Search code examples
asp.net.netdeploymentpermission-denied

Access to the path denied after deployment

I implemented a feature that allow users to upload files. Everything was working perfectly on my machine. After we deploy it, I got the following error:

Access to the path '\...\VendorDocuments\TempFolder\2585' is denied.

I've added EveryOne in the list of the object that have all the permissions to the VendorDocument folder. It worked.

Now I'd like to know how to setup the permissions to take into account the security aspects.

  1. vendorDocuments is the main folder.
  2. Inside vendorDocuments there is another folder called TempFolder
  3. When user selects a file, the file is automatically uploaded to a TempFolder/UserId
  4. If the user decides to cancel the operation, the file inside the TempFolder is deleted.

  5. If the user decides to proceed, the file will be moved from the TempFolder/UserId to a folder belonging to the vendor still inside vendorDocuments.

    VendorDocuments => TempFolder => TempFolder => UserId (file inside)

    VendorDocuments => VendorName => DocumentId (file inside)

So in my opinion, there are 2 problems;

  1. How to setup the permission on the highest level, i.e. vendorDocuments folder.
  2. Do I need to setup permission as well for every vendor folder, i.e. where files belonging to a given vendor will be saved. There reason I asking this question is because I read that it's better to setup manually permission on folder. However, in this case, vendor's own folder will be created on the fly, i.e. the first time a user belonging to that vendor upload a file.

Sorry to ask a long question. This is the first time I'm working with permissions.

Solution

  • We take care of our permission like this by assigning an application pool identity to the application itself. This allows you to give the applications account the permissions it needs to write files to their destination. We are using IIS and I can see that depending on your version of IIS the process is slightly different. IIS instructions: http://www.iis.net/learn/manage/configuring-security/application-pool-identities