Save file in Restricted folder (1 Viewer)

Juolupuki

Registered User.
Local time
Today, 15:43
Joined
Jan 3, 2018
Messages
31
Hello,

Right i have set the form with save *.pdf in folder by IDs. All works as it expected.

What I'm thinking right now and cant find any related data. Is it possible to save PDFs with same code in folder where folder has just to "Write" permission?

Some users will be not allow to open the folder but allow to save the PDFs.

Thanks in advance
 

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 10:43
Joined
Feb 28, 2001
Messages
26,999
Windows file permissions can get quite complex. In order to save the files they will have to have low-level permission CREATE FILES/WRITE DATA to the folder itself. Also, if I recall correctly, WRITE ATTRIBUTES on the file being created. To determine whether you have any file conflicts, that means READ DATA on the folder and READ ATTRIBUTES on the created file have to be in the mix.

What happens if the user tries to update something and thus tries to save the file a second time by the user ID? You would get naming duplicates which would be a really big problem for your program to resolve if the folder is restricted. You would either have to trap an error or be able to know of this conflict ahead of time (using a method to read the directory).

Now you MIGHT consider that you could declare the folder to be "hidden" so that the users won't immediately know it is there. However, even a user with limited knowledge of Windows would be able to find how to show hidden files. This would be a form of "security through obscurity" and is generally doomed to failure (in the sense of being a secure method).

If you have users who cannot be trusted to leave things alone, your problem isn't in your code, it is in the users' heads and must be solved by reprogramming THEM. I.e. via training or warnings or threats (if necessary).
 

CJ_London

Super Moderator
Staff member
Local time
Today, 15:43
Joined
Feb 19, 2013
Messages
16,553
one little trick to discourage users from browsing to your folder to open files

create a folder "A"
in this folder create another folder "B"

now in windows security permissions deny access to all users to folder "A" (but not subfolders)

in your app provide a path direct to folder "B"

Obviously if users get to know the full path they can just type it into windows explorer so they can then open the files, so your job is to make sure the path is never visible in your app.

It's a long time since I did it but to deny access if I recall correctly you need to put all users in a group, then edit the folder properties>security to deny access
 

Juolupuki

Registered User.
Local time
Today, 15:43
Joined
Jan 3, 2018
Messages
31
Hi,

Thanks for responds. The bought suggestions made me thinking.

What i will do is, ill set folder for normal users permissions just to write and files will be saved in temp folder. For users who needs to read the files will be moved from temp in to other folders as soon they will login, because just they have access to these folders.


I have tested and kinda works. :)
 

Users who are viewing this thread

Top Bottom