Windows C + + modifies user permissions for folder operations

The System files (folders) under General Windows only allow the limited account to read and not write and modify. If you want to turn on write permissions, you will need to manually modify the user account security permissions for the file (folder) (This will of course be performed under the Administrator account). The following program encapsulates the operation:

#include "stdafx.h" #include <stdio.h> #include <stdlib.h> #include <string.h> #include <windows.h > #include <AccCtrl.h> #include <aclapi.h>int enablefileaccountprivilege (pctstr Pszpath, Pctstr Pszaccount) {BOOL bsuccess = TRUE; Explicit_access EA; PACL pnewdacl = NULL; PACL Polddacl = null;do{//Gets the DACL list of the file (clip) securable object if (error_success! = GetNamedSecurityInfo (LPTSTR) Pszpath, Se_file_object , dacl_security_information, NULL, NULL, &AMP;POLDDACL, NULL, NULL)) {bsuccess = False;break;} You cannot use the AddAccessAllowedAce function directly here, because the existing DACL length is fixed and you must recreate a DACL object//To generate access control information for the specified user account (this is specified to give all access rights):: Buildexplicitaccesswithname (&ea, (LPTSTR) Pszaccount, Generic_all, grant_access, Sub_containers_and_objects_ INHERIT);//Create a new ACL object (merging existing ACL objects and user account access control information just generated) if (error_success! =:: SetEntriesInAcl (1, &ea, Polddacl, & Pnewdacl)) {bsuccess = False;break;} Set file (clip) securable object's DACL list if (error_success! =:: SetNamedSecurityInfo ((LPTSTR) Pszpath, Se_file_object, dacl_security_ Information, NULL, NULL, Pnewdacl, NULL)) {bsuccess = FALSE;}} while (FALSE); if (NULL! = Pnewdacl) {:: LocalFree (PNEWDACL);} return bsuccess;} int _tmain (int argc, _tchar* argv[]) {//Get the name of the currently logged on user wchar_t strbuffer[256] ={0};D Word dwsize = 256; GetUserName (strbuffer,&dwsize); const wchar_t Z_wszpath[max_path] = L "H:\\test2"; const wchar_t z_wszaccountname[ MAX_PATH] = L "Users"; if (! Enablefileaccountprivilege (Z_wszpath, z_wszaccountname)) {printf ("Change file account Privilege fail:%s", "H:\\test1" );} int z_flag = GetFileAttributes (L "h:\\test");//if (! ( z_flag&file_attribute_directory))//{//return 0;//}////if (z_flag&file_attribute_readonly)//{//printf (" Wangjian ");//}//setfileattributes (L" H:\\test ", File_attribute_normal); return 0;}

　　

Common access rights

The security object uses the Windows access mask format, with four high-level descriptions of common access rights. Each securable object type maps to these bits to a series of standard and object special access rights. Example: A window File object mapping Generic_read bits to Read_control and synchronize standard access and File_read_data, File_read_ea, and File_read_ The Attributes object specifies access rights. Other types of object mappings Generic_read bits to some access rights that are adapted to the type object.
You can use common access permissions to specify the type of access you want when you open an object handle, which is usually simpler than specifying all of the corresponding standards and specific permissions.

The following table shows the constants that are defined for common access permissions.

Constant	Explain
Generic_all	Read, write, and execute access
Generic_execute	Perform
Generic_read	Read
Generic_write	Write

Windows C + + modifies user permissions for folder operations