Access Control
1 Mar 202224 minutes to read
The FileManager allows you to define access permissions for folders and files using a set of access rules to user(s).
Access Rules
The FileAccessController allows you to define security permissions for folders and files using a set of folder or file access rules.
To set up access rules for folders (including their files and sub-folders) and individual files, use the SetRules() method. The following table represents the AccessRule properties available for file and folder:
Properties | Applicable for file | Applicable for folder | Description |
---|---|---|---|
Copy | Yes | Yes | Allows access to copy a file or folder. |
Read | Yes | Yes | Allows access to read a file or folder. |
Write | Yes | Yes | Allows permission to write a file or folder. |
WriteContents | No | Yes | Allows permission to write the content of folder. |
Download | Yes | Yes | Allows permission to download a file or folder. |
Upload | No | Yes | Allows permission to upload to the folder. |
Path | Yes | Yes | Specifies the path to apply the rules, which are defined. |
Role | Yes | Yes | Specifies the role to which the rule is applied. |
IsFile | Yes | Yes | Specifies whether the rule is specified for folder or file. |
The following syntax represents the access Rules for Administrator using file or folder.
//Adminstrator
//Access Rules for File
new AccessRule { Path = "/*.*", Role = "Administrator", Read = Permission.Allow, Write = Permission.Allow, Copy = Permission.Allow, Download = Permission.Allow, IsFile = true },
// Access Rules for folder
new AccessRule { Path = "*", Role = "Administrator", Read = Permission.Allow, Write = Permission.Allow, Copy = Permission.Allow, WriteContents = Permission.Allow, Upload = Permission.Allow, Download = Permission.Deny, IsFile = false },
The following syntax represent the access Rules for Default user using file or folder.
//Default User
//Access Rules for File
new AccessRule { Path = "/*.*", Role = "Default User", Read = Permission.Deny, Write = Permission.Deny, Copy = Permission.Deny, Download = Permission.Deny, IsFile = true },
// Access Rules for folder
new AccessRule { Path = "*", Role = "Default User", Read = Permission.Deny, Write = Permission.Deny, Copy = Permission.Deny, WriteContents = Permission.Deny, Upload = Permission.Deny, Download = Permission.Deny, IsFile = false },
Permissions
It helps to explain how to apply security permission to file manager file or folder using access rules. The following table represent the value that determines the permission.
Value | Description |
---|---|
Allow | Allows you to do read, write, copy, and download operations. |
Deny | Denies you to do read, write, copy, and download operations. |
Use the Role
property to apply created roles to the file manager. After that, the file manager displays folder or file and allow permisssion based on assigned roles.
The following syntax represent how to apply permission based on assigned roles.
- Permission denied for administrator to write a file or folder.
// For file
new AccessRule { Path = "/*.*", Role = "Administrator", Read = Permission.Allow, Write = Permission.Deny, IsFile = true},
// For folder
new AccessRule { Path = "*", Role = "Administrator", Read = Permission.Allow, Write = Permission.Deny, IsFile = false},
The following syntax represent how to allow or deny permission based on file or folder access rule.
- Permission denied for writing except for particular file or folder.
// Deny writing for particular folder
new AccessRule { Path = "/Documents", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Deny, Copy = Permission.Allow, WriteContents = Permission.Deny, Upload = Permission.Deny, Download = Permission.Deny, IsFile = false },
// Deny writing for particular file
new AccessRule { Path = "/Documents/2.png", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Deny, Copy = Permission.Deny, Download = Permission.Deny, IsFile = true },
- Permission denied for writing and uploading in root folder.
// Folder Rule
new AccessRule { Path = "/", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Deny, Copy = Permission.Deny, WriteContents = Permission.Deny, Upload = Permission.Deny, Download = Permission.Deny, IsFile = false },
The following example demonstrate the file manager rendered with access control support.
<div class="control-section">
<div class="sample-container">
<!-- Declare filemanager element -->
@Html.EJS().FileManager("filemanager").AjaxSettings(new Syncfusion.EJ2.FileManager.FileManagerAjaxSettings
{
Url = "/Home/FileOperations",
GetImageUrl = "/Home/GetImage",
UploadUrl = "/Home/Upload",
DownloadUrl = "/Home/Download"
}).Render()
<!-- end of filemanager element -->
</div>
</div>
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web.Mvc;
//File Manager's base functions are available in the below package
using Syncfusion.EJ2.FileManager.Base;
//File Manager's operations are available in the below package
using Syncfusion.EJ2.FileManager.PhysicalFileProvider;
using Newtonsoft.Json;
using System.Web.Hosting;
namespace WebApplication.Controllers
{
public class HomeController : Controller
{
// Accessing the File Operations from File Manager package
PhysicalFileProvider operation = new PhysicalFileProvider();
public HomeController()
{
// Map the path of the files to be accessed with the host
var path = HostingEnvironment.MapPath("~/Content/Files");
// Assign the mapped path as root folder
operation.RootFolder(path);
// Set Rules for folder and file Access
operation.SetRules(GetRules());
}
public ActionResult FileOperations(FileManagerDirectoryContent args)
{
// Processing the File Manager operations
switch (args.Action)
{
case "read":
return Json(operation.ToCamelCase(operation.GetFiles(args.Path, args.ShowHiddenItems)));
case "delete":
return Json(operation.ToCamelCase(operation.Delete(args.Path, args.Names)));
case "copy":
return Json(operation.ToCamelCase(operation.Copy(args.Path, args.TargetPath, args.Names, args.RenameFiles, args.TargetData)));
case "move":
return Json(operation.ToCamelCase(operation.Move(args.Path, args.TargetPath, args.Names, args.RenameFiles, args.TargetData)));
case "details":
if (args.Names == null)
{
args.Names = new string[] { };
}
return Json(operation.ToCamelCase(operation.Details(args.Path, args.Names)));
case "create":
return Json(operation.ToCamelCase(operation.Create(args.Path, args.Name)));
case "search":
return Json(operation.ToCamelCase(operation.Search(args.Path, args.SearchString, args.ShowHiddenItems, args.CaseSensitive)));
case "rename":
return Json(operation.ToCamelCase(operation.Rename(args.Path, args.Name, args.NewName)));
}
return null;
}
public ActionResult Upload(string path, IList<System.Web.HttpPostedFileBase> uploadFiles, string action)
{
FileManagerResponse uploadResponse;
uploadResponse = operation.Upload(path, uploadFiles, action, null);
return Content("");
}
public ActionResult Download(string downloadInput)
{
FileManagerDirectoryContent args = JsonConvert.DeserializeObject<FileManagerDirectoryContent>(downloadInput);
return operation.Download(args.Path, args.Names);
}
public ActionResult GetImage(FileManagerDirectoryContent args)
{
return operation.GetImage(args.Path, args.Id, false, null, null);
}
public AccessDetails GetRules()
{
AccessDetails accessDetails = new AccessDetails();
List<AccessRule> Rules = new List<AccessRule> {
// FileRules For Default User
new AccessRule { Path = "/*.*", Role = "Default User", Read = Permission.Deny, Write = Permission.Deny, Copy = Permission.Deny, Download = Permission.Deny, IsFile = true },
// FileRules For Administrator
new AccessRule { Path = "/*.*", Role = "Administrator", Read = Permission.Allow, Write = Permission.Allow, Copy = Permission.Allow, Download = Permission.Allow, IsFile = true },
// FileRules For Document Manager
new AccessRule { Path = "/*.*", Role = "Document Manager", Read = Permission.Deny, Write = Permission.Deny, Copy = Permission.Deny, Download = Permission.Deny, IsFile = true },
new AccessRule { Path = "/Documents/*.*", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Allow, Copy = Permission.Allow, Download = Permission.Allow, IsFile = true },
new AccessRule { Path = "/*.png", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Deny, Copy = Permission.Deny, Download = Permission.Deny, IsFile = true },
new AccessRule { Path = "/Documents/*.png", Role = "Document Manager", Read = Permission.Deny, Write = Permission.Allow, Copy = Permission.Deny, Download = Permission.Allow, IsFile = true },
new AccessRule { Path = "/2.*", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Allow, Copy = Permission.Deny, Download = Permission.Deny, IsFile = true },
new AccessRule { Path = "/Documents/2.*", Role = "Document Manager", Read = Permission.Deny, Write = Permission.Deny, Copy = Permission.Deny, Download = Permission.Allow, IsFile = true },
new AccessRule { Path = "/2.png", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Allow, Copy = Permission.Deny, Download = Permission.Allow, IsFile = true },
new AccessRule { Path = "/Documents/2.png", Role = "Document Manager", Read = Permission.Deny, Write = Permission.Deny, Copy = Permission.Deny, Download = Permission.Deny, IsFile = true },
new AccessRule { Path = "/text", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Allow, Copy = Permission.Deny, Download = Permission.Allow, IsFile = true },
new AccessRule { Path = "/Documents/text", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Deny, Copy = Permission.Deny, Download = Permission.Deny, IsFile = true },
// FolderRules For Default User
new AccessRule { Path = "*", Role = "Default User", Read = Permission.Deny, Write = Permission.Deny, Copy = Permission.Deny, WriteContents = Permission.Deny, Upload = Permission.Deny, Download = Permission.Deny, IsFile = false },
new AccessRule { Path = "/", Role = "Default User", Read = Permission.Allow, Write = Permission.Deny, Copy = Permission.Deny, WriteContents = Permission.Deny, Upload = Permission.Deny, Download = Permission.Deny, IsFile = false },
// FolderRules For Administrator
new AccessRule { Path = "*", Role = "Administrator", Read = Permission.Allow, Write = Permission.Allow, Copy = Permission.Allow, WriteContents = Permission.Allow, Upload = Permission.Allow, Download = Permission.Deny, IsFile = false },
new AccessRule { Path = "/", Role = "Administrator", Read = Permission.Allow, Write = Permission.Deny, Copy = Permission.Allow, WriteContents = Permission.Allow, Upload = Permission.Allow, Download = Permission.Deny, IsFile = false },
// FolderRules For Document Manager
new AccessRule { Path = "*", Role = "Document Manager", Read = Permission.Deny, Write = Permission.Deny, Copy = Permission.Deny, WriteContents = Permission.Deny, Upload = Permission.Deny, Download = Permission.Deny, IsFile = false },
new AccessRule { Path = "/", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Deny, Copy = Permission.Deny, WriteContents = Permission.Deny, Upload = Permission.Deny, Download = Permission.Deny, IsFile = false },
new AccessRule { Path = "/Documents", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Deny, Copy = Permission.Allow, WriteContents = Permission.Allow, Upload = Permission.Allow, Download = Permission.Deny, IsFile = false },
new AccessRule { Path = "/Documents/*", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Allow, Copy = Permission.Allow, WriteContents = Permission.Allow, Upload = Permission.Allow, Download = Permission.Allow, IsFile = false },
new AccessRule { Path = "/Music.png", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Allow, Copy = Permission.Allow, WriteContents = Permission.Allow, Upload = Permission.Allow, Download = Permission.Allow, IsFile = false },
new AccessRule { Path = "/Documents/Music.png", Role = "Document Manager", Read = Permission.Allow, Write = Permission.Allow, Copy = Permission.Allow, WriteContents = Permission.Allow, Upload = Permission.Deny, Download = Permission.Deny, IsFile = false },
};
accessDetails.AccessRules = Rules;
accessDetails.Role = "Document Manager";
return accessDetails;
}
public ActionResult Index()
{
return View();
}
}
}
Output be like the below, when write the documents folder.