Skip to main content
BuyLog In
ASP.NET Web Forms Controls
Search in…
Docs > ASP.NET WebForms Controls > File Management > File Manager > Concepts > Access Control Overview > Access Rules
A newer version of this page is available. .
All docs
V18.2
ASP.NET Controls and MVC Extensions
Prerequisites
What's Installed
Common Concepts
ASP.NET WebForms Controls
Getting Started
Grid View
Tree List
Card View
Reporting
Chart Control
Pivot Grid
Spreadsheet
Rich Text Editor
Scheduler
Site Navigation and Layout
HTML Editor
Gauges
Vertical Grid
Data Editors
Docking and Popups
File Management
Product Information
File Manager
Overview
Concepts
Root Folder
Thumbnails
View Modes
Custom Columns
Toolbar
Adaptivity
Uploading Files
File Download
Context Menu
Access Control Overview
Access Rules
Permissions
File System Providers
Security Issues
Visual Elements
Member Tables
Examples
File Upload
Data and Image Navigation
Multi-Use Site Controls
Spell Checker
Query Builder
ASP.NET MVC Extensions
Localization
Redistribution and Deployment
Get More Help
.NET Framework API Reference
Client API Reference
Download CHM

Access Rules

  • 3 minutes to read

This topic illustrates how to define security permissions for folders and files using a set of folder/file access rules (the FileManagerSettingsPermissions.AccessRules collection). Indexing rules within a collection allow you to control the rules’ priority. A rule with a higher index has a higher priority.

Note

Refer to the Permissions topic for details on how to permit or deny access to individual files and folders or to implement complicated user access logic.

To set up access rules for folders (including their files and sub-folders) and individual files, use the FileManagerFolderAccessRule and FileManagerFileAccessRule elements. The table below lists the access rule properties that are available for files and folders.

Rule Properties File Access Rule Folder Access Rule Description
Path + + A path to which the rule is applied
Role + + A role to which the rule is applied
Browse + + Permission to view a file/folder
Download + - Permission to download a file
Edit + + Permission to edit a file/folder and its content (for folders)
Edit Content - + Permission to edit folder content
Upload - + Permission to upload files to a folder

The following Rights enumeration values determine permissions:

Value Description
Allow Rights.Allow The action is allowed within the access rule.
Deny Rights.Deny The action is denied within the access rule.
Default Rights.Default The action has the same permission as the current item (file or folder) parent element. It corresponds to the Rights.Allow permission if this value does not exist.

You can associate access rules with specific security roles and group related permissions by assigning the role’s name to the rule’s Role property. Related access rules should be assigned to matching role names.

Use the FileManagerSettingsPermissions.Role property to apply any created role to the ASPxFileManager. After that, the file manager displays folders and files and provides access permissions to them based on the assigned role.

Note

Online Demo

ASPxFileManager - Access Control

Examples

How to deny editing files except for JPG files:

<dx:ASPxFileManager ID="ASPxFileManager1" runat="server">
    <SettingsEditing AllowCreate="true" AllowDelete="true" AllowMove="true" AllowRename="true" />
    <SettingsPermissions>
        <AccessRules>
            <dx:FileManagerFileAccessRule Edit="Deny" Path="*" />
            <dx:FileManagerFileAccessRule Edit="Allow" Path="*.jpg" />
        </AccessRules>
    </SettingsPermissions>
</dx:ASPxFileManager>

How to deny browsing the ‘Admin’ folder:

<dx:ASPxFileManager ID="ASPxFileManager1" runat="server">
    <SettingsPermissions>
        <AccessRules>
            <dx:FileManagerFolderAccessRule Browse="Deny" Path="Admin" />
        </AccessRules>
    </SettingsPermissions>
</dx:ASPxFileManager>

How to deny editing the ‘ReadOnly’ folder:

<dx:ASPxFileManager ID="ASPxFileManager1" runat="server">
    <SettingsEditing AllowCreate="true" AllowDelete="true" AllowMove="true" AllowRename="true" />
    <SettingsPermissions>
        <AccessRules>
            <dx:FileManagerFolderAccessRule Edit="Deny" Path="ReadOnly" />
        </AccessRules>
    </SettingsPermissions>
</dx:ASPxFileManager>

How to deny uploading any folders except the ‘UploadFolder’ folder:

<dx:ASPxFileManager ID="ASPxFileManager1" runat="server">
    <SettingsPermissions>
        <AccessRules>
            <dx:FileManagerFolderAccessRule Upload="Deny" Path="" />
            <dx:FileManagerFolderAccessRule Upload="Allow" Path="UploadFolder" />
        </AccessRules>
    </SettingsPermissions>
</dx:ASPxFileManager>

How to deny non-admin users permission to edit files:

<dx:ASPxFileManager ID="ASPxFileManager1" runat="server">
<SettingsPermissions>
<AccessRules>
<dx:FileManagerFolderAccessRule Edit="Deny" Path="" />
<dx:FileManagerFolderAccessRule Edit="Allow" Path="" Role="Admin" />
</AccessRules>
</SettingsPermissions>
</dx:ASPxFileManager>

ASPxFileManager1.SettingsPermissions.Role = User.IsAdmin ? "Admin" : string.Empty;