Evjen c25.tex V2 - 01/28/2008 3:42pm Page 1160 Chapter 25: File I/O and Streams C# System.IO.FileInfo file = new System.IO.FileInfo(Server.MapPath("TextFile.txt")); Response.Write("Location: " + file.FullName + " < BR > "); Response.Write("Size: " + file.Length + " < BR > "); Response.Write("Created: " + file.CreationTime + " < BR > "); Response.Write("Modified: " + file.LastWriteTime + " < BR > "); Response.Write("Accessed: " + file.LastAccessTime + " < BR > "); Response.Write("Attributes: " + file.Attributes); Access Control Lists Although getting the properties and attributes is useful, what many developers need is the capability to actually change the Access Control Lists, or ACLs — pronounced Ackels — on directories and files. ACLs are t he way resources such as directories and files are secured in the NTFS file system, which is the file system used by Windows XP, NT 4.0, 2000, and 2003. You can view a file’s ACLs by selecting the Security tab from the file’s Properties dialog. Figure 25-8 shows the ACLs set for the TextFile.txt file you created. Figure 25-8 Using the new System.AccessControl namespace in the .NET Framework, you can query the file system for the ACL information and display it in a Web page, as shown in Listing 25-10. 1160 Evjen c25.tex V2 - 01/28/2008 3:42pm Page 1161 Chapter 25: File I/O and Streams Listing 25-10: Access Control List information VB < script runat="server" > Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) ’ retrieve the AccessControl information for this file Dim sec As System.Security.AccessControl.FileSecurity sec = System.IO.File.GetAccessControl(Server.MapPath("TextFile.txt")) Me.Label1.Text = _ sec.GetOwner(GetType(System.Security.Principal.NTAccount)).Value ’ retrieve the collection of access rules Dim auth As System.Security.AccessControl.AuthorizationRuleCollection = _ sec.GetAccessRules(true, true, _ GetType(System.Security.Principal.NTAccount)) Dim tc As TableCell ’ loop through the rule collection and add a table row for each rule For Each r As System.Security.AccessControl.FileSystemAccessRule In auth Dim tr As New TableRow() tc = New TableCell() tc.Text = r.AccessControlType.ToString() ’ deny or allow tr.Cells.Add(tc) tc = New TableCell() tc.Text = r.IdentityReference.Value ’ who tr.Cells.Add(tc) tc = New TableCell() tc.Text = r.InheritanceFlags.ToString() tr.Cells.Add(tc) tc = New TableCell() tc.Text = r.IsInherited.ToString() tr.Cells.Add(tc) tc = New TableCell() tc.Text = r.PropagationFlags.ToString() tr.Cells.Add(tc) tc = New TableCell() tc.Text = r.FileSystemRights.ToString() tr.Cells.Add(tc) Table1.Rows.Add(tr) Next End Sub < /script > Continued 1161 Evjen c25.tex V2 - 01/28/2008 3:42pm Page 1162 Chapter 25: File I/O and Streams < html xmlns="http://www.w3.org/1999/xhtml" > < head runat="server" > < title > Displaying ACL Information < /title > < /head > < body > < form id="form1" runat="server" > < div > < p >< b > File Owner: < /b > < asp:Label ID="Label1" runat="server" Text="Label" / >< /p > < p > Access Rules: < br / > < asp:Table ID="Table1" runat="server" CellPadding="2" GridLines="Both" > < asp:TableRow > < asp:TableHeaderCell > Control Type < /asp:TableHeaderCell > < asp:TableHeaderCell > Identity < /asp:TableHeaderCell > < asp:TableHeaderCell > Inheritance Flags < /asp:TableHeaderCell > < asp:TableHeaderCell > Is Inherited < /asp:TableHeaderCell > < asp:TableHeaderCell > Propagation Flags < /asp:TableHeaderCell > < asp:TableHeaderCell > File System Rights < /asp:TableHeaderCell > < /asp:TableRow > < /asp:Table > < /p > < /div > < /form > < /body > < /html > C# < script runat="server" > protected void Page_Load(object sender, EventArgs e) { // retrieve the AccessControl information for this file System.Security.AccessControl.FileSecurity sec = System.IO.File.GetAccessControl(Server.MapPath("TextFile.txt")); this.Label1.Text = sec.GetOwner( typeof(System.Security.Principal.NTAccount) ).Value; // retrieve the collection of access rules System.Security.AccessControl.AuthorizationRuleCollection auth = sec.GetAccessRules(true, true, typeof (System.Security.Principal.NTAccount)); TableCell tc; // loop through the rule collection and add a table row for each rule foreach (System.Security.AccessControl.FileSystemAccessRule r in auth) { TableRow tr = new TableRow(); tc = new TableCell(); tc.Text = r.AccessControlType.ToString(); // deny or allow tr.Cells.Add(tc); Continued 1162 Evjen c25.tex V2 - 01/28/2008 3:42pm Page 1163 Chapter 25: File I/O and Streams tc = new TableCell(); tc.Text = r.IdentityReference.Value; // who tr.Cells.Add(tc); tc = new TableCell(); tc.Text = r.InheritanceFlags.ToString(); tr.Cells.Add(tc); tc = new TableCell(); tc.Text = r.IsInherited.ToString(); tr.Cells.Add(tc); tc = new TableCell(); tc.Text = r.PropagationFlags.ToString(); tr.Cells.Add(tc); tc = new TableCell(); tc.Text = r.FileSystemRights.ToString(); tr.Cells.Add(tc); Table1.Rows.Add(tr); } } < /script > Figure 25-9 shows what the page looks like when it is executed. Note that the Identity column might be different depending on whom you are logged in as when you run the page and what security mode the application is running under (Integrated Windows Authentication, Basic, or Anonymous). Figure 25-9 Now let’s look at actually modifying the ACL lists. In this example, you give a user explicit Full Control rights over the TextFile.txt file. You can use either an existing user or create a new test User account in Windows to run this sample. Listing 25-11 shows how to add an access rule to the TextFile.txt file. 1163 Evjen c25.tex V2 - 01/28/2008 3:42pm Page 1164 Chapter 25: File I/O and Streams Listing 25-11: Adding a rule to the Access Control List VB Dim sec As System.Security.AccessControl.FileSecurity = _ System.IO.File.GetAccessControl(Server.MapPath("TextFile.txt")) sec.AddAccessRule( _ New System.Security.AccessControl.FileSystemAccessRule( _ "DEMOXP \ TestUser", _ System.Security.AccessControl.FileSystemRights.FullControl, _ System.Security.AccessControl.AccessControlType.Allow _ )_ ) System.IO.File.SetAccessControl(Server.MapPath("TextFile.txt"),sec) C# System.Security.AccessControl.FileSecurity sec = System.IO.File.GetAccessControl(Server.MapPath("TextFile.txt")); sec.AddAccessRule( new System.Security.AccessControl.FileSystemAccessRule( @"DEMOXP \ TestUser", System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow ) ); System.IO.File.SetAccessControl(Server.MapPath("TextFile.txt"),sec); There are several things to notice in this code sample. First, notice that you are passing three para- meters to the FileSystemAccessRule constructor. The first parameter is the user you want to give rights to; change this value to a user on your specific system. Also notice that you must specify the full DOMAIN\USERNAME for the user. Next, notice that, in the code, you are using the FileSystemRights enumeration to specify exactly which rights y ou want to give to this user. You can specify multiple rights by using a bitwise Or operator, as shown in the following: new System.Security.AccessControl.FileSystemAccessRule( "DEMOXP \ TestUser", System.Security.AccessControl.FileSystemRights.Read & System.Security.AccessControl.FileSystemRights.Write, System.Security.AccessControl.AccessControlType.Allow ) After running Listing 25-11, take a look at the Security tab in the file’s Properties dialog and you should see that the user has been added to the Access Control List and allowed Full Control. Figure 25-10 shows what the dialog should look like. Now remove the ACL you just added by running essentially the same code, but using the RemoveAc- cessRule method rather than the AddAccessRule method. Listing 25-12 shows this code. 1164 Evjen c25.tex V2 - 01/28/2008 3:42pm Page 1165 Chapter 25: File I/O and Streams Figure 25-10 Listing 25-12: Removing the rule from the Access Control List VB Dim sec As System.Security.AccessControl.FileSecurity = _ System.IO.File.GetAccessControl(Server.MapPath("TextFile.txt")) sec.RemoveAccessRule( _ new System.Security.AccessControl.FileSystemAccessRule( _ "DEMOXP \ TestUser", _ System.Security.AccessControl.FileSystemRights.FullControl, _ System.Security.AccessControl.AccessControlType.Allow _ )_ ) System.IO.File.SetAccessControl(Server.MapPath("TextFile.txt"),sec) C# System.Security.AccessControl.FileSecurity sec = System.IO.File.GetAccessControl(Server.MapPath("TextFile.txt")); Continued 1165 Evjen c25.tex V2 - 01/28/2008 3:42pm Page 1166 Chapter 25: File I/O and Streams sec.RemoveAccessRule( new System.Security.AccessControl.FileSystemAccessRule( @"DEMOXP \ TestUser", System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow) ); System.IO.File.SetAccessControl(Server.MapPath("TextFile.txt"),sec); If you open the file Properties dialog again, you see that the user has been removed from the Access Control List. Reading and Writing Files Now that you have learned how to manage the files on the local system, this section shows you how to use the .NET Framework to perform input/output (I/O) operations, such as reading and writing, on those files. The .NET Framework makes performing I/O very easy because it uses a common model of reading or writing I/O data; so regardless of the source, virtually the same code can be used. The model is based on two basic concepts, Stream classes and Reader/Writer classes. Figure 25-11 shows the basic I/O model .NET uses and how Streams, Readers, and Writers work together to make it possible to transfer data to and from any number of sources in any number of formats. Note that the diagram shows only some of the Streams and Reader/Writer pairs in the .NET Framework. File System FileStream NetworkStream MemoryStream UnmanagedMemoryStream System Memory Network Stream Class Stream Classes Physical Hardware Writer Classes StringWriter TextWriter StreamWriter BinaryWriter Reader Classes StringReader TextReader StreamReader BinaryReader Figure 25-11 In this section, you dive deeper into learning how Streams, Readers, and Writers work and how .NET makes it easy to use them to transfer data. 1166 Evjen c25.tex V2 - 01/28/2008 3:42pm Page 1167 Chapter 25: File I/O and Streams Streams Regardless of the type of I/O operation you are performing in .NET, if you want to read or write data you eventually use a stream of some type. Streams are the basic mechanism .NET uses to transfer data to and from its underlying source, be it a file, communication pipe, or TCP/IP socket. The Stream class provides the basic functionality to read and write I/O data, but because the Stream class is marked as a bstract, you most likely need to use one of the several classes derived from Stream .Each Stream derivation is specialized to make it easy to transfer data from a specific source. The following table lists some of the classes derived from the Stream class. Class Description System.IO.FileStream Reads and writes files on a file system, as well as other file-related operating system handles (including pipes, standard input, standard output, and so on). System.IO.MemoryStream Creates streams that have memory as a backing store instead of a disk or a network connection. This can be useful in eliminating the need to write temporary files to disk or to store binary blob information in a database. System.IO.UnmanagedMemoryStream Supports access to unmanaged memory using the existing stream-based model and does not require that the con- tents in the unmanaged memory be copied to the heap. System.IO.BufferedStream Extends the Stream class by adding a buffering layer to read and write operations on another stream. The stream performs reads and writes in blocks (4096 bytes by default), which can result in improved efficiency. System.Net.Sockets.NetworkStream Implements the standard .NET Framework stream to send and receive data through network sockets. It supports both synchronous and asynchronous access to the network data stream. System.Security .Cryptography.CryptoStream Enables you to read and write data through cryptographic transformations. System.IO.Compression.GZipStream Enables you to compress data using the GZip data format. System.IO .Compression.DeflateStream Enables you to compress data using the Deflate algorithm. For more information, see the RFC 1951: DEFLATE 1.3 Specification. System.Net.Security.NegotiateStream Uses the Negotiate security protocol to authenticate the client, and optionally the server, in client-server communication. System.Net.Security.SslStream Necessary for client-server communication that uses the Secure Socket Layer (SSL) security protocol to authenticate the server and optionally the client. As an example, you can use the FileStream to read a local system file f rom disk. To prepare for this sample, open the TextFile.txt you created for the samples in the previous section, enter some text, and save the file. Listing 25-13 shows the code to read this simple text file. 1167 Evjen c25.tex V2 - 01/28/2008 3:42pm Page 1168 Chapter 25: File I/O and Streams Listing 25-13: Using a FileStream to read a system file VB Dim fs As New FileStream (Server.MapPath("TextFile.txt"), FileMode.Open) Dim data(fs.Length) As Byte fs.Read(data, 0, fs.Length) fs.Close() C# FileStream fs = new FileStream(Server.MapPath("TextFile.txt"), FileMode.Open); byte[] data = new byte[fs.Length]; fs.Read(data, 0, (int)fs.Length); fs.Close(); There are several items of note in this code. First, notice that you are creating a byte array the length of the stream, using the Length property to properly size the array, and then passing it to the Read method. The Read method fills the byte array with the stream data, in this case reading the entire stream into the byte array. If you want to read only a chunk of the stream or to start at a specific point in the stream, just change the parameters you pass to the Read method. Streams use byte arrays as the basic means of transporting data to and from the underlying data source. You use a byte array to read data in this sample and, later in the chapter, you learn how to create a byte array that contains data you can write to a stream. Second, note that you are explicitly closing the FileStream using the Close method. Streams must always be explicitly closed in order to release the resources they are using, which in this case is the file. Failing to explicitly close the stream can cause memory leaks, and it may also deny other users and applications access to the resource. A good way to ensure that your streams will always be closed once you are done using them is to wrap them in a Using statement. Using automatically calls the stream objects Dispose() method once the Using statement is closed. For the stream object, calling the Dispose method also automatically calls the streams Close() method. Utilizing the Using statement with stream objects is a good way to ensure that even if you do forget to explicitly add a call to close the stream, the object will be closed and the underlying resources released before the object is disposed. Finally, notice that in the FileStream constructor, you are passing two parameters, the first being the path to the file you want to read and the other indicating the type of access you want to use when opening the file. The FileMode enumeration lets you specify how the stream should be opened, for reading, writing, or both reading and writing. Thinking about how you will use the opened file can become very important. Here are some issues you might want to consider when working with files using FileStream : ❑ Will you be reading, writing, or both? ❑ Are you creating a new file, or appending or truncating an existing file? ❑ Should other programs be allowed to access the file while you are using it? ❑ How are you going to read or write the data in the file? Are you looking for a specific location in the file, or simply reading the entire file from beginning to end? 1168 Evjen c25.tex V2 - 01/28/2008 3:42pm Page 1169 Chapter 25: File I/O and Streams Thankfully, the FileStream constructor includes a number of overloads that let you explicitly specify how you will use the file. The IO namespace also includes four enumerations that can help you control how the FileStream accesses your file: ❑ FileMode: The FileMode enumeration lets you control whether the file is appended, truncated, created, or opened. ❑ FileAccess: The FileAccess enumeration controls whether the file is opened for reading, writing, or both. ❑ FileOptions: The FileOptions enumeration controls several other miscellaneous options, such as random or sequential access, file encryption, or asynchronous file writing. ❑ FileShare: The FileShare enumeration controls the access that other users and programs have to the file while your application is using it. Listing 25-14 shows how you can use all these e numerations in the FileStream constructor to write data to the text file you created earlier. Notice that you are supplying the FileStream constructor with much more information on how you want to open the file. In this sample, you append another text string to the file you just read. To do this, set the FileMode to Append and the FileAccess to Write. Listing 25-14: Using I/O enumerations to control file behavior when w riting a file VB Dim fs As New System.IO.FileStream(Server.MapPath("TextFile.txt"), _ System.IO.FileMode.Append, System.IO.FileAccess.Write, _ System.IO.FileShare.Read, 8, System.IO.FileOptions.None) Dim data() As Byte = _ System.Text.Encoding.ASCII.GetBytes("This is an additional string") fs.Write(data, 0, data.Length) fs.Flush() fs.Close() C# System.IO.FileStream fs = new System.IO.FileStream(Server.MapPath("TextFile.txt"), System.IO.FileMode.Append, System.IO.FileAccess.Write, System.IO.FileShare.Read, 8, System.IO.FileOptions.None); byte[] data = System.Text.Encoding.ASCII.GetBytes("This is an additional string"); fs.Write(data, 0, data.Length); fs.Flush(); fs.Close(); You can write your text to the file by encoding a string to a byte a rray, which contains the information you want to write. Then, using the Write method, write your byte array to the FileStreams buffer and use the Flush method to instruct the FileStream to clear its buffer, causing any buffered data to be committed to the underlying data store. Finally, close the FileStream , releasing any resources it is using. If you open the TextFile.txt file in Notepad, you should see your string has been appended to the existing text in the file. Note that using the Flush method in this scenario is optional because the Close method also calls Flush internally to commit the data to the data store. However, because the Flush method does not release the 1169 . information and display it in a Web page, as shown in Listing 25- 10. 1160 Evjen c 25. tex V2 - 01/28/2008 3: 42pm Page 1161 Chapter 25: File I/O and Streams Listing 25- 10: Access Control List information VB < script. text, and save the file. Listing 25- 13 shows the code to read this simple text file. 1167 Evjen c 25. tex V2 - 01/28/2008 3: 42pm Page 1168 Chapter 25: File I/O and Streams Listing 25- 13: Using a. the AddAccessRule method. Listing 25- 12 shows this code. 1164 Evjen c 25. tex V2 - 01/28/2008 3: 42pm Page 11 65 Chapter 25: File I/O and Streams Figure 25- 10 Listing 25- 12: Removing the rule from the Access