[Expand]General Information
[Collapse]WinForms Controls
  .NET Core Support
 [Expand]What's Installed
 [Expand]Build an Application
 [Collapse]Controls and Libraries
  [Expand]Forms and User Controls
  [Expand]Messages, Notifications, and Dialogs
  [Expand]Editors and Simple Controls
  [Expand]Ribbon, Bars and Menu
  [Expand]Application UI Manager
  [Expand]Docking Library
  [Expand]Data Grid
  [Expand]Vertical Grid
  [Expand]Property Grid
  [Expand]Pivot Grid
  [Expand]Tree List
  [Expand]Gantt Control
  [Expand]Chart Control
  [Expand]Map Control
  [Collapse]Rich Text Editor
   [Expand]Product Information
    Product Class Structure
    Supported Formats
   [Expand]Getting Started
   [Expand]RichEditControl Document
    Text Formatting
    Import and Export
   [Expand]Page Layout
    Spell Checking
    AutoCorrect Feature
    Track Changes
    Mail Merge
    Restrictions and Protection
   [Expand]Visual Elements
    Keyboard Shortcuts
    HTML Tag Support
  [Expand]Spell Checker
  [Expand]Form Layout Managers
  [Expand]Navigation Controls
  [Expand]PDF Viewer
  [Expand]TreeMap Control
  [Expand]Sunburst Control
 [Expand]Common Features
  Get More Help
 [Expand]API Reference
[Expand]ASP.NET Controls and MVC Extensions
[Expand]ASP.NET Bootstrap Controls
[Expand]ASP.NET Core Bootstrap Controls
[Expand]WPF Controls
[Expand]Xamarin Controls
[Expand]Windows 10 App Controls
[Expand]Office File API
[Expand]Report and Dashboard Server
[Expand]eXpressApp Framework
[Expand]eXpress Persistent Objects
[Expand]CodeRush Classic
[Expand]Cross-Platform Core Libraries
[Expand]Tools and Utilities
 End-User Documentation
View this topic on docs.devexpress.com (Learn more)

Restrictions and Protection

This topic describes how to prevent end-users from document modification. The Rich Text Editor provides three ways of solving this task: forbid editing the entire document restrict performing certain operations and prevent inserting unnecessary elements

Expanded Restrict Document Modification

You can restrict document modification using the Document.Protect method. This method sets the password, and specifies actions allowed for the protected document (the DocumentProtectionType enumeration values). The Document.IsDocumentProtected property indicates whether content modification protection is enabled.

Use the Document.Unprotect method to disable protection. Note that it unlocks the document without a password request.


The protection mechanism described above affects only the document modification.

Expanded Open and Save Password-Encrypted Files

The RichEditControl allows you to load and save password-encrypted files.

Open an Encrypted File

Specify the RichEditDocumentImportOptions.EncryptionPassword property to decrypt a loaded file. The table below lists a chain of events raised if the EncryptionPassword property is not specified or returns an invalid password.

Event Description
RichEditControl.EncryptedFilePasswordRequested Fires if the EncryptionPassword property is not specified or returns an invalid password. Use the EncryptedFilePasswordRequestedEventArgs.Password property to specify a new password.
RichEditControl.EncryptedFilePasswordCheckFailed Occurs if the EncryptedFilePasswordRequestedEventArgs.Password is set to an empty or invalid password. Handle this event to obtain the error that led to this event (EncryptedFilePasswordCheckFailedEventArgs.Error) and determine whether to prompt a user for a password (EncryptedFilePasswordCheckFailedEventArgs.TryAgain).
RichEditControl.DecryptionFailed Raised if the TryAgain property is not specified or set to false. This event also occurs if the RichEditControl fails to open an encrypted file. The DecryptionFailedEventArgs.Exception property indicates the exception that led to this event.

The code sample below shows how to handle the RichEditControl.EncryptedFilePasswordRequested and RichEditControl.EncryptedFilePasswordCheckFailed events to prompt users to enter a password. If the user cancels the operation, the RichEditControl creates an empty file.


A complete code sample project is available at the Document Encryption (Simple Example) repository on GitHub.

The RichEditControl.EncryptedFileIntegrityCheckFailed event occurs if the document did not pass the code verification.

Encrypt a Document with a Password

Use the Document.Encryption property to access the document encryption options. The code sample belows shows how to encrypt the document with password and save the result:

Call the RichEditControl.SaveDocument(String, DocumentFormat, EncryptionSettings) (see RichEditControl.SaveDocument) method overload to password-protect the document on save. Use the EncryptionSettings object properties to specify password and protection type.

Expanded Grant Permission to Users

Create Range Permissions as described in the steps below to allow certain users to edit parts of a protected document.

  1. Set the users and user group lists. The default users list is empty and the user group list contains predefined entries (Everyone, Administrators, Contributors, Owners, Editors and Current User). To use a custom list of users or user groups, provide a custom service implementing the IUserListService or IUserGroupListService interface and register this service with the DevExpress.XtraRichEdit.RichEditControl.ReplaceService``1 method. The RichEditControl does not associate users with groups, so user names and group names are independent.

  2. The edit permission is given depending on the authentication credentials. To define the identity of the current user, use the AuthenticationOptions class properties.

  3. Call the SubDocument.BeginUpdateRangePermissions method to access the document range permissions collection.
  4. Create a new RangePermission object using the RangePermissionCollection.CreateRangePermission method.
  5. Utilize the RangePermission.UserName and/or RangePermission.Group properties to specify the specific user and/or the group of users that are eligible to edit the document.

    The table below shows what properties should have the same value to make the range editable to the current user.

    This property value

    Should be equal to







  6. Add the created object to the corresponding collection.
  7. Finalize the modification with the SubDocument.EndUpdateRangePermissions method.
  8. Enable document protection as described above

  9. Customize the appearance of the protected ranges in the document. At runtime, they are highlighted with a certain color and enclosed with bookmark brackets. By default, the highlighting color is selected from a predefined colors collection. This is done to specify different highlighting colors for ranges that belong to different user groups. There is no straightforward way to change these colors manually.

    You can set the highlighting options to the ranges that are editable to the current user only. To do that, use the RangePermissionOptions properties. They can be accessed through the Options.RangePermissions notation.

Expanded Restrict Performing Operations

Protect the document from editing, copying or printing by restricting the corresponding functions. To perform the restriction, access the desired operation using the RichEditControlOptionsBase.Behavior property and specify its behavior. Depending on the selected property value, the application menu buttons that correspond to restricted operations can be disabled or hidden. Additionally, you can prevent the showing of the context menu. To do that, use the RichEditBehaviorOptions.ShowPopupMenu property.

The code execution result is illustrated in the picture below. Such buttons as Print, Quick Print and Print Preview are disabled, whereas the Copy item is hidden from the context menu.

Expanded Restrict Using Document Elements

You can also forbid the formatting of characters and paragraphs or the use of certain document elements, such as pictures, tables, fields, etc.

These restrictions can be specified by the RichEditControlOptionsBase.DocumentCapabilities property, as illustrated in the following code sample.

Similar with operation restrictions, the application menu items that correlate with the forbidden actions can be hidden or disabled. If a document is loaded after certain restrictions are applied, the corresponding characteristics are set to default and the restricted objects are not created. In case of the floating objects, the existing floating pictures are converted into inline pictures, whereas the text boxes and their contents are hidden.

Expanded See Also

Is this topic helpful?​​​​​​​