}
return siteinfo;
}
AccessFlags這個屬性應該如何來設置?這裏直接引用MSDN中的說明,http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iissdk/html/1e030be8-2659-4d09-bb45-79ee7d2073d4.asp
簡單點說,AccessFlags屬性值就是由AccessRead(1),AccessScript(512),AccessExecute(4) 等等的值相加而得來的,如:需要配置站點的執行權限爲 純腳本,使用 AccessRead(1) + AccessScript(512) ,得出的值 是513,在設置IIS站點時,直接賦予AccessFlags屬性值爲513就可以了。
/// 處理Flag數據
/// </summary>
public class handelFlags
{
/// <summary>
/// 由ADSI值拆分成數值
/// </summary>
/// <param name="adsiValue">ADSI值</param>
/// <param name="Collections">數據集合</param>
/// <returns></returns>
public static ArrayList Convert(int adsiValue, int[] Collections)
{
int x = adsiValue;
Array.Sort(Collections);
Array.Reverse(Collections);
ArrayList list = new ArrayList();
for (int i = 0; i < Collections.Length; i++)
{
if (x - Collections[i] >= 0)
{
x = x - int.Parse(Collections[i].ToString());
list.Add(Collections[i]);
}
}
return list;
}
}
/// <summary>
/// AccessFlag 屬性處理
/// </summary>
public class AccessFlags
{
/// <summary>
/// 值 true 表示可通過 Microsoft Internet Explorer 讀取文件或文件夾的內容。
/// </summary>
public bool AccessRead = false;//1 (hex 0x00000001)
/// <summary>
/// 值 true 表示如果是腳本文件或靜態內容,則可以執行文件或文件夾的內容。值 false 只允許提供靜態文件,如 HTML 文件。
/// </summary>
public bool AccessScript = false;//512 (hex 0x00000200)
/// <summary>
/// 值 true 表示不論文件類型是什麼,文件或文件夾的內容都可以執行。
/// </summary>
public bool AccessExecute = false;//4 (hex 0x00000004)
/// <summary>
/// 值 true 表示如果設置了讀取或寫入權限,則允許用戶訪問源代碼。源代碼包括 Microsoft Active Server Pages (ASP) 應用程序中的腳本。
/// </summary>
public bool AccessSource = false;//16 (hex 0x00000010)
/// <summary>
/// 值 true 表示允許用戶將文件及其相關屬性上載到服務器上已啓用的目錄中,或者更改可寫文件的內容。只有使用支持 HTTP 1.1 協議標準的 PUT 功能的瀏覽器,才能執行寫入操作。
/// </summary>
public bool AccessWrite = false;//2 (hex 0x00000002)
/// <summary>
/// AccessNoPhysicalDir
/// </summary>
public bool AccessNoPhysicalDir = false;//32768 (hex 0x00008000)
/// <summary>
/// 值 true 表示拒絕遠程請求執行應用程序;如果將 AccessExecute 屬性設置爲 true,只有來自 IIS 服務器所在的相同計算機的請求才會成功。您不能將 AccessNoRemoteExecute 設置爲 false 來啓用遠程請求,或將 AccessExecute 設置爲 false 來禁止本地請求。
/// </summary>
public bool AccessNoRemoteExecute = false;//8192 (hex 0x00002000)
/// <summary>
/// 值 true 表示拒絕遠程請求查看文件;如果將 AccessRead 屬性設置爲 true,只有來自 IIS 服務器所在的相同計算機的請求才會成功。您不能將 AccessNoRemoteRead 設置爲 false 來啓用遠程請求,或將 AccessRead 設置爲 false 來禁止本地請求。
/// </summary>
public bool AccessNoRemoteRead = false;//4096 (hex 0x00001000)
/// <summary>
/// 值 true 表示拒絕遠程請求查看動態內容;如果將 AccessScript 屬性設置爲 true,只有來自 IIS 服務器所在的相同計算機的請求才會成功。您不能將 AccessNoRemoteScript 設置爲 false 來啓用遠程請求,或將 AccessScript 設置爲 false 來禁止本地請求。
/// </summary>
public bool AccessNoRemoteScript = false;//16384 (hex 0x00004000)
/// <summary>
/// 值 true 表示拒絕遠程請求創建或更改文件;如果將 AccessWrite 屬性設置爲 true,只有來自 IIS 服務器所在的相同計算機的請求才會成功。您不能將 AccessNoRemoteWrite 設置爲 false 來啓用遠程請求,或將 AccessWrite 設置爲 false 來禁止本地請求。
/// </summary>
public bool AccessNoRemoteWrite = false;//1024 (hex 0x00000400)
/// <summary>
/// AccessFlag 值定義
/// </summary>
public int[] AccessFlagValueCollections = new int[10] { 1, 512, 4, 16, 2, 32768, 8192, 4096, 16384, 1024 };
private int AccessReadValue = 0x00000000;
private int AccessScriptValue = 0x00000000;
private int AccessExecuteValue = 0x00000000;
private int AccessSourceValue = 0x00000000;
private int AccessWriteValue = 0x00000000;
private int AccessNoPhysicalDirValue = 0x00000000;
private int AccessNoRemoteExecuteValue = 0x00000000;
private int AccessNoRemoteReadValue = 0x00000000;
private int AccessNoRemoteScriptValue = 0x00000000;
private int AccessNoRemoteWriteValue = 0x00000000;
/// <summary>
/// 轉換爲整型
/// * 使用說明
/// AccessFlag af = new AccessFlag();
/// af.AccessRead = true;
/// af.AccessScript = true;
/// Console.WriteLine(af.Value().tostring); //=513
/// </summary>
/// <returns></returns>
public int Value()
{
if (AccessRead) AccessReadValue = 0x00000001;
if (AccessScript) AccessScriptValue = 0x00000200;
if (AccessExecute) AccessExecuteValue = 0x00000004;
if (AccessSource) AccessSourceValue = 0x00000010;
if (AccessWrite) AccessWriteValue = 0x00000002;
if (AccessNoPhysicalDir) AccessNoPhysicalDirValue = 0x00008000;
if (AccessNoRemoteExecute) AccessNoRemoteExecuteValue = 0x00002000;
if (AccessNoRemoteRead) AccessNoRemoteReadValue = 0x00001000;
if (AccessNoRemoteScript) AccessNoRemoteScriptValue = 0x00004000;
if (AccessNoRemoteWrite) AccessNoRemoteWriteValue = 0x00000400;
return AccessReadValue + AccessScriptValue + AccessExecuteValue + AccessSourceValue +
AccessWriteValue + AccessNoPhysicalDirValue + AccessNoRemoteExecuteValue +
AccessNoRemoteReadValue + AccessNoRemoteScriptValue + AccessNoRemoteWriteValue;
}
/// <summary>
/// 轉換爲自定義的AccessFlag屬性
/// * 使用說明
/// AccessFlags af = new AccessFlags();
/// af = af.ValueToProperty(513);
/// if (af.AccessRead) this.AccessFlags.SelectedValue = "AccessRead";
/// if (af.AccessScript) this.AccessFlags.SelectedValue = "AccessScript";
/// if (af.AccessExecute) this.AccessFlags.SelectedValue = "AccessExecute";
/// if (af.AccessSource) this.AccessFlagOthers.Items[0].Selected = true;
/// if (af.AccessWrite) this.AccessFlagOthers.Items[1].Selected = true;
/// </summary>
/// <param name="Value"></param>
/// <returns></returns>
public AccessFlags ValueToProperty(int Value)
{
ArrayList al = handelFlags.Convert(Value, this.AccessFlagValueCollections);
AccessFlags af = new AccessFlags();
for (int i = 0; i < al.Count; i++)
{
switch (int.Parse(al[i].ToString()))
{
//1, 512, 4, 16, 2, 32768, 8192, 4096, 16384, 1024
case 1:
af.AccessRead = true;
af.AccessReadValue = int.Parse(al[i].ToString());
break;
case 512:
af.AccessScript = true;
af.AccessScriptValue = int.Parse(al[i].ToString());
break;
case 4:
af.AccessExecute = true;
af.AccessExecuteValue = int.Parse(al[i].ToString());
break;
case 16:
af.AccessSource = true;
af.AccessSourceValue = int.Parse(al[i].ToString());
break;
case 2:
af.AccessWrite = true;
af.AccessWriteValue = int.Parse(al[i].ToString());
break;
case 32768:
af.AccessNoPhysicalDir = true;
af.AccessNoPhysicalDirValue = int.Parse(al[i].ToString());
break;
case 8192:
af.AccessNoRemoteExecute = true;
af.AccessNoRemoteExecuteValue = int.Parse(al[i].ToString());
break;
case 4096:
af.AccessNoRemoteRead = true;
af.AccessNoRemoteReadValue = int.Parse(al[i].ToString());
break;
case 16384:
af.AccessNoRemoteScript = true;
af.AccessNoRemoteScriptValue = int.Parse(al[i].ToString());
break;
case 1024:
af.AccessNoRemoteWrite = true;
af.AccessNoRemoteWriteValue = int.Parse(al[i].ToString());
break;
}
}
return af;
}
}
相反,在讀取站點信息時,得到站點的執行權限爲“腳本和可執行文件”,即517,並沒有提供逆算的方法,參照以下的示例我們能計算出這個數值是由哪些權限組成。
AuthFlags 可以使用同樣的方法來處理。DirBrowseFlags比較複雜,將在以後的文章介紹.