How to support access based on multiple user roles in ASPxFileManager

By default, ASPxFileManager supports only a single user role. If you use built-in ASP.NET membership and your users have only single roles, you can fill the FileManagerSettingsPermissions.AccessRules collection (in control markup or in code behind) and assign a user role to the FileManagerSettingsPermissions.Role property:

[C#]
protectedvoidASPxFileManager1_Init(objectsender,EventArgse){ASPxFileManagerfm=senderasASPxFileManager;fm.SettingsPermissions.Role=System.Web.Security.Role.GetRolesForUser()[0];}

[VB.NET]
ProtectedSub ASPxFileManager1_Init(ByVal sender AsObject, ByVal e As EventArgs)Dim fm As ASPxFileManager = TryCast(sender, ASPxFileManager)
    fm.SettingsPermissions.Role = System.Web.Security.Roles.GetRolesForUser()[0];EndSub

This is a very simple approach. However, it does not make sense if you want to provide access to ASPxFileManager items (file and folders) based on several user roles.

One of possible solutions is to generate corresponding rules at runtime. Since you know current user roles, you can implement some custom algorithm to generate AccessRules at runtime. On the other hand, implementation of this solution is not obvious and is a rather complex task. Especially, if you need to provide different access to file system on different pages of your site.

This example illustrates an alternative way. Create ASPxFileManager with a static collection of AccessRules (in markup or at runtime). In the ASPxFileManager.Init event handler, assign a 'compound' rule to the FileManagerSettingsPermissions.Role property and call the CreateRuleForCompoundRole method to generate AccessRules based on the 'static' rule list and current user roles. As a result, the FileManagerSettingsPermissions.AccessRules collection will contain 'static' rules (which do not make sense since we assigned a 'compound' role to the FileManagerSettingsPermissions.Role property) and rules for the 'compound' user role.

This example uses a default ASP.NET membership database. To keep database integrity, this example cannot be run online. Please download it and run on your local machine to see how it works.