unit Unit1;

interface

uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs,AclApi, AccCtrl, StdCtrls;

type
PShareInfo2 = ^TShareInfo2;
TShareInfo2 = packed record
shi2_netname: PWideChar;
shi2_type: DWORD;
shi2_remark: PWideChar;
shi2_permissions: DWORD;
shi2_max_uses: DWORD;
shi2_current_uses: DWORD;
shi2_path: PWideChar;
shi2_passwd: PWideChar;
end;

const
NERR_SUCCESS = 0;
STYPE_DISKTREE = 0;
STYPE_PRINTQ = 1;
STYPE_DEVICE = 2;
STYPE_IPC = 3;
SHI_USES_UNLIMITED=20;
ACCESS_READ = $01; //可读
ACCESS_WRITE = $02; //可写
ACCESS_CREATE = $04; //创建资源的一个实例的权限
ACCESS_EXEC = $08; //执行资源的权限
ACCESS_DELETE = $10;//删除资源的权限
ACCESS_ATRIB = $20; //修改资源属性的权限
ACCESS_PERM = $40;
ACCESS_ALL = ACCESS_READ or ACCESS_WRITE or ACCESS_CREATE or ACCESS_EXEC or ACCESS_DELETE or ACCESS_ATRIB or ACCESS_PERM; //全部权限

type
TForm1 = class(TForm)
Button1: TButton;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;

const
SECURITY_WORLD_SID_AUTHORITY: TSidIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 1));
SECURITY_WORLD_RID = ($00000000);

const
ACL_REVISION = 2;
ACL_REVISION2 = 2;

advapi = 'advapi32.dll';
netapi = 'netapi32.dll';

Type
ACE_HEADER = record
AceType: Byte;
AceFlags: Byte;
AceSize: Word;
end;

ACCESS_ALLOWED_ACE = record
Header:ACE_HEADER;
Mask:ACCESS_MASK;
SidStart:DWORD;
end;

ACL_SIZE_INFORMATION = record
AceCount: DWORD;
AclBytesInUse: DWORD;
AclBytesFree: DWORD;
end;

PACE_HEADER = ^ACE_HEADER;

var
Form1: TForm1;

procedure BuildExplicitAccessWithNameW(pExplicitAccess: PEXPLICIT_ACCESS_W; pTrusteeName: PWideChar;
AccessPermissions: DWORD; AccessMode: ACCESS_MODE; Ineritance: DWORD); stdcall;
external advapi name 'BuildExplicitAccessWithNameW';
function GetNamedSecurityInfoW(pObjectName: PWideChar; ObjectType: SE_OBJECT_TYPE; SecurityInfo: SECURITY_INFORMATION;
ppsidOwner, ppsidGroup: PPSID; ppDacl, ppSacl: PACL; var ppSecurityDescriptor: PSECURITY_DESCRIPTOR): DWORD; stdcall;
external advapi name 'GetNamedSecurityInfoW';
function NetShareAdd(servername: PWideChar; level: DWORD; buf: Pointer; parm_err: LPDWORD): DWORD; stdcall;
external netapi;
function NetShareDel(servername, netname: PWideChar; reserved: DWORD): DWORD; stdcall; external netapi;
function SetNamedSecurityInfoW(pObjectName: PWideChar; ObjectType: SE_OBJECT_TYPE; SecurityInfo: SECURITY_INFORMATION;
ppsidOwner, ppsidGroup: PPSID; ppDacl, ppSacl: PACL): DWORD; stdcall; external advapi name 'SetNamedSecurityInfoW';

implementation

{$R *.dfm}

function SetFileAccesRights(const FileName, UserName: string;
dwAccessMask: DWORD): boolean;
var
// SID variables
snuType : SID_NAME_USE;
szDomain : PChar;
cbDomain: DWORD;
pUserSID: Pointer;
cbUserSID: DWORD;
// File SD variables.
pFileSD: PSECURITY_DESCRIPTOR;
cbFileSD: DWORD;
// New SD variables.
pNewSD: PSECURITY_DESCRIPTOR;
// ACL variables.
p_ACL : PACL;
fDaclPresent, fDaclDefaulted : LongBool;
AclInfo: ACL_SIZE_INFORMATION;
// New ACL variables.
pNewACL : PACL;
cbNewACL: DWORD;
// Temporary ACE.
pTempAce: Pointer;
CurrentAceIndex : Cardinal;
begin
szDomain := nil;
cbDomain := 0;
pUserSID := nil;
cbUserSID := 0;
pFileSD := nil;
cbFileSD := 0;
pNewSD := nil;
p_ACL := nil;
pNewACL := nil;
pTempAce := nil;

//
// STEP 1: Get SID for given user.
//
Result := LookupAccountName(nil, PChar(UserName),
pUserSID, cbUserSID, szDomain, cbDomain, snuType);

// API should have failed with insufficient buffer.
if (not Result) and (GetLastError <> ERROR_INSUFFICIENT_BUFFER) then
RaiseLastWin32Error;

pUserSID := AllocMem(cbUserSID);
szDomain := AllocMem(cbDomain);
try
Result := LookupAccountName(nil, PChar(UserName),
pUserSID, cbUserSID, szDomain, cbDomain, snuType);

if (not Result) then
RaiseLastWin32Error;

// STEP 2: Get security descriptor (SD) for file.
Result := GetFileSecurity(PChar(FileName),
DACL_SECURITY_INFORMATION, pFileSD, 0, cbFileSD);

if (not Result) and (GetLastError <> ERROR_INSUFFICIENT_BUFFER) then
RaiseLastWin32Error;

pFileSD := AllocMem(cbFileSD);

Result := GetFileSecurity(PChar(FileName),
DACL_SECURITY_INFORMATION, pFileSD, cbFileSD, cbFileSD);
if (not Result) then
RaiseLastWin32Error;

// STEP 3: Initialize new SD.
pNewSD := AllocMem(cbFileSD); // Should be same size as FileSD.

if (not InitializeSecurityDescriptor(pNewSD,
SECURITY_DESCRIPTOR_REVISION)) then
RaiseLastWin32Error;

// STEP 4: Get DACL from SD.
if (not GetSecurityDescriptorDacl(pFileSD, fDaclPresent, p_ACL,
fDaclDefaulted)) then
RaiseLastWin32Error;
// STEP 5: Get size information for DACL.
AclInfo.AceCount := 0; // Assume NULL DACL.
AclInfo.AclBytesFree := 0;
AclInfo.AclBytesInUse := SizeOf(ACL);

if (fDaclPresent and Assigned(p_ACL)) then
begin
if (not GetAclInformation(p_ACL^, @AclInfo,
SizeOf(ACL_SIZE_INFORMATION), AclSizeInformation)) then
RaiseLastWin32Error;

// STEP 6: Compute size needed for the new ACL.
cbNewACL := AclInfo.AclBytesInUse + SizeOf(ACCESS_ALLOWED_ACE)
+ GetLengthSid(pUserSID) - SizeOf(DWORD);

// STEP 7: Allocate memory for new ACL.
pNewACL := AllocMem(cbNewACL);

// STEP 8: Initialize the new ACL.
if (not InitializeAcl(pNewACL^, cbNewACL, ACL_REVISION2)) then
RaiseLastWin32Error;
// STEP 9: If DACL is present, copy it to a new DACL.
if (fDaclPresent) then
begin
// STEP 10: Copy the file's ACEs to the new ACL.
if (AclInfo.AceCount > 0) then
begin
for CurrentAceIndex := 0 to AclInfo.AceCount - 1 do
begin
// STEP 11: Get an ACE.
if (not GetAce(p_ACL^, CurrentAceIndex, pTempAce)) then
RaiseLastWin32Error;
// STEP 12: Add the ACE to the new ACL.
if (not AddAce(pNewACL^, ACL_REVISION, MAXDWORD, pTempAce,
PACE_HEADER(pTempAce)^.AceSize)) then
RaiseLastWin32Error;
end
end
end;

// STEP 13: Add the access-allowed ACE to the new DACL.
if (not AddAccessAllowedAce(pNewACL^, ACL_REVISION2, dwAccessMask,
pUserSID)) then
RaiseLastWin32Error;

// STEP 14: Set the new DACL to the file SD.
if (not SetSecurityDescriptorDacl(pNewSD, True, pNewACL, False)) then
RaiseLastWin32Error;

// STEP 15: Set the SD to the File.
if (not SetFileSecurity(PChar(FileName), DACL_SECURITY_INFORMATION,
pNewSD)) then
RaiseLastWin32Error;
Result := True;
end;
finally
// STEP 16: Free allocated memory
if Assigned(pUserSID) then
FreeMem(pUserSID);
if Assigned(szDomain) then
FreeMem(szDomain);
if Assigned(pFileSD) then
FreeMem(pFileSD);
if Assigned(pNewSD) then
FreeMem(pNewSD);
if Assigned(pNewACL) then
FreeMem(pNewACL);
end;
end;

//
procedure NetApiCheck(RetValue: Cardinal);
begin
if RetValue <> ERROR_SUCCESS then
RaiseLastOSError(RetValue);
end;
//

function WideGetEveryoneName: WideString;
var
psid: PSECURITY_DESCRIPTOR;
Dummy: WideString;
NameLen, DomainNameLen: Cardinal;
Use: SID_NAME_USE;
begin
Result := '';

if not AllocateAndInitializeSid(SECURITY_WORLD_SID_AUTHORITY, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, psid) then
Exit;
try
NameLen := 0;
DomainNameLen := 0;
Use := 0;
if LookupAccountSidW(nil, psid, nil, NameLen, nil, DomainNameLen, Use) or
(GetLastError <> ERROR_INSUFFICIENT_BUFFER) then
Exit;

if NameLen = 1 then
Exit;

SetLength(Result, NameLen - 1);
SetLength(Dummy, DomainNameLen);

if not LookupAccountSidW(nil, psid, PWideChar(Result), NameLen, PWideChar(Dummy), DomainNameLen, Use) then
Result := '';
finally
FreeSid(psid);
end;
end;

//

function DeleteShare(const ShareName: WideString): Boolean;
begin
Result := NetShareDel(nil, PWideChar(ShareName), 0) = NERR_Success;
end;

procedure ShareDirectory(const Directory, ShareName, Description: WideString);
var
ShareInfo: TShareInfo2;
OldAcl, NewAcl: PACL;
psid: PSECURITY_DESCRIPTOR;
ExplicitAccess: EXPLICIT_ACCESS_W;
begin
FillChar(ShareInfo, SizeOf(ShareInfo), 0);
ShareInfo.shi2_netname := PWideChar(ShareName);
ShareInfo.shi2_type := STYPE_DISKTREE;
ShareInfo.shi2_remark := PWideChar(Description);
ShareInfo.shi2_max_uses := SHI_USES_UNLIMITED;
ShareInfo.shi2_path := PWideChar(Directory);
NetApiCheck(NetShareAdd(nil, 2, @ShareInfo, nil));

///////////添加共享资源的访问权限,对应于对象属性页中"共享" 页中的设置

//为已共享对象分配权限

// 第1步:获取文件(夹)安全对象的DACL列表

NetApiCheck(GetNamedSecurityInfoW(PWideChar(ShareName), SE_LMSHARE, DACL_SECURITY_INFORMATION, nil, nil, @OldAcl, nil,
psid));
try
//第2步: 生成指定用户帐户的访问控制信息(这里指定赋予全部的访问权限)

////创建一个ACE,禁止 everyone 组成员完全控制对象,只读且不允许子对象继承此权限
FillChar(ExplicitAccess, SizeOf(ExplicitAccess), 0);

BuildExplicitAccessWithNameW(@ExplicitAccess, PWideChar(WideGetEveryoneName),
GENERIC_ALL or STANDARD_RIGHTS_ALL or SPECIFIC_RIGHTS_ALL ,GRANT_ACCESS{SET_ACCESS}, SUB_CONTAINERS_AND_OBJECTS_INHERIT); //使用共享文件夹被everyone用户完全控制

//第3步: 创建新的ACL对象(合并已有的ACL对象和刚生成的用户帐户访问控制信息)

NetApiCheck(SetEntriesInAclW(1, @ExplicitAccess, OldAcl, NewAcl)); // 将新的ACE加入DACL

try
//// 更新共享对象的DACL
NetApiCheck(SetNamedSecurityInfoW(PWideChar(ShareName), SE_LMSHARE, DACL_SECURITY_INFORMATION, nil, nil, NewAcl,
nil));

finally
LocalFree(HLOCAL(NewAcl)); //释放
end;

////////////////添加文件、目录访问权限,对应于对象属性页中"安全" 页中的设置

SetFileAccesRights(Directory,'Everyone',GENERIC_ALL);
SetFileAccesRights(Directory,'Guest',GENERIC_WRITE or STANDARD_RIGHTS_ALL);

finally
LocalFree(HLOCAL(psid));
end;

end;

procedure TForm1.Button1Click(Sender: TObject);
begin
DeleteShare('test_folder2'); //取消共享
ShareDirectory('D:\test_folder2', 'test_folder2', ''); //共享文件夹
showmessage('share ok');
end;

end.

[原创]delphi在win7下创建共享文件夹源代码的更多相关文章

  1. linux 下创建共享文件夹

    首先需要在win下共享一个盘 然后设置virtulbox 然后修改一串代码 参考原文 https://jingyan.baidu.com/article/2fb0ba40541a5900f2ec5f0 ...

  2. Linux下创建共享文件夹

    1,查看ip 地址 ifconifg: 2,查看是否安装samba服务器,rpm -qa | grep samba: 3,如果有该服务器,启动 service smb start,否则进行安装 yum ...

  3. windows环境下创建 .文件夹

    一.windows环境下创建 .文件夹 1.新建一个文件夹 2.重命名为.properties.(名字前后都加点) 二.windows环境下创建 .文件 1.上面的方法对文件同样适用 2.运行CMD, ...

  4. System.IO在不存在的路径下创建文件夹和文件的测试

    本文测试System.IO命名空间下的类,在不存在的路径下创建文件夹和文件的效果: 首先测试创建文件夹: System.IO.Directory.CreateDirectory(@"C:\A ...

  5. MVC如何在解决方案下创建文件夹

    背景:为什么要在解决方案下创建文件夹? 比如,在开发过程中,会抽象出大量的公共方法,如数据库访问的方法.配置文件读取方法等等,将这些方法生成自己的DLL库文件,方便在其他的项目中进行复用.那么,这些方 ...

  6. ubuntu下创建文件夹快捷方式

    title: ubuntu下创建文件夹快捷方式 toc: false date: 2018-09-01 17:22:28 categories: methods tags: ubuntu 快捷方式 s ...

  7. android下创建文件夹和修改其权限的方法

    原文:http://www.cnblogs.com/wanqieddy/archive/2011/12/28/2304906.html 由于工作的需要,今天研究了在android下创建文件夹和修改其权 ...

  8. 【转】【教程】实现Virtualbox中的XP虚拟机和主机Win7之间的共享文件夹

    原文网址:http://www.crifan.com/add_share_folder_for_virtualbox_guest_xp_and_host_win7/ 已经实现了在主机Win7下,在Vi ...

  9. Linux系统centos7+VMwareWorkstation创建共享文件夹错误解决方法集锦

    在创建共享文件夹过程中出现了多种错误,多次尝试后终于解决了. 1.直接找到VMware Tools压缩包的位置:/run/media/wxy/VMware\ Tools /**省去了创建光盘挂载点:m ...

随机推荐

  1. Python: 如何写一个异常

    例子1 try: #test area function() except Exception, e: print e.message 例子2:用raise抛出一个异常 if bool_var is ...

  2. 多线程Task

    using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; usin ...

  3. HDFS操作及小文件合并

    小文件合并是针对文件上传到HDFS之前 这些文件夹里面都是小文件 参考代码 package com.gong.hadoop2; import java.io.IOException; import j ...

  4. win10图片打开方式里没有默认照片查看器的解决方法

    今天安装好win10后发现打开图片的默认程序是win10自带的画图工具,非常不方便,并且右键选择打开方式里边也找不到默认的“照片查看器”.百度搜索了一下关于win10打开方式恢复默认照片查看器的方法, ...

  5. MySQL 中的三中循环 while loop repeat 的基本用法

    -- MySQL中的三中循环 while . loop .repeat 求 1-n 的和 -- 第一种 while 循环 -- 求 1-n 的和 /* while循环语法: while 条件 DO 循 ...

  6. Python并发编程一(多进程)

    1.背景知识(进程.多道技术) 顾名思义,进程即正在执行的一个过程.进程是对正在运行程序的一个抽象. 进程的概念起源于操作系统,是操作系统最核心的概念,也是操作系统提供的最古老也是最重要的抽象概念之一 ...

  7. 【Fiddler学习】Fiddler面板的详细介绍(转)

    转自:https://www.cnblogs.com/GreenLeaves/p/6971452.html 下面开始分析主界面的功能区: 1.Fiddler菜单栏,上图黑色部分,包括捕获http请求, ...

  8. MySQL Developer

    1.The mysql Client Program 2.Data Types 3.Joins 4.Subqueries 5.Views 6.StoredRoutine . 1.Client/Serv ...

  9. Java并发编程:Java Thread 的 sleep() 和 wait() 的区别

      1. start 和 run 方法解释: 1) start: 用start方法来启动线程,真正实现了多线程运行,这时无需等待run方法体代码执行完毕而直接继续执行下面的代码.通过调用Thread类 ...

  10. thinkphp 验证的使用

    TP5验证可分为独立验证和验证器: 独立验证是可直接写在控制器里直接验证如下: //独立验证 $data = [ 'name'=>'vendor33333', 'email'=>'vaen ...