Skip to main content
BuyLog In
Cross-Platform Class Library
Search in…
Docs > API Reference > DevExpress.Security.Resources > AccessSettings
All docs
V24.2
Cross-Platform Core Libraries
Core Library Assemblies
AI Integration
DevExpress Data Library
DevExpress.Drawing Graphics Library
DevExpress Pivot Grid Core Library
Miscellaneous
API Reference
DevExpress.AIIntegration
DevExpress.AIIntegration.Extensions
DevExpress.AIIntegration.Localization
DevExpress.AIIntegration.OpenAI.Services
DevExpress.AIIntegration.Services.Assistant
DevExpress.AIIntegration.Services.Chat
DevExpress.Charts.Heatmap
DevExpress.Charts.Sankey
DevExpress.DashboardCommon
DevExpress.DashboardCommon.Diagnostics
DevExpress.DashboardWeb
DevExpress.Data
DevExpress.Data.Browsing
DevExpress.Data.Camera
DevExpress.Data.Controls
DevExpress.Data.Controls.ExpressionEditor
DevExpress.Data.Entity
DevExpress.Data.Filtering
DevExpress.Data.Filtering.Exceptions
DevExpress.Data.Filtering.Helpers
DevExpress.Data.Linq
DevExpress.Data.Mask
DevExpress.Data.ODataLinq
DevExpress.Data.PivotGrid
DevExpress.Data.PLinq
DevExpress.Data.TreeList
DevExpress.Data.Utils
DevExpress.Data.Utils.Security
DevExpress.Data.Utils.ServiceModel
DevExpress.Data.WcfLinq
DevExpress.Data.WizardFramework
DevExpress.Data.XtraReports.DataProviders
DevExpress.DataAccess
DevExpress.DataAccess.ConnectionParameters
DevExpress.DataAccess.DataFederation
DevExpress.DataAccess.EntityFramework
DevExpress.DataAccess.Excel
DevExpress.DataAccess.ExpressionEditor
DevExpress.DataAccess.Json
DevExpress.DataAccess.Localization
DevExpress.DataAccess.MongoDB
DevExpress.DataAccess.ObjectBinding
DevExpress.DataAccess.Sql
DevExpress.DataAccess.Sql.DataApi
DevExpress.DataAccess.UI.Localization
DevExpress.DataAccess.Web
DevExpress.DataAccess.Web.QueryBuilder
DevExpress.DataAccess.Web.QueryBuilder.DataContracts
DevExpress.DataAccess.Wizard
DevExpress.DataAccess.Wizard.Model
DevExpress.DataAccess.Wizard.Presenters
DevExpress.DataAccess.Wizard.Services
DevExpress.DataAccess.Wizard.Views
DevExpress.DataProcessing.Criteria
DevExpress.Diagram.Core
DevExpress.Diagram.Core.Layout
DevExpress.Diagram.Core.Localization
DevExpress.Diagram.Core.Native
DevExpress.Diagram.Core.Serialization
DevExpress.Diagram.Core.Shapes
DevExpress.Diagram.Core.Themes
DevExpress.DocumentServices.ServiceModel
DevExpress.DocumentServices.ServiceModel.Client
DevExpress.DocumentServices.ServiceModel.DataContracts
DevExpress.DocumentView
DevExpress.Drawing
DevExpress.Drawing.Extensions
DevExpress.Drawing.Printing
DevExpress.Entity.Model
DevExpress.Entity.ProjectModel
DevExpress.Export
DevExpress.Export.Xl
DevExpress.Map
DevExpress.Mvvm
DevExpress.Mvvm.DataAnnotations
DevExpress.Mvvm.DataModel
DevExpress.Mvvm.Gantt
DevExpress.Mvvm.ModuleInjection
DevExpress.Mvvm.UI
DevExpress.Mvvm.Utils
DevExpress.Mvvm.ViewModel
DevExpress.Mvvm.Xpf
DevExpress.Office.Crypto
DevExpress.PivotGrid.DataBinding
DevExpress.PivotGrid.Printing
DevExpress.Printing
DevExpress.Printing.ExportHelpers
DevExpress.ReportServer.Printing
DevExpress.ReportServer.Printing.Services
DevExpress.ReportServer.ServiceModel.Client
DevExpress.ReportServer.ServiceModel.ConnectionProviders
DevExpress.ReportServer.ServiceModel.DataContracts
DevExpress.Schedule
DevExpress.Security.Resources
AccessPermission
AccessSettings
Members
Constructors
Properties
Methods
CustomAccessRule
DirectoryAccessRule
IAccessRule
IUriAccessRule
UriAccessRule
UrlAccessRule
DevExpress.Services
DevExpress.Sparkline
DevExpress.TreeMap
DevExpress.Utils
DevExpress.Utils.Commands
DevExpress.Utils.Controls
DevExpress.Utils.Filtering
DevExpress.Utils.Filtering.Internal
DevExpress.Utils.Html
DevExpress.Utils.IoC
DevExpress.Utils.Localization
DevExpress.Utils.Serializing
DevExpress.Utils.Serializing.Helpers
DevExpress.Utils.Svg
DevExpress.WebUtils
DevExpress.Xpf.Core
DevExpress.Xpf.Data
DevExpress.Xpf.Printing
DevExpress.Xpo
DevExpress.Xpo.DB
DevExpress.Xpo.DB.Exceptions
DevExpress.Xpo.DB.Helpers
DevExpress.Xpo.Helpers
DevExpress.XtraCharts
DevExpress.XtraCharts.Heatmap
DevExpress.XtraCharts.Heatmap.Printing
DevExpress.XtraCharts.Localization
DevExpress.XtraCharts.Printing
DevExpress.XtraCharts.Sankey
DevExpress.XtraCharts.Sankey.Printing
DevExpress.XtraEditors
DevExpress.XtraEditors.DXErrorProvider
DevExpress.XtraEditors.Filtering
DevExpress.XtraExport.Csv
DevExpress.XtraGauges.Base
DevExpress.XtraGauges.Core
DevExpress.XtraGauges.Core.Base
DevExpress.XtraGauges.Core.Drawing
DevExpress.XtraGauges.Core.Localization
DevExpress.XtraGauges.Core.Model
DevExpress.XtraGauges.Core.Primitive
DevExpress.XtraGrid
DevExpress.XtraPivotGrid
DevExpress.XtraPivotGrid.Customization
DevExpress.XtraPivotGrid.Data
DevExpress.XtraPivotGrid.Localization
DevExpress.XtraPivotGrid.Selection
DevExpress.XtraPrinting
DevExpress.XtraPrinting.BarCode
DevExpress.XtraPrinting.BarCode.EPC
DevExpress.XtraPrinting.Caching
DevExpress.XtraPrinting.DataNodes
DevExpress.XtraPrinting.Drawing
DevExpress.XtraPrinting.Export
DevExpress.XtraPrinting.Export.Web
DevExpress.XtraPrinting.Localization
DevExpress.XtraPrinting.Native
DevExpress.XtraPrinting.Shape
DevExpress.XtraPrinting.Shape.Native
DevExpress.XtraPrinting.WebClientUIControl.DataContracts
DevExpress.XtraPrintingLinks
DevExpress.XtraReports
DevExpress.XtraReports.Configuration
DevExpress.XtraReports.Design
DevExpress.XtraReports.Expressions
DevExpress.XtraReports.Expressions.Native
DevExpress.XtraReports.Parameters
DevExpress.XtraReports.Parameters.ViewModels
DevExpress.XtraReports.ReportGeneration
DevExpress.XtraReports.UI
DevExpress.XtraReports.Web.ReportDesigner
DevExpress.XtraReports.Web.ReportDesigner.DataContracts
DevExpress.XtraReports.Web.WebDocumentViewer
DevExpress.XtraReports.Web.WebDocumentViewer.DataContracts
DevExpress.XtraScheduler
DevExpress.XtraScheduler.Compatibility
DevExpress.XtraScheduler.Drawing
DevExpress.XtraScheduler.Exchange
DevExpress.XtraScheduler.iCalendar
DevExpress.XtraScheduler.iCalendar.Components
DevExpress.XtraScheduler.Localization
DevExpress.XtraScheduler.Native
DevExpress.XtraScheduler.Outlook
DevExpress.XtraScheduler.Outlook.Interop
DevExpress.XtraScheduler.Reporting
DevExpress.XtraScheduler.Services
DevExpress.XtraScheduler.Services.Implementation
DevExpress.XtraScheduler.Tools
DevExpress.XtraScheduler.UI
DevExpress.XtraScheduler.Xml
DevExpress.XtraSpellChecker
DevExpress.XtraSpellChecker.Rules
Download CHM

AccessSettings Class

In This Article
Declaration
Related API Members
Remarks
Inheritance

Allows you to restrict external resource locations for security reasons.

Namespace: DevExpress.Security.Resources

Assembly: DevExpress.Data.v24.2.dll

NuGet Package: DevExpress.Data

#Declaration

public class AccessSettings

#Related API Members

The following members return AccessSettings objects:

#Remarks

The following image illustrates how to use the AccessSettings class to allow or restrict certain resource locations:

AccessSettings

The table below gives a brief overview of all related APIs with links for additional information.

StaticResources

A static property that allows you to specify access settings for images.

DataResources

A static property that allows you to specify access settings for data resources (JSON, Extract, and Excel data sources).

ReportingSpecificResources

A static property that allows you to specify access settings for report style sheets and serialization formats.

SetRules(IAccessRule[])

TrySetRules(IAccessRule[])

Register resource access rules.

DirectoryAccessRule.Allow

A static method that allows access to all or only specified directories.

DirectoryAccessRule.Deny()

A static method that denies access to all or only specified directories.

UrlAccessRule.Allow()

A static method that allows access to all or only specified URLs.

UrlAccessRule.Deny()

A static method that denies access to all or only specified URLs.

You can also create a CustomAccessRule to implement custom logic when a URI is checked.

You can call the SetRules(IAccessRule[]) method only once during a single application run. Subsequent calls raise an exception. This ensures that rules cannot be overridden once specified. Alternatively, use the TrySetRules(IAccessRule[]) method. It does not raise an exception, but returns false.

If no access rules are registered, resources can be loaded from any location.

If you use relative paths, you will receive the following exceptions:

  • NotSupportedException: when you call the CheckUriAccess method to check the relative path’s availability.
  • InvalidOperationException: when you create a UriAccessRule with a relative URL.

Use absolute paths in access settings to avoid exceptions.

Examples

// Allow images to be loaded only from the "C:\\StaticResources\\" file directory and "http://mysite.dev" site
DevExpress.Security.Resources.AccessSettings.StaticResources.SetRules(DirectoryAccessRule.Allow("C:\\StaticResources\\"), UrlAccessRule.Allow("http://mysite.dev"));

// Allow JSON data load only from the "http://mysite.dev" URL
// Prohibit Excel data load (Excel data load from URLs is not supported)
DevExpress.Security.Resources.AccessSettings.DataResources.SetRules(UrlAccessRule.Allow("http://mysite.dev"), DirectoryAccessRule.Deny());

// Allow style sheets to be loaded only from the "C:\\StaticResources\\" file directory
// Deny CodeDOM report layout serialization format
DevExpress.Security.Resources.AccessSettings.ReportingSpecificResources.SetRules(DirectoryAccessRule.Allow("C:\\StaticResources\\"), SerializationFormatRule.Deny(SerializationFormat.CodeDom));

#Inheritance

Object
AccessSettings
See Also