关于IIS账户ApplicationPoolIdentity文件操作权限

关于IIS账户ApplicationPoolIdentity文件操作权限
        public string BatchAttch(long recId)
        {
            var it= Ctx.Sys_FileBatchAttach.FirstOrDefault(ent => ent.RecId == recId);
            var urlRoot= F.Studio.Common.Cfg.SimpleCfgMgr.GetV<String>("BatchAttachAPIUrl", "");
            using (System.Net.WebClient wc = new System.Net.WebClient())
            {
                var url = urlRoot + "?m=getListByGuid&guid=" + it.GUID;
                var json= wc.DownloadString(url);
                var Serializer = new System.Web.Script.Serialization.JavaScriptSerializer();
                var list= Serializer.Deserialize<List<BatchAttachInfo>>(json);
                var count = list.Count;
                foreach (var t in list)
                {

                    if (!File.Exists(t.Path)) continue;
                    var  path = FileStorageProvider.GetPath();

                    
                    var file = new FileInfo( t.Path);
                    var length = file.Length;
                    //后面如果使用Move需要提前读取文件大小,后面会删除
                    //访问这个属性时会即时检测文件是否存在。
                    var tagFilename = Path.Combine(FileStorageProvider.C_Root, path);
                    DirectoryInfo dir = new DirectoryInfo(Path.GetDirectoryName(tagFilename));
                    if (!dir.Exists) dir.Create();
 
                    #region 转移文件
                    File.Copy(t.Path, tagFilename);
                    #endregion
                    #region 添加数据库
                    var ent = new Sys_Files();
                    ent.AddTime = it.AddTime;
                    ent.AddUser = it.AddEmpNo;
                    ent.FileName = HttpUtility.UrlDecode( t.Name);
                    ent.Meno =HttpUtility.UrlDecode(t.Comm);
                    ent.Path = path;
                    ent.RefId = it.RefId;
                    ent.RefType = it.RefType;
                    ent.FileSize = length;
                    var srv= new Sys_FilesService();
                    srv.Add(ent);
                    #endregion
                }
                return count.ToString();
            }

            
        }

        public class BatchAttachInfo
        {

            public int Code { get; set; }
            public string Msg { get; set; }
            public string Path { get; set; }
            public string Name { get; set; }
            public long Size { get; set; }
            public string MIME { get; set; }
            public long FileId { get; set; }
            public DateTime? AddTime { get; set; }
            public String ClientNo { get; set; }
            public String Comm { get; set; }
            public long SessionId { get; set; }
            public String GUID { get; set; }

        }
View Code

应用程序池运行在ApplicationPoolIdentity 账户下

可以对服务已存在文件进行Copy操作,但是不能进行Delete操作(Move包含delete)

要进行需要给对应目录添加IIS_IUSER用户的,修改与运行等权限,比较不安全。

建议只进行Copy,重复的文件可以安排Windows任务定期删除。

上一篇:XSS闯关挑战(1-15)


下一篇:ent 基本使用九 代码生成