FileOrDir Object

Overview

The FileOrDir object represents an NTFS file or directory. This object enables you to manipulate the Discretionary Access Control List (DACL) and attributes of the underlying file or directory. The Access Control List of each FileOrDir object has two components: an Allowance list and a Denial list. Each list consists of zero or more Access Control Entities (ACEs) each representing an individual permission. A FileOrDir object can be obtained via the UserManager.File method.

Member List

Properties


AllowanceCount As Long (Read-only)
Specifies the amount of ACE objects in this file's Allowance list.

Attributes As Long (Read/Write)
Specifies file attributes. Can be a combination of File Attribute flags defined in AspUser.inc such as FILE_ATTRIBUTE_READONLY, FILE_ATTRIBUTE_HIDDEN, etc. Use CheckAttribute method to check whether a particular attribute flag is set.

DenialCount As Long (Read-only)
Specifies the amount of ACE objects in this file's Denial list.

Path As String (Read-only)
Returns the path of the underlying file or directory (default property).

Methods


Sub AllowAccess(AccountName As String, AccessMask As Long)
Adds an Allowance ACE corresponding to the specified account to this file's DACL. The account is looked up on the server specified by the AU.Server property, or local machine if AU.Server is empty. AccessMask can be set to GENERIC_ALL (&H10000000) as well combinations (sums) of other access type values defined in the file AspUser.inc. Flag Combinations for Standard Permissions:
  • Read (RX):GENERIC_READ + FILE_GENERIC_EXECUTE
  • Change(RWXD): GENERIC_READ + GENERIC_WRITE + FILE_GENERIC_EXECUTE + DELETE
  • Full Control (All): GENERIC_ALL

Function CheckAttribute(FileAttr As Long) As Boolean
Returns True if the given file attribute is set, False otherwise. FileAttr must be one of the File Attribute flags defined in AspUser.inc.

Sub DenyAccess(AccountName As String, AccessMask As Long)
Adds a Denial ACE corresponding to the specified account to this file's DACL. The account is looked up on the server specified by the AU.Server property, or local machine if AU.Server is empty. Access mask must be set to GENERIC_ALL.

Function GetAllowanceAce(Index As Integer) As IAce
Returns an ACE object from the Allowance section of this file's DACL specified by a 1-based Index. The total number of ACEs in the allowance section can be obtained via the AllowanceCount property.

Function GetDenialAce(Index As Integer) As IAce
Returns an ACE object from the Denial section of this file's DACL specified by a 1-based Index. The total number of ACEs in the denial section can be obtained via the DenialCount property.

Sub RevokeAllowance(AccountName As String)
Removes an Allowance ACE corresponding to the specified account from this file's DACL.

Sub RevokeAllAllowances()
Removes all Allowance ACEs from this file's DACL.

Sub RevokeAllDenials()
Removes all Denial ACEs from this file's DACL.

Sub RevokeDenial(AccountName As String)
Removes a Denial ACE corresponding to the specified account from this file's DACL.

Sub SetOwner(AccountName As String)
Sets the owner of this file.