The FileOrDir object represents an NTFS file or directory. This object enables you to manipulate the Discretionary Access Control List (DACL) and attributes of the underlying file or directory. The Access Control List of each FileOrDir object has two components: an Allowance list and a Denial list. Each list consists of zero or more Access Control Entities (ACEs) each representing an individual permission.

A FileOrDir object can be obtained via the UserManager.File method.

FileOrDir Properties

Property	Type/Access (R) - read-only; (W) - write-only; (RW) - read/write.	Comments
Path	String (R)	Returns the path of the underlying file or directory (default property).
Attributes	Long (RW)	Specifies file attributes. Can be a combination of File Attribute flags defined in AspUser.inc such as FILE_ATTRIBUTE_READONLY, FILE_ATTRIBUTE_HIDDEN, etc. Use CheckAttribute method to check whether a particular attribute flag is set.
AllowanceCount	Long (R)	Specifies the amount of ACE objects in this file's Allowance list.
DenialCount	Long (R)	Specifies the amount of ACE objects in this file's Denial list.

FileOrDir Methods

Method	Arguments / Return type (if applicable)	Comments
DenyAccess	AccountName As String AccessMask As Long	Adds a Denial ACE corresponding to the specified account to this file's DACL. The account is looked up on the server specified by the AU.Server property, or local machine if AU.Server is empty. Access mask must be set to GENERIC_ALL.
AllowAccess	AccountName As String AccessMask As Long	Adds an Allowance ACE corresponding to the specified account to this file's DACL. The account is looked up on the server specified by the AU.Server property, or local machine if AU.Server is empty.  AccessMask can be set to GENERIC_ALL (&H10000000) (as well combinations (sums) of other access type values defined in the file AspUser.inc). Flag Combinations for Standard Permissions: Read (RX):GENERIC_READ + FILE_GENERIC_EXECUTE Change(RWXD): GENERIC_READ + GENERIC_WRITE + FILE_GENERIC_EXECUTE + DELETE Full Control (All): GENERIC_ALL
RevokeDenial	AccountName As String	Removes a Denial ACE corresponding to the specified account from this file's DACL.
RevokeAllowance	AccountName As String	Removes an Allowance ACE corresponding to the specified account from this file's DACL.
RevokeAllDenials		Removes all Denial ACEs from this file's DACL.
RevokeAllAllowances		Removes all Allowance ACEs from this file's DACL.
GetDenialAce	Index As Integer Returns: IAce Object	Returns an ACE object from the Denial section of this file's DACL specified by a 1-based Index. The total number of ACEs in the denial section can be obtained via the DenialCount property.
GetAllowanceAce	Index As Integer Returns: IAce Object	Returns an ACE object from the Allowance section of this file's DACL specified by a 1-based Index. The total number of ACEs in the allowance section can be obtained via the AllowanceCount property.
SetOwner	AccountName As String	Sets the owner of this file.
CheckAttribute	FileAttr As Long Returns: Boolean	Returns True if the given file attribute is set, False otherwise. FileAttr must be one of the File Attribute flags defined in AspUser.inc.