Permissions
- 2 minutes to read
This topic illustrates how to apply security permissions to FileManager’s files and folders to deny or permit a user’s access.
Note
Refer to the Access Rules topic to permit or deny access to files and folders using predefined access rules.
File/folder permissions are used in the following cases:
- To restrict access to an individual file/folder.
- To implement a complicated logic for user access to files/folders when using Access Rules is not enough.
To define a user’s access to individual files and folders, use a custom file system provider and the following method overloads:
- FileSystemProviderBase.GetFiles
- FileSystemProviderBase.GetFolders
- FileSystemProviderBase.GetFilePermissions
- FileSystemProviderBase.GetFolderPermissions
The FileManagerFilePermissions and FileManagerFolderPermissions enumerations values determine file and folder permissions:
Permission | File | Folder | Description |
---|---|---|---|
Default | + | + | Access rules define File/Folder permissions. |
Rename | + | + | Permits renaming a file/folder. |
Move | + | + | Permits moving a file/folder. |
Copy | + | + | Permits copying a file/folder. |
Delete | + | + | Permits deleting a file/folder. |
Download | + | - | Permits downloading a file. |
Create | - | + | Permits creating a folder. |
Upload | - | + | Permits uploading a folder. |
MoveOrCopyInto | - | + | Permits moving or copying files and folders into the current folder. |
To specify complicated security rules, combine permissions and access rules. Access rules are used to assign an access level to the whole file system or part of it. Permissions control files’ and folders’ security level.
Note
Permissions have priority over access rules if both access rules and permissions are applied to a specific file/folder.
The following code sample illustrates how to restrict all editing operations for the whole provider’s file system:
FileManagerFolderAccessRule rule1 = new FileManagerFolderAccessRule();
rule1.Edit = Rights.Deny;
FileManagerFileAccessRule rule2 = new FileManagerFileAccessRule();
rule2.Path = "*";
rule1.Download = Rights.Deny;
settings.SettingsPermissions.AccessRules.Add(rule1);
settings.SettingsPermissions.AccessRules.Add(rule2);
Unlike Access Rules, folder permissions are not applied to subfolders and files. For example, a user can delete a folder but cannot delete a file in this folder. If a user deletes the folder, the file deletion depends on the file system provider’s DeleteFolder method implementation.
The permission mechanism does not allow you to display or hide a folder/file like access rules (the Browse property). To implement this functionality using permissions, do not include these files/folders in the GetFiles/GetFolders functions’ resulting values.