/
FileAuthorizationModule.xml
199 lines (181 loc) · 13.1 KB
/
FileAuthorizationModule.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
<Type Name="FileAuthorizationModule" FullName="System.Web.Security.FileAuthorizationModule">
<TypeSignature Language="C#" Value="public sealed class FileAuthorizationModule : System.Web.IHttpModule" />
<TypeSignature Language="ILAsm" Value=".class public auto ansi sealed beforefieldinit FileAuthorizationModule extends System.Object implements class System.Web.IHttpModule" />
<TypeSignature Language="DocId" Value="T:System.Web.Security.FileAuthorizationModule" />
<TypeSignature Language="VB.NET" Value="Public NotInheritable Class FileAuthorizationModule
Implements IHttpModule" />
<TypeSignature Language="F#" Value="type FileAuthorizationModule = class
 interface IHttpModule" />
<TypeSignature Language="C++ CLI" Value="public ref class FileAuthorizationModule sealed : System::Web::IHttpModule" />
<AssemblyInfo>
<AssemblyName>System.Web</AssemblyName>
<AssemblyVersion>1.0.5000.0</AssemblyVersion>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<Base>
<BaseTypeName>System.Object</BaseTypeName>
</Base>
<Interfaces>
<Interface>
<InterfaceName>System.Web.IHttpModule</InterfaceName>
</Interface>
</Interfaces>
<Docs>
<summary>Verifies that the user has permission to access the file requested. This class cannot be inherited.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
This module provides authorization services against file-system access-control lists (ACLs). When the `mode` attribute of the [authentication Element (ASP.NET Settings Schema)](https://msdn.microsoft.com/library/27bc0ba9-f23a-45f3-ae42-dbe7916e3ee2) configuration element is set to `Windows` so that the <xref:System.Web.Security.WindowsAuthenticationModule> is being used for the application, the <xref:System.Web.Security.FileAuthorizationModule> module ensures that the requesting user is allowed read or write access to the resource, depending on the request verb, before executing the request. For more information, see the <xref:System.Web.Security.FileAuthorizationModule.CheckFileAccessForUser%2A> method.
]]></format>
</remarks>
<related type="Article" href="https://docs.microsoft.com/previous-versions/aspnet/wce3kxhd(v=vs.100)">ASP.NET Authorization</related>
</Docs>
<Members>
<Member MemberName=".ctor">
<MemberSignature Language="C#" Value="public FileAuthorizationModule ();" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig specialname rtspecialname instance void .ctor() cil managed" />
<MemberSignature Language="DocId" Value="M:System.Web.Security.FileAuthorizationModule.#ctor" />
<MemberSignature Language="VB.NET" Value="Public Sub New ()" />
<MemberSignature Language="C++ CLI" Value="public:
 FileAuthorizationModule();" />
<MemberType>Constructor</MemberType>
<AssemblyInfo>
<AssemblyName>System.Web</AssemblyName>
<AssemblyVersion>1.0.5000.0</AssemblyVersion>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0">
<AttributeName Language="C#">[System.Runtime.TargetedPatchingOptOut("Performance critical to inline this type of method across NGen image boundaries")]</AttributeName>
<AttributeName Language="F#">[<System.Runtime.TargetedPatchingOptOut("Performance critical to inline this type of method across NGen image boundaries")>]</AttributeName>
</Attribute>
</Attributes>
<Parameters />
<Docs>
<summary>Creates an instance of the <see cref="T:System.Web.Security.FileAuthorizationModule" /> class.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
This constructor is not intended to be called from application code.
ASP.NET calls this constructor to create an instance of the <xref:System.Web.Security.FileAuthorizationModule> class. After calling the constructor, it calls the <xref:System.Web.Security.FileAuthorizationModule.Init%2A> method to initialize the new <xref:System.Web.Security.FileAuthorizationModule> object.
]]></format>
</remarks>
<related type="Article" href="https://docs.microsoft.com/previous-versions/aspnet/wce3kxhd(v=vs.100)">ASP.NET Authorization</related>
</Docs>
</Member>
<Member MemberName="CheckFileAccessForUser">
<MemberSignature Language="C#" Value="public static bool CheckFileAccessForUser (string virtualPath, IntPtr token, string verb);" />
<MemberSignature Language="ILAsm" Value=".method public static hidebysig bool CheckFileAccessForUser(string virtualPath, native int token, string verb) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Web.Security.FileAuthorizationModule.CheckFileAccessForUser(System.String,System.IntPtr,System.String)" />
<MemberSignature Language="VB.NET" Value="Public Shared Function CheckFileAccessForUser (virtualPath As String, token As IntPtr, verb As String) As Boolean" />
<MemberSignature Language="F#" Value="static member CheckFileAccessForUser : string * nativeint * string -> bool" Usage="System.Web.Security.FileAuthorizationModule.CheckFileAccessForUser (virtualPath, token, verb)" />
<MemberSignature Language="C++ CLI" Value="public:
 static bool CheckFileAccessForUser(System::String ^ virtualPath, IntPtr token, System::String ^ verb);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Web</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Boolean</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="virtualPath" Type="System.String" Index="0" FrameworkAlternate="netframework-2.0;netframework-3.0;netframework-3.5;netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;netframework-4.8.1" />
<Parameter Name="token" Type="System.IntPtr" Index="1" FrameworkAlternate="netframework-2.0;netframework-3.0;netframework-3.5;netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;netframework-4.8.1" />
<Parameter Name="verb" Type="System.String" Index="2" FrameworkAlternate="netframework-2.0;netframework-3.0;netframework-3.5;netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;netframework-4.8.1" />
</Parameters>
<Docs>
<param name="virtualPath">The virtual path to the file.</param>
<param name="token">A Windows access token representing the user.</param>
<param name="verb">The HTTP verb used to make the request.</param>
<summary>Determines whether the user has access to the requested file.</summary>
<returns>
<see langword="true" /> if the current Windows user represented by <paramref name="token" /> has access to the file using the specified HTTP verb or if the <see cref="T:System.Web.Security.FileAuthorizationModule" /> module is not defined in the application's configuration file; otherwise, <see langword="false" />.</returns>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
The <xref:System.Web.Security.FileAuthorizationModule.CheckFileAccessForUser%2A> method checks to see whether the current user, represented by a Windows access token, is granted access to the requested file in the file-system access-control lists (ACLs). The virtual path is mapped to the physical file-system path before the check is made.
If the HTTP verb used to make the request is `GET`, `POST`, or `HEAD`, the <xref:System.Web.Security.FileAuthorizationModule.CheckFileAccessForUser%2A> method checks for read access to the file. If any other verb is used, the <xref:System.Web.Security.FileAuthorizationModule.CheckFileAccessForUser%2A> method checks for read/write permission to the file.
**Security Note** If the <xref:System.Web.Security.FileAuthorizationModule> module is not defined in the `httpModules` configuration section for the application, the <xref:System.Web.Security.FileAuthorizationModule> module always returns `true`.
]]></format>
</remarks>
<exception cref="T:System.ArgumentNullException">
<paramref name="virtualPath" /> is <see langword="null" />.
-or-
<paramref name="token" /> is <see cref="F:System.IntPtr.Zero" />.
-or-
<paramref name="verb" /> is <see langword="null" />.</exception>
<exception cref="T:System.ArgumentException">
<paramref name="virtualPath" /> is not in the application directory structure of the Web application.</exception>
<exception cref="T:System.IO.FileNotFoundException">The file specified by <paramref name="virtualPath" /> does not exist.</exception>
</Docs>
</Member>
<Member MemberName="Dispose">
<MemberSignature Language="C#" Value="public void Dispose ();" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig newslot virtual instance void Dispose() cil managed" />
<MemberSignature Language="DocId" Value="M:System.Web.Security.FileAuthorizationModule.Dispose" />
<MemberSignature Language="VB.NET" Value="Public Sub Dispose ()" />
<MemberSignature Language="F#" Value="abstract member Dispose : unit -> unit
override this.Dispose : unit -> unit" Usage="fileAuthorizationModule.Dispose " />
<MemberSignature Language="C++ CLI" Value="public:
 virtual void Dispose();" />
<MemberType>Method</MemberType>
<Implements>
<InterfaceMember>M:System.Web.IHttpModule.Dispose</InterfaceMember>
</Implements>
<AssemblyInfo>
<AssemblyName>System.Web</AssemblyName>
<AssemblyVersion>1.0.5000.0</AssemblyVersion>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Void</ReturnType>
</ReturnValue>
<Parameters />
<Docs>
<summary>Releases all resources, other than memory, used by the <see cref="T:System.Web.Security.FileAuthorizationModule" />.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
This method is not intended to be called from application code.
]]></format>
</remarks>
<related type="Article" href="https://docs.microsoft.com/previous-versions/aspnet/wce3kxhd(v=vs.100)">ASP.NET Authorization</related>
</Docs>
</Member>
<Member MemberName="Init">
<MemberSignature Language="C#" Value="public void Init (System.Web.HttpApplication app);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig newslot virtual instance void Init(class System.Web.HttpApplication app) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Web.Security.FileAuthorizationModule.Init(System.Web.HttpApplication)" />
<MemberSignature Language="VB.NET" Value="Public Sub Init (app As HttpApplication)" />
<MemberSignature Language="F#" Value="abstract member Init : System.Web.HttpApplication -> unit
override this.Init : System.Web.HttpApplication -> unit" Usage="fileAuthorizationModule.Init app" />
<MemberSignature Language="C++ CLI" Value="public:
 virtual void Init(System::Web::HttpApplication ^ app);" />
<MemberType>Method</MemberType>
<Implements>
<InterfaceMember>M:System.Web.IHttpModule.Init(System.Web.HttpApplication)</InterfaceMember>
</Implements>
<AssemblyInfo>
<AssemblyName>System.Web</AssemblyName>
<AssemblyVersion>1.0.5000.0</AssemblyVersion>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Void</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="app" Type="System.Web.HttpApplication" />
</Parameters>
<Docs>
<param name="app">The current <see cref="T:System.Web.HttpApplication" /> instance.</param>
<summary>Initializes the <see cref="T:System.Web.Security.FileAuthorizationModule" /> object.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
This method is not intended to be called from application code.
The <xref:System.Web.Security.FileAuthorizationModule.Init%2A> method ensures that the <xref:System.Web.Security.FileAuthorizationModule> is included in the processing of the <xref:System.Web.HttpApplication.AuthorizeRequest> event.
]]></format>
</remarks>
<related type="Article" href="https://docs.microsoft.com/previous-versions/aspnet/wce3kxhd(v=vs.100)">ASP.NET Authorization</related>
</Docs>
</Member>
</Members>
</Type>