IIS 配置数据库中AccessFlags属性的处理与应用(转)
什么是AccessFlags ?
AccessFlags 属性中包含有用于配置文件访问权限的标志。详细的说明可参考 MSDN中相关的文档http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iissdk/html/6018a18d-6811-48b7-80e7-3beac7357e0d.asp,或IIS6帮助说明中,Internet信息服务 --> 参考 --> 配置数据库属性参考部分。
在开发IIS管理应用程序中,我们可以通过编程来实现创建和修改站点或虚拟目录,以下示例可以获取IIS站点的详细信息。
/// 获取站点信息
/// </summary>
/// <param name="SiteID"></param>
/// <returns></returns>
public WebSites GetWebSites(int SiteID)
{
string entPath = "IIS://" + SiteInfo.DomainName + "/W3SVC/" + SiteID.ToString();
DirectoryEntry childs = new DirectoryEntry(entPath);
WebSites siteinfo = new WebSites();
WebSiteInfo stru = new WebSiteInfo();
if (childs.SchemaClassName == "IIsWebServer")
{
stru.WebSiteID = int.Parse(childs.Name);
stru.ServerComment = childs.Properties["ServerComment"].Value.ToString();
stru.ServerAutoStart = bool.Parse(childs.Properties["ServerAutoStart"].Value.ToString());
stru.LogFileDirectory = childs.Properties["LogFileDirectory"].Value.ToString();
stru.FrontPageWeb = bool.Parse(childs.Properties["FrontPageWeb"].Value.ToString());
ServerBinding sBinding = new ServerBinding();
ServerBindings sBindings = new ServerBindings();
for (int i = 0; i < childs.Properties["ServerBindings"].Count; i++)
{
ServerBinding insBindingValue = new ServerBinding();
sBinding.AdsiValue = childs.Properties["ServerBindings"][i].ToString();
insBindingValue.AdsiValue = childs.Properties["ServerBindings"][i].ToString();
insBindingValue.Header = sBinding.GetHeader();
insBindingValue.IPAddress = sBinding.GetIPAddress();
insBindingValue.Port = sBinding.GetPort();
sBindings.Add(insBindingValue);
}
stru.ServerBindings = sBindings;
DirectoryEntry child = new DirectoryEntry(childs.Path + "/Root");
stru.IISDirectoryEntry = child.Path;
stru.RootPath = child.Properties["Path"].Value.ToString();
if (IsCalculateDirectory)
{
stru.DirectorySize = GetDirectorySize(child.Properties["Path"].Value.ToString());
}
else
{
stru.DirectorySize = -1;
}
stru.AccessFlags = int.Parse(childs.Properties["AccessFlags"].Value.ToString());
stru.AppPoolId = childs.Properties["AppPoolId"].Value.ToString();
stru.AspAllowSessionState = bool.Parse(child.Properties["AspAllowSessionState"].Value.ToString());
stru.AspBufferingOn = bool.Parse(child.Properties["AspBufferingOn"].Value.ToString());
stru.AspEnableParentPaths = bool.Parse(child.Properties["AspEnableParentPaths"].Value.ToString());
stru.AspScriptTimeout = int.Parse(child.Properties["AspScriptTimeout"].Value.ToString());
stru.AspSessionTimeout = int.Parse(child.Properties["AspSessionTimeout"].Value.ToString());
stru.AuthFlags = int.Parse(childs.Properties["AuthFlags"].Value.ToString());
stru.ConnectionTimeout = int.Parse(childs.Properties["ConnectionTimeout"].Value.ToString());
stru.DefaultDoc = child.Properties["DefaultDoc"].Value.ToString();
stru.DefaultDocFooter = child.Properties["DefaultDocFooter"].Value.ToString();
stru.DirBrowseFlags = int.Parse(childs.Properties["DirBrowseFlags"].Value.ToString());
stru.DomainName = SiteInfo.DomainName;
stru.DontLog = bool.Parse(childs.Properties["DontLog"].Value.ToString());
stru.EnableDocFooter = bool.Parse(child.Properties["EnableDocFooter"].Value.ToString());
stru.HttpCustomHeaders = childs.Properties["HttpCustomHeaders"].Value.ToString();
stru.LogonMethod = int.Parse(childs.Properties["LogonMethod"].Value.ToString()); //日志记录模式
stru.MaxConnections = int.Parse(childs.Properties["MaxConnections"].Value.ToString());
stru.ServerSize = byte.Parse(childs.Properties["ServerSize"].Value.ToString());
siteinfo.Add(stru);
}
return siteinfo;
}
AccessFlags这个属性应该如何来设置?这里直接引用MSDN中的说明,http://msdn.microsoft.com/library/default.asp?url=/library/en-us/iissdk/html/1e030be8-2659-4d09-bb45-79ee7d2073d4.asp
简单点说,AccessFlags属性值就是由AccessRead(1),AccessScript(512),AccessExecute(4) 等等的值相加而得来的,如:需要配置站点的执行权限为 纯脚本,使用 AccessRead(1) + AccessScript(512) ,得出的值 是513,在设置IIS站点时,直接赋予AccessFlags属性值为513就可以了。
/// 处理Flag数据
/// </summary>
public class handelFlags
{
/// <summary>
/// 由ADSI值拆分成数值
/// </summary>
/// <param name="adsiValue">ADSI值</param>
/// <param name="Collections">数据集合</param>
/// <returns></returns>
public static ArrayList Convert(int adsiValue, int[] Collections)
{
int x = adsiValue;
Array.Sort(Collections);
Array.Reverse(Collections);
ArrayList list = new ArrayList();
for (int i = 0; i < Collections.Length; i++)
{
if (x - Collections[i] >= 0)
{
x = x - int.Parse(Collections[i].ToString());
list.Add(Collections[i]);
}
}
return list;
}
}
/// <summary>
/// AccessFlag 属性处理
/// </summary>
public class AccessFlags
{
/// <summary>
/// 值 true 表示可通过 Microsoft Internet Explorer 读取文件或文件夹的内容。
/// </summary>
public bool AccessRead = false;//1 (hex 0x00000001)
/// <summary>
/// 值 true 表示如果是脚本文件或静态内容,则可以执行文件或文件夹的内容。值 false 只允许提供静态文件,如 HTML 文件。
/// </summary>
public bool AccessScript = false;//512 (hex 0x00000200)
/// <summary>
/// 值 true 表示不论文件类型是什么,文件或文件夹的内容都可以执行。
/// </summary>
public bool AccessExecute = false;//4 (hex 0x00000004)
/// <summary>
/// 值 true 表示如果设置了读取或写入权限,则允许用户访问源代码。源代码包括 Microsoft Active Server Pages (ASP) 应用程序中的脚本。
/// </summary>
public bool AccessSource = false;//16 (hex 0x00000010)
/// <summary>
/// 值 true 表示允许用户将文件及其相关属性上载到服务器上已启用的目录中,或者更改可写文件的内容。只有使用支持 HTTP 1.1 协议标准的 PUT 功能的浏览器,才能执行写入操作。
/// </summary>
public bool AccessWrite = false;//2 (hex 0x00000002)
/// <summary>
/// AccessNoPhysicalDir
/// </summary>
public bool AccessNoPhysicalDir = false;//32768 (hex 0x00008000)
/// <summary>
/// 值 true 表示拒绝远程请求执行应用程序;如果将 AccessExecute 属性设置为 true,只有来自 IIS 服务器所在的相同计算机的请求才会成功。您不能将 AccessNoRemoteExecute 设置为 false 来启用远程请求,或将 AccessExecute 设置为 false 来禁止本地请求。
/// </summary>
public bool AccessNoRemoteExecute = false;//8192 (hex 0x00002000)
/// <summary>
/// 值 true 表示拒绝远程请求查看文件;如果将 AccessRead 属性设置为 true,只有来自 IIS 服务器所在的相同计算机的请求才会成功。您不能将 AccessNoRemoteRead 设置为 false 来启用远程请求,或将 AccessRead 设置为 false 来禁止本地请求。
/// </summary>
public bool AccessNoRemoteRead = false;//4096 (hex 0x00001000)
/// <summary>
/// 值 true 表示拒绝远程请求查看动态内容;如果将 AccessScript 属性设置为 true,只有来自 IIS 服务器所在的相同计算机的请求才会成功。您不能将 AccessNoRemoteScript 设置为 false 来启用远程请求,或将 AccessScript 设置为 false 来禁止本地请求。
/// </summary>
public bool AccessNoRemoteScript = false;//16384 (hex 0x00004000)
/// <summary>
/// 值 true 表示拒绝远程请求创建或更改文件;如果将 AccessWrite 属性设置为 true,只有来自 IIS 服务器所在的相同计算机的请求才会成功。您不能将 AccessNoRemoteWrite 设置为 false 来启用远程请求,或将 AccessWrite 设置为 false 来禁止本地请求。
/// </summary>
public bool AccessNoRemoteWrite = false;//1024 (hex 0x00000400)
/// <summary>
/// AccessFlag 值定义
/// </summary>
public int[] AccessFlagValueCollections = new int[10] { 1, 512, 4, 16, 2, 32768, 8192, 4096, 16384, 1024 };
private int AccessReadValue = 0x00000000;
private int AccessScriptValue = 0x00000000;
private int AccessExecuteValue = 0x00000000;
private int AccessSourceValue = 0x00000000;
private int AccessWriteValue = 0x00000000;
private int AccessNoPhysicalDirValue = 0x00000000;
private int AccessNoRemoteExecuteValue = 0x00000000;
private int AccessNoRemoteReadValue = 0x00000000;
private int AccessNoRemoteScriptValue = 0x00000000;
private int AccessNoRemoteWriteValue = 0x00000000;
/// <summary>
/// 转换为整型
/// * 使用说明
/// AccessFlag af = new AccessFlag();
/// af.AccessRead = true;
/// af.AccessScript = true;
/// Console.WriteLine(af.Value().tostring); //=513
/// </summary>
/// <returns></returns>
public int Value()
{
if (AccessRead) AccessReadValue = 0x00000001;
if (AccessScript) AccessScriptValue = 0x00000200;
if (AccessExecute) AccessExecuteValue = 0x00000004;
if (AccessSource) AccessSourceValue = 0x00000010;
if (AccessWrite) AccessWriteValue = 0x00000002;
if (AccessNoPhysicalDir) AccessNoPhysicalDirValue = 0x00008000;
if (AccessNoRemoteExecute) AccessNoRemoteExecuteValue = 0x00002000;
if (AccessNoRemoteRead) AccessNoRemoteReadValue = 0x00001000;
if (AccessNoRemoteScript) AccessNoRemoteScriptValue = 0x00004000;
if (AccessNoRemoteWrite) AccessNoRemoteWriteValue = 0x00000400;
return AccessReadValue + AccessScriptValue + AccessExecuteValue + AccessSourceValue +
AccessWriteValue + AccessNoPhysicalDirValue + AccessNoRemoteExecuteValue +
AccessNoRemoteReadValue + AccessNoRemoteScriptValue + AccessNoRemoteWriteValue;
}
/// <summary>
/// 转换为自定义的AccessFlag属性
/// * 使用说明
/// AccessFlags af = new AccessFlags();
/// af = af.ValueToProperty(513);
/// if (af.AccessRead) this.AccessFlags.SelectedValue = "AccessRead";
/// if (af.AccessScript) this.AccessFlags.SelectedValue = "AccessScript";
/// if (af.AccessExecute) this.AccessFlags.SelectedValue = "AccessExecute";
/// if (af.AccessSource) this.AccessFlagOthers.Items[0].Selected = true;
/// if (af.AccessWrite) this.AccessFlagOthers.Items[1].Selected = true;
/// </summary>
/// <param name="Value"></param>
/// <returns></returns>
public AccessFlags ValueToProperty(int Value)
{
ArrayList al = handelFlags.Convert(Value, this.AccessFlagValueCollections);
AccessFlags af = new AccessFlags();
for (int i = 0; i < al.Count; i++)
{
switch (int.Parse(al[i].ToString()))
{
//1, 512, 4, 16, 2, 32768, 8192, 4096, 16384, 1024
case 1:
af.AccessRead = true;
af.AccessReadValue = int.Parse(al[i].ToString());
break;
case 512:
af.AccessScript = true;
af.AccessScriptValue = int.Parse(al[i].ToString());
break;
case 4:
af.AccessExecute = true;
af.AccessExecuteValue = int.Parse(al[i].ToString());
break;
case 16:
af.AccessSource = true;
af.AccessSourceValue = int.Parse(al[i].ToString());
break;
case 2:
af.AccessWrite = true;
af.AccessWriteValue = int.Parse(al[i].ToString());
break;
case 32768:
af.AccessNoPhysicalDir = true;
af.AccessNoPhysicalDirValue = int.Parse(al[i].ToString());
break;
case 8192:
af.AccessNoRemoteExecute = true;
af.AccessNoRemoteExecuteValue = int.Parse(al[i].ToString());
break;
case 4096:
af.AccessNoRemoteRead = true;
af.AccessNoRemoteReadValue = int.Parse(al[i].ToString());
break;
case 16384:
af.AccessNoRemoteScript = true;
af.AccessNoRemoteScriptValue = int.Parse(al[i].ToString());
break;
case 1024:
af.AccessNoRemoteWrite = true;
af.AccessNoRemoteWriteValue = int.Parse(al[i].ToString());
break;
}
}
return af;
}
}
相反,在读取站点信息时,得到站点的执行权限为“脚本和可执行文件”,即517,并没有提供逆算的方法,参照以下的示例我们能计算出这个数值是由哪些权限组成。
AuthFlags 可以使用同样的方法来处理。DirBrowseFlags比较复杂,将在以后的文章介绍.
转自:http://www.jaron.cn/chs_webserver/18/2007-07/101951.shtml
作者:NewSea 出处:http://newsea.cnblogs.com/
QQ,MSN:iamnewsea@hotmail.com 如无特别标记说明,均为NewSea原创,版权私有,翻载必纠。欢迎交流,转载,但要在页面明显位置给出原文连接。谢谢。 |