This is a migrated thread and some comments may be shown as answers.

Handling access to path x is denied - overriding directorylister?

4 Answers 199 Views
FileExplorer
This is a migrated thread and some comments may be shown as answers.
James
Top achievements
Rank 1
James asked on 21 May 2010, 10:38 AM

Hi, we have a scenario as follows:

We are using impersonation to send the windows credentials of the logged in user (NOT ASP user) to the file system.

The token is checked and the appropriate folders are displayed for that user.

The root folder is set to allow all users to view the contents of THIS FOLDER ONLY. Permissions are then set via NTFS per folder under the root folder.

SO EVERYONE CAN SEE THE LIST OF FOLDER UNDER THE ROOT FOLDER.

If we have 3 folders under the root folder, I want to list these 3 folders for the user. If they then try to navigate to one of the sub folders, the user’s NTFS permissions are  used to determine if they can enter the folder, and if so, if they can read/write, etc in that folder.

 

This all works with the radfileexplorer EXCEPT that if a user does not have read or write permissions to one of the sub folders the control first triggers a windows challenge response, then you get an access to path “x” is denied error.

This behaviour is fine, as long as I can TRAP and handle this. I assume I need to override either the  
FileSystemContentProvider.ResolveRootDirectoryAsTree function or
DirectoryLister.GetDirectory function.

 

I assume the problem is that the file explorer control is reading the root folder, then trying to read the contents of the sub folders in the root. As the user does not have any permissions to this folder, this causes the problem.

The only change I want to make is that it either doesn’t attempt to read sub folders when creating the root (I assume this is done in resolverootdirectoryastree).

If the user then tried to access a folder that they do not have access to, I would like to be able to handle this as well.

I have a much simpler page which has this functionality. When I list the files and fodlers in a direcotyr I simply encapsulate it in a try and catch – this allows me to handle the access is denied error:

 

Try

            Dim arrFiles As New ArrayList

            arrFiles.AddRange(myDir.GetFiles)

 

            Dim arrFolders As New ArrayList

            arrFolders.AddRange(myDir.GetDirectories)

        Catch ex As Exception

            Literal1.Text = ("<script language=""javascript"">alert('Error reading path: " & myDir.FullName.Replace(lblRootPath.Text, "[Root Folder]\").Replace("\", "\\") & "\n\n" & ex.Message.Replace(lblRootPath.Text, "[Root Folder]\").Replace("\", "\\").Replace("'", "\'") & "');</script>")

 

        End Try

 

The trace for the error is below:

UnauthorizedAccessException: Access to the path 'C:\denzien_docs\james cannot get in here' is denied.]

   System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) +2001955

   System.IO.Directory.InternalGetFileDirectoryNames(String path, String userPathOriginal, String searchPattern, Boolean includeFiles, Boolean includeDirs, SearchOption searchOption) +1817

   System.IO.DirectoryInfo.GetDirectories(String searchPattern, SearchOption searchOption) +57

   System.IO.DirectoryInfo.GetDirectories() +11

   Telerik.Web.UI.Widgets.DirectoryLister.GetDirectories(DirectoryInfo directory, String parentPath) +24

   Telerik.Web.UI.Widgets.DirectoryLister.GetDirectory(DirectoryInfo dir, String virtualName, String location, String fullPath, String tag) +150

   Telerik.Web.UI.Widgets.FileSystemContentProvider.ResolveRootDirectoryAsTree(String path) +210

   Telerik.Web.UI.RadFileExplorer.HasSubFolders(String virtualPath) +73

   Telerik.Web.UI.RadFileExplorer.PopulateTreeNode(RadTreeNode currNode) +315

   Telerik.Web.UI.RadFileExplorer.BindExplorer() +627

   Telerik.Web.UI.RadFileExplorer.OnLoad(EventArgs e) +166

   System.Web.UI.Control.LoadRecursive() +47

   System.Web.UI.Control.LoadRecursive() +131

   System.Web.UI.Control.LoadRecursive() +131

   System.Web.UI.Control.LoadRecursive() +131

   System.Web.UI.Control.LoadRecursive() +131

   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1436

 

4 Answers, 1 is accepted

Sort by
0
Fiko
Telerik team
answered on 26 May 2010, 01:25 PM
Hi James,

The scenario that you need to implement is not covered by RadFileExplorer. You can control the folders and files that are shown in RadFileExplorer, but you cannot send messages to the browser (for example, calling JavaScript alert from the server) from the ResolveRootDirectory and ResolveRootDirectory methods. This limitation applies to these method because they are called using CallBack requests. Please note that the performance of the RadFileExplorer control is much better using CallBacks compared to AJAX updates and for the time being we do not plan to change this behavior.

I hope this is not a big show stopper for you.

Regards,
Fiko
the Telerik team

Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
0
Mike
Top achievements
Rank 1
answered on 27 Oct 2010, 10:49 PM
Hello - I have a similar need.  
However - I do not care about sending messages to the browser.  
In my scenario, I would use impersonation so that application would be running under the user's permissions.  

Currently, if the user does not have permissions to a folder or even just a subfolder within a folder of the root of the application, the application fails. with the error that the previous poster used.  

I would simply perfer to not display the folder and/or files that the user does not have access to.

Would you happen to have a sample implementation of a FileSystemContentProvider which already works with files that could be modified to do this?

Thanks!
Paul
0
Fiko
Telerik team
answered on 02 Nov 2010, 09:46 AM
Hi Paul,

In your case you need to override the ResolveRootDirectory and ResolveRootDirectory methods of the  Telerik.Web.UI.Widgets.FileSystemContentProvider class (which is the default provider used in RadFileExplorer) in order to filter the folders that do not have required permissions. You can check the permissions of the folder using the methods provided in the System.IO namespace.

Sincerely yours,
Fiko
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
0
Mike
Top achievements
Rank 1
answered on 02 Nov 2010, 12:50 PM
James,
Thanks for your reply.   While waiting fora response, I was able leverage the sample provided here..

http://www.telerik.com/help/aspnet-ajax/radfileexplorer-custom-filebrowsercontentprovider.html

to do what I needed.  It was probably the hard way to do it, but with some additional error handling and security checking, the results seem pretty good!

Thanks!
Paul
Tags
FileExplorer
Asked by
James
Top achievements
Rank 1
Answers by
Fiko
Telerik team
Mike
Top achievements
Rank 1
Share this question
or