Option Explicit
Public Const MAXIMUM_ALLOWED As Long = &H2000000
Public Const DELETE As Long = &H10000
Public Const READ_CONTROL As Long = &H20000
Public Const WRITE_DAC As Long = &H40000
Public Const WRITE_OWNER As Long = &H80000
Public Const SYNCHRONIZE As Long = &H100000

Public Const STANDARD_RIGHTS_READ As Long = READ_CONTROL
Public Const STANDARD_RIGHTS_WRITE As Long = READ_CONTROL
Public Const STANDARD_RIGHTS_EXECUTE As Long = READ_CONTROL
Public Const STANDARD_RIGHTS_REQUIRED As Long = &HF0000

Public Const FILE_READ_DATA As Long = &H1
Public Const FILE_LIST_DIRECTORY As Long = &H1
Public Const FILE_ADD_FILE As Long = &H2
Public Const FILE_WRITE_DATA As Long = &H2
Public Const FILE_CREATE_PIPE_INSTANCE As Long = &H4
Public Const FILE_ADD_SUBDIRECTORY As Long = &H4
Public Const FILE_APPEND_DATA As Long = &H4
Public Const FILE_READ_EA As Long = &H8
Public Const FILE_READ_PROPERTIES As Long = FILE_READ_EA
Public Const FILE_WRITE_EA As Long = &H10
Public Const FILE_WRITE_PROPERTIES As Long = FILE_WRITE_EA
Public Const FILE_EXECUTE As Long = &H20
Public Const FILE_TRAVERSE As Long = &H20
Public Const FILE_DELETE_CHILD As Long = &H40
Public Const FILE_READ_ATTRIBUTES As Long = &H80
Public Const FILE_WRITE_ATTRIBUTES As Long = &H100

Public Const FILE_GENERIC_READ As Long = (STANDARD_RIGHTS_READ Or FILE_READ_DATA Or FILE_READ_ATTRIBUTES Or FILE_READ_EA Or FILE_EXECUTE Or STANDARD_RIGHTS_EXECUTE Or SYNCHRONIZE)
Public Const FILE_GENERIC_READ As Long = (STANDARD_RIGHTS_READ Or FILE_READ_DATA Or FILE_READ_ATTRIBUTES Or FILE_READ_EA Or SYNCHRONIZE)
Public Const FILE_GENERIC_EXECUTE As Long = (STANDARD_RIGHTS_EXECUTE Or FILE_READ_ATTRIBUTES Or FILE_EXECUTE Or SYNCHRONIZE)
Public Const FILE_GENERIC_WRITE As Long = (STANDARD_RIGHTS_WRITE Or FILE_WRITE_DATA Or FILE_WRITE_ATTRIBUTES Or FILE_WRITE_EA Or FILE_APPEND_DATA Or SYNCHRONIZE)
Public Const FILE_ALL_ACCESS As Long = (STANDARD_RIGHTS_REQUIRED Or SYNCHRONIZE Or &H1FF&)

Public Const GENERIC_READ As Long = &H80000000
Public Const GENERIC_WRITE As Long = &H40000000
Public Const GENERIC_EXECUTE As Long = &H20000000
Public Const GENERIC_ALL As Long = &H10000000

' Types, constants and functions to work with access rights
Public Const OWNER_SECURITY_INFORMATION As Long = &H1
Public Const GROUP_SECURITY_INFORMATION As Long = &H2
Public Const DACL_SECURITY_INFORMATION As Long = &H4
Public Const TOKEN_QUERY As Long = 8
Public Const SecurityImpersonation As Integer = 3
Public Const ANYSIZE_ARRAY = 1

Public Const ACEListDirectory = 1
Public Const ACEReadData = 1
Public Const ACECreateFiles = 2
Public Const ACEWriteData = 2
Public Const ACECreateDirectories = 4
Public Const ACEAppendData = 4
Public Const ACEReadExtendedAttributes = 8
Public Const ACEWriteExtendedAttributes = 16
Public Const ACEExecuteFile = 32
Public Const ACETraverse = 32
Public Const ACEDeleteSubdirectoriesAndFiles = 64
Public Const ACEReadAttributes = 128
Public Const ACEWriteAttributes = 256
'Public Const ACEWrite = 278
Public Const ACEDelete = 65536
Public Const ACEReadPermissions = 131072
'Public Const ACERead = 131209
'Public Const ACEReadAndExecute = 131241
'Public Const ACEModify = 197055
Public Const ACEChangePermissions = 262144
Public Const ACETakeOwnership = 524288
Public Const ACESynchronize = 1048576
'Public Const ACEFullControl = 2032127


Public Type GENERIC_MAPPING
GenericRead As Long
GenericWrite As Long
GenericExecute As Long
GenericAll As Long
End Type

Public Type LUID
LowPart As Long
HighPart As Long
End Type

Public Type LUID_AND_ATTRIBUTES
pLuid As LUID
Attributes As Long
End Type

Public Type PRIVILEGE_SET
PrivilegeCount As Long
Control As Long
Privilege(ANYSIZE_ARRAY) As LUID_AND_ATTRIBUTES
End Type
Public Declare Function GetFileSecurity Lib "advapi32.dll" Alias "GetFileSecurityA" (ByVal lpFileName As String,ByVal RequestedInformation As Long, pSecurityDescriptor As Byte,ByVal nLength As Long, lpnLengthNeeded As Long) As Long
Public Declare Function AccessCheck Lib "advapi32.dll" (pSecurityDescriptor As Byte, ByVal ClientToken As Long,ByVal DesiredAccess As Long, GenericMapping As GENERIC_MAPPING,PrivilegeSet As PRIVILEGE_SET, PrivilegeSetLength As Long, GrantedAccess As Long, Status As Long) As Long
Public Declare Function ImpersonateSelf Lib "advapi32.dll" (ByVal ImpersonationLevel As Integer) As Long
Public Declare Function RevertToSelf Lib "advapi32.dll" () As Long Public Declare Sub MapGenericMask Lib "advapi32.dll" (AccessMask As Long,GenericMapping As GENERIC_MAPPING)
Public Declare Function OpenThreadToken Lib "advapi32.dll"(ByVal ThreadHandle As Long, ByVal DesiredAccess As Long,ByVal OpenAsSelf As Long, TokenHandle As Long) As Long
Public Declare Function GetCurrentThread Lib "kernel32" () As Long
Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Public Type OSVERSIONINFO
dwOSVersionInfoSize As Long
dwMajorVersion As Long
dwMinorVersion As Long
dwBuildNumber As Long
dwPlatformId As Long
szCSDVersion As String * 128
End Type
Public Const VER_PLATFORM_WIN32_NT As Long = 2
Public Declare Function GetVersionEx Lib "kernel32" Alias "GetVersionExA" _
(lpVersionInformation As OSVERSIONINFO) As Long
Public Const FS_PERSISTENT_ACLS As Long = &H8
Public Declare Function GetVolumeInformation Lib "kernel32" Alias "GetVolumeInformationA" (ByVal lpRootPathName As String,ByVal lpVolumeNameBuffer As String, ByVal nVolumeNameSize As Long,lpVolumeSerialNumber As Long, lpMaximumComponentLength As Long,lpFileSystemFlags As Long, ByVal lpFileSystemNameBuffer As String,ByVal nFileSystemNameSize As Long) As Long

’检查文件的访问权限
Public Function CheckFileAccess(fileName As String, ByVal DesiredAccess As Long) As Long
Dim r As Long, SecDesc() As Byte, SDSize As Long, hToken As Long
Dim PrivSet As PRIVILEGE_SET, GenMap As GENERIC_MAPPING
Dim Volume As String, FSFlags As Long
If Not IsNT() Then
CheckFileAccess = -1
Exit Function
End If
If Left$(fileName, 2) = "\\" Then
r = InStr(3, fileName, "\")
If r = 0 Then
Volume = fileName & "\"
Else
Volume = Left$(fileName, r)
End If
ElseIf Mid$(fileName, 2, 2) = ":\" Then
Volume = Left$(fileName, 3)
End If
GetVolumeInformation Volume, vbNullString, 0, ByVal 0&, _
ByVal 0&, FSFlags, vbNullString, 0
If (FSFlags And FS_PERSISTENT_ACLS) = 0 Then
CheckFileAccess = -1
Exit Function
End If
GetFileSecurity fileName, OWNER_SECURITY_INFORMATION Or GROUP_SECURITY_INFORMATION Or DACL_SECURITY_INFORMATION, 0, 0, SDSize
If Err.LastDllError <> 122 Then
CheckFileAccess = -1 'Rights not supported. Returning -1.
Exit Function
End If
If SDSize = 0 Then Exit Function
ReDim SecDesc(1 To SDSize)
If GetFileSecurity(fileName, OWNER_SECURITY_INFORMATION _
Or GROUP_SECURITY_INFORMATION _
Or DACL_SECURITY_INFORMATION, _
SecDesc(1), SDSize, SDSize) = 0 Then
Exit Function
End If
ImpersonateSelf SecurityImpersonation 'Adding Impersonation Token for thread
OpenThreadToken GetCurrentThread(), TOKEN_QUERY, 0, hToken 'Opening of Token of current thread
If hToken <> 0 Then
GenMap.GenericRead = FILE_GENERIC_READ
GenMap.GenericWrite = FILE_GENERIC_WRITE
GenMap.GenericExecute = FILE_GENERIC_EXECUTE
GenMap.GenericAll = FILE_ALL_ACCESS
MapGenericMask DesiredAccess, GenMap
AccessCheck SecDesc(1), hToken, DesiredAccess, GenMap, PrivSet, Len(PrivSet), CheckFileAccess, r
CloseHandle hToken
End If
RevertToSelf
End Function