AspUpload is capable of setting and changing NTFS permissions on uploaded files
via the methods File.AllowAccess, File.DenyAccess,
File.RevokeAllowance and File.RevokeDenial.
The methods AllowAccess and DenyAccess add an allowance access control
entity (ACE) and a denial ACE, respectively,
to the file's Access Control List (ACL). These methods expect an NT username
or group name, and a set of flags, as parameters.
The methods RevokeAllowance and RevokeDenial
remove an allowance and denial ACE, respectively, from the file's ACL.
The sample files access.asp and access_upload.asp
demonstrate the usage of the NTFS methods by allowing
a user to select a file, specify a username/password to impersonate,
an account to call AllowAccess on, and an account to call DenyAccess on.
This is what the file access_upload.asp looks like:
Set Upload = Server.CreateObject("Persits.Upload")
' We use memory uploads, so we must limit file size
Upload.SetMaxSize 100000, True
' Save to memory so that we can access form items before file hits the disk
Username = Upload.Form("username")
Password = Upload.Form("password")
If Username <> "" Then
' Specify domain name in first parameter, if necessary
Upload.LogonUser "", Username, Password
AllowName = Upload.Form("ALLOW")
DenyName = Upload.Form("DENY")
' Save files to disk
For Each File in Upload.Files
File.SaveAs "c:\upload\" & File.FileName
Response.Write "File " & File.Path & " saved.<BR>"
' Set allowance
If AllowName <> "" Then
File.AllowAccess AllowName, GENERIC_ALL
Response.Write "User " & AllowName & " granted access on file " & File.Path & "<BR>"
' Set denials
If DenyName <> "" Then
File.DenyAccess DenyName, GENERIC_ALL
Response.Write "User " & DenyName & " denied access on file " & File.Path & "<BR>"
Note that this file uses the constant GENERIC_ALL to grant/deny full access to the file.
This constant, along with other permission flags and file attributes, is defined
in the file AspUpload.inc which is included in this ASP page using the directive
Some of the valid flag combination for the AllowAccess and DenyAccess methods include:
Read (RX):GENERIC_READ + FILE_GENERIC_EXECUTE
Change(RWXD): GENERIC_READ + GENERIC_WRITE + FILE_GENERIC_EXECUTE + DELETE
Full Control (All): GENERIC_ALL
Click the link below to run this code sample: