Log In
[Expand]General Information
[Expand]WinForms Controls
[Collapse]ASP.NET Controls and MVC Extensions
 [Expand]What's Installed
 [Expand]Common Concepts
 [Collapse]ASP.NET WebForms Controls
  [Expand]Chart Control
  [Expand]Grid View
  [Expand]Card View
  [Expand]Vertical Grid
  [Expand]Rich Text Editor
  [Expand]Image and Data Browsing
  [Expand]Docking and Popups
  [Expand]Site Navigation and Layout
  [Collapse]File Management
   [Expand]Product Information
   [Collapse]File Manager
     ASPxFileManager Overview
      View Modes
      Custom Columns
      Uploading Files
      File Download
      Context Menu
     [Collapse]Access Control Overview
       Access Rules
     [Expand]File System Providers
      Security Considerations
    [Expand]Visual Elements
    [Expand]Member Tables
   [Expand]File Upload
  [Expand]Multi-Use Site Controls
  [Expand]HTML Editor
  [Expand]Pivot Grid
  [Expand]Tree List
  [Expand]Data Editors
  [Expand]Spell Checker
  [Expand]Query Builder
 [Expand]ASP.NET MVC Extensions
 [Expand]Redistribution and Deployment
  Get More Help
 [Expand]API Reference
[Expand]ASP.NET Bootstrap Controls
[Expand]ASP.NET Core Bootstrap Controls
[Expand]WPF Controls
[Expand]Xamarin Controls
[Expand]Windows 10 App Controls
[Expand]Document Server
[Expand]Report Server
[Expand]eXpressApp Framework
[Expand]CodeRush Classic
[Expand]Cross-Platform Core Libraries
[Expand]Tools and Utilities
 End-User Documentation


This topic illustrates how to apply security permissions to ASPxFileManager's files and folders to deny or permit a user's access.


Refer to the Access Rules topic to permit or deny access to files and folders using predefined access rules.

File/folder permissions are used in the following cases:

  • To restrict access to an individual file/folder.
  • To implement a complicated logic for user access to files/folders when using Access Rules is not enough.

To define a user's access to individual files and folders, use a custom file system provider and the following method overloads:

The FileManagerFilePermissions and FileManagerFolderPermissions enumerations values determine file and folder permissions:

Permission File Folder Description
Default + + Access rules define File/Folder permissions.
Rename + + Permits renaming a file/folder.
Move + + Permits moving a file/folder.
Copy + + Permits copying a file/folder.
Delete + + Permits deleting a file/folder.
Download + - Permits downloading a file.
Create - + Permits creating a folder.
Upload - + Permits uploading a folder.
MoveOrCopyInto - + Permits moving or copying files and folders into the current folder.

To specify complicated security rules, combine permissions and access rules. Access rules are used to assign an access level to the whole file system or part of it. Permissions control files' and folders' security level.


Permissions have priority over access rules if both access rules and permissions are applied to a specific file/folder.

The following code sample illustrates how to restrict all editing operations for the whole provider's file system:

Unlike Access Rules, folder permissions are not applied to subfolders and files. For example, a user can delete a folder but cannot delete a file in this folder. If a user deletes the folder, the file deletion depends on the file system provider's DeleteFolder method implementation.

The permission mechanism does not allow displaying or hiding a folder/file like access rules (the Browse property). To implement this functionality using permissions, do not include these files/folders in the GetFiles/GetFolders functions' resulting values.

Online Example

Refer to the online example for details on how to create a custom FileSystem provider and assign permissions to each folder or file.

Is this topic helpful?​​​​​​​