Log In
[Expand]General Information
[Expand]WinForms Controls
[Collapse]ASP.NET Controls and MVC Extensions
 [Expand]What's Installed
 [Expand]Common Concepts
 [Collapse]ASP.NET WebForms Controls
  [Expand]Chart Control
  [Expand]Grid View
  [Expand]Card View
  [Expand]Vertical Grid
  [Expand]Rich Text Editor
  [Expand]Image and Data Browsing
  [Expand]Docking and Popups
  [Expand]Site Navigation and Layout
  [Collapse]File Management
   [Expand]Product Information
   [Collapse]File Manager
     ASPxFileManager Overview
      View Modes
      Custom Columns
      Uploading Files
      File Download
      Context Menu
      Access Control
     [Expand]File System Providers
      Security Issues
    [Expand]Visual Elements
    [Expand]Member Tables
   [Expand]File Upload
  [Expand]Multi-Use Site Controls
  [Expand]HTML Editor
  [Expand]Pivot Grid
  [Expand]Tree List
  [Expand]Data Editors
  [Expand]Spell Checker
  [Expand]Query Builder
 [Expand]ASP.NET MVC Extensions
 [Expand]Redistribution and Deployment
  Get More Help
 [Expand]API Reference
[Expand]ASP.NET Bootstrap Controls
[Expand]WPF Controls
[Expand]Xamarin Controls
[Expand]Windows 10 App Controls
[Expand]Document Server
[Expand]Report Server
[Expand]eXpressApp Framework
[Expand]Cross-Platform Core Libraries
[Expand]Tools and Utilities
 End-User Documentation

Access Control

ASPxFileManager allows you to define access permissions for folders and files using a set of folder/file access rules (the FileManagerSettingsPermissions.AccessRules collection). Rules are indexed within a collection. This allows you to control the rules' priority. A rule with a higher index has a higher priority.

You can easily set up access rules for folders (including their files and child folders) and individual files using FileManagerFolderAccessRule and FileManagerFileAccessRule elements respectively. The table below lists the access rule properties that are available for file and folder access rules.

Rule Properties File Access Rule Folder Access Rule Description
Path + + A path to which the rule is applied
Role + + A role to which the rule is applied
Browse + + A permission to view a file/folder
Download + - A permission to download a file
Edit + + A permission to edit a file/folder and its content (for folders)
Edit Content - + A permission to edit folder content
Upload - + A permission to upload files to a folder

The permissions are determined by the Rights enumeration values:

Value Description
Allow Rights.Allow The action is allowed within the access rule.
Deny Rights.Deny The action is denied within the access rule.
Default Rights.Default The action has the identical permission as the current item (file or folder) parent element. If it does not exist, the permission corresponds to the Allow permission.

You can associate any number of access rules with specific security roles. This allows grouping related permissions together. To associate an access rule with a security role, assign the role's name to the rule's Role property. Related access rules should be assigned matching role names.

Any created role can be enforced on the ASPxFileManager via its FileManagerSettingsPermissions.Role property. After that, the file manager will display folders and files, and provide access permissions to them based on the assigned role.


ASPxFileManager doesn't allow an end-user to edit a folder that contains files or folders with denied access.

Expanded Examples

How to deny editing files except JPG files:

How to deny browsing the 'Admin' folder:

How to deny editing the 'ReadOnly' folder:

How to deny uploading any folders except 'UploadFolder' folder:

How to deny non-admin users permission to edit files:

How would you rate this topic?​​​​​​​