ASP.NET File Manager - Control Role-Based Security Access With Rules (available now in v2011 vol 1)

09 June 2011

Check out the 'ASP.NET File Manager Access Control' video below which shows how you can control security access for the DevExpress ASP.NET File Manager in the DXperience v2011 volume 1 release:

Video: ASP.NET File Manager Security Access Rules

Watch the video to learn how the new 'Access Control' feature helps you manage the ASPxFileManager's security using rules and role based permissions.

Rules, Roles & Permissions

The ASPxFileManager allows you to define access permissions for folders and files using a set of folder/file access rules using the SettingsPermissions.AccessRules collection. And you can also define Roles to further extend the security access of the ASPxFileManager!

The ASPxFileManager.SettingsPermissions.AccessRules property is a collection of rules. There are two types of rules:

  1. Folder rules via FileManagerFolderAccessRule object
  2. File rules via FileManagerFileAccessRule object 

An access rule specifies a path to which it is applied and lists permissions like allowed or denied that are associated with this rule. A Rule with a higher index in the AccessRules collection will have a higher priority. And every rule contains these set of properties:

  • string Path; // the folder or file path that the rule will apply to. (e.g.: Folder1\SubFolder2). You can use the wildcard '*' symbol to denote 'all files' (e.g. Folder3\*.xml)
  • string Role; // allows you to filter rules by a user role (if Role is empty, then the rule will apply to all users)

Roles are applied as a single string using the ASPxFileManager.SettingsPermissions.Role property.

A folder access rule contains these set of permission properties:

  • Rights Browse; // is a permission to view folder
  • Rights Edit: // is a permission to edit the folder and folder's content
  • Rights EditContents // is a permission to edit folder's content
  • Rights Upload // is a permission to upload files to the folder

A file access rule contains the next set of permission's properties:

  • Rights Browse; // is a permission to view files
  • Rights Edit; // is a permission to edit files
  • Rights Download; // is a permission to download files

Rights is the enum type: Rights { Allow, Deny, Default }

Examples

Take a look at the ASPX markup code below to learn various access control scenarios:

1. Two file rules 'Deny' editing of any file except if they have a JPG file extension:

<dx:ASPxFileManager ID="ASPxFileManager1" runat="server">
   <SettingsEditing AllowCreate="true" AllowDelete="true" AllowMove="true" AllowRename="true" />
   <SettingsPermissions>
      <AccessRules>
         <dx:FileManagerFileAccessRule Edit="Deny" Path="*" />
         <dx:FileManagerFileAccessRule Edit="Allow" Path="*.jpg" />
      </AccessRules>
   </SettingsPermissions>
</dx:ASPxFileManager>

2. One folder rule to 'Deny' the browse action of the 'Admin' folder:

<dx:ASPxFileManager ID="ASPxFileManager1" runat="server">
   <SettingsPermissions>
      <AccessRules>
         <dx:FileManagerFolderAccessRule Browse="Deny" Path="Admin" />
      </AccessRules>
   </SettingsPermissions>
</dx:ASPxFileManager>

3. One folder rule to 'Deny' the Edit action of the ReadOnly folder:

<dx:ASPxFileManager ID="ASPxFileManager1" runat="server">
   <SettingsEditing AllowCreate="true" AllowDelete="true" AllowMove="true" AllowRename="true" />
   <SettingsPermissions>
      <AccessRules>
         <dx:FileManagerFolderAccessRule Edit="Deny" Path="ReadOnly" />
      </AccessRules>
   </SettingsPermissions>
</dx:ASPxFileManager>

4. Two folder rules to 'Deny' the upload action for all folders except the UploadFolder folder:

<dx:ASPxFileManager ID="ASPxFileManager1" runat="server">
   <SettingsPermissions>
      <AccessRules>
         <dx:FileManagerFolderAccessRule Upload="Deny" Path="" />
         <dx:FileManagerFolderAccessRule Upload="Allow" Path="UploadFolder" />
      </AccessRules>
   </SettingsPermissions>
</dx:ASPxFileManager>

5. In this sample, only the 'Admin' role is allowed to edit files. All non-admin users are set to 'Deny' the edit action:

Default.aspx:

<dx:ASPxFileManager ID="ASPxFileManager1" runat="server">
   <SettingsPermissions>
      <AccessRules>
         <dx:FileManagerFolderAccessRule Edit="Deny" Path="" />
         <dx:FileManagerFolderAccessRule Edit="Allow" Path="" Role=”Admin” />
      </AccessRules>
   </SettingsPermissions>
</dx:ASPxFileManager>

Default.aspx.cs:

ASPxFileManager1.SettingsPermissions.Role = User.IsAdmin ? “Admin” : string.Empty;

Summary

You can easily set up access rules for folders (including their files and child folders) and individual files using the ASPxFileManager's Rules, Roles and Permissions settings.

Are you excited about the new access control feature of the ASPxFileManager? Drop me a line below with your thoughts, thanks!

Save time and money...

Save time and money with high quality pre-built components for ASP.NET, Windows Forms, WPF, Silverlight and VCL as well as IDE Productivity Tools and Business Application Frameworks, all backed by world-class service and support. Our technologies help you build your best, see complex software with greater clarity, increase your productivity and create stunning applications for Windows and Web in the shortest possible time.

Try a fully-functional version of DXperience for free now: http://www.devexpress.com/Downloads/NET/

Follow MehulHarry on Twitter

4 comment(s)
Shahid Malek 1

is this control support sorting (clicking header) like windows explorer ?

if not then how can we sort the data ?

sorting method should be very simple with no extra coding

9 June, 2011
Marion (DevExpress Support)

Hello Shahid Malek,

At present ASPxFileManager does not support sorting via a header click, because the ASPxFileManager layout has no header. I would like to note that we have an appropriate suggestion to this feature:

S36152

However, you can utilize the sorting mechanism as described below:

Q326778

9 June, 2011
Joe Roberts

Great job guys! This will save me a lot of time.

Woo hoo! finally we get the final bits for v2011 vol 1. Now I have to get to work on updates for customers.

9 June, 2011
Mehul Harry (DevExpress)

Thanks Joe!

10 June, 2011

Please login or register to post comments.