FileRevocationManager FileRevocationManager FileRevocationManager FileRevocationManager Class

Note

FileRevocationManager may be unavailable for releases after Windows 10. Instead, use FileProtectionManager.

Note

Windows Information Protection (WIP) policy cannot be applied on Windows 10, version 1511 (build 10586) or earlier.

Provides access to Selective Wipe operations.

Syntax

Declaration

public static class FileRevocationManagerpublic static class FileRevocationManagerPublic Static Class FileRevocationManager

Methods summary

Note

FileRevocationManager may be unavailable for releases after Windows 10. Instead, use FileProtectionManager.

Note

Windows Information Protection (WIP) policy cannot be applied on Windows 10, version 1511 (build 10586) or earlier.

Copy the selective wipe protection state of a file or folder to a new file or folder.

Note

FileRevocationManager may be unavailable for releases after Windows 10. Instead, use FileProtectionManager.

Note

Windows Information Protection (WIP) policy cannot be applied on Windows 10, version 1511 (build 10586) or earlier.

Gets the selective wipe protection status for a file or folder.

Note

FileRevocationManager may be unavailable for releases after Windows 10. Instead, use FileProtectionManager.

Note

Windows Information Protection (WIP) policy cannot be applied on Windows 10, version 1511 (build 10586) or earlier.

Protects a file or folder for selective wipe.

Note

FileRevocationManager may be unavailable for releases after Windows 10. Instead, use FileProtectionManager.

Note

Windows Information Protection (WIP) policy cannot be applied on Windows 10, version 1511 (build 10586) or earlier.

Revokes all files and folders protected for selective wipe for a specified enterprise id.

Methods

  • CopyProtectionAsync(Windows.Storage.IStorageItem,Windows.Storage.IStorageItem)
    CopyProtectionAsync(Windows.Storage.IStorageItem,Windows.Storage.IStorageItem)
    CopyProtectionAsync(Windows.Storage.IStorageItem,Windows.Storage.IStorageItem)
    CopyProtectionAsync(Windows.Storage.IStorageItem,Windows.Storage.IStorageItem)
    Note

    FileRevocationManager may be unavailable for releases after Windows 10. Instead, use FileProtectionManager.

    Note

    Windows Information Protection (WIP) policy cannot be applied on Windows 10, version 1511 (build 10586) or earlier.

    Copy the selective wipe protection state of a file or folder to a new file or folder.

    public static IAsyncOperation<bool> CopyProtectionAsync(Windows.Storage.IStorageItem sourceStorageItem,Windows.Storage.IStorageItem targetStorageItem)public static IAsyncOperation<bool> CopyProtectionAsync(Windows.Storage.IStorageItem sourceStorageItem,Windows.Storage.IStorageItem targetStorageItem)Public Static Function CopyProtectionAsync(sourceStorageItem As Windows.Storage.IStorageItem,targetStorageItem As Windows.Storage.IStorageItem) As IAsyncOperation( Of bool )

    Parameters

    Returns

    • True if the copy operation was successful; otherwise false.

    Remarks

    If you save a new copy of a file as the result of a "save as" operation, the selective wipe protection status is not copied with the file. To protect the file, you must call the CopyProtectionAsync(Windows.Storage.IStorageItem,Windows.Storage.IStorageItem) method to copy the existing protection status to the new file. If you copy a protected file using the CopyAsync(Windows.Storage.IStorageFolder,System.String) or CopyAndReplaceAsync(Windows.Storage.IStorageFile) methods, the selective wipe protection status is copied with the file and you do not need to call the CopyProtectionAsync(Windows.Storage.IStorageItem,Windows.Storage.IStorageItem) method.

    public async Task<bool> CopyFile(StorageFile file, StorageFolder newFolder) 
    {
        bool result = false;
    
        try
        {
            var newFile = await file.CopyAsync(newFolder);
            result = await 
                Windows.Security.EnterpriseData.FileRevocationManager.
                CopyProtectionAsync(file, newFile);
            }
        catch (Exception e) 
        {
            // Handle exception. For example, copy already exists.
        }
    
        return result;
    }
    
    // For an introduction to the Blank template, see the following documentation:
    // http://go.microsoft.com/fwlink/?LinkId=232509
    (function () {
        "use strict";
    
        var app = WinJS.Application;
        var activation = Windows.ApplicationModel.Activation;
    
        var testButton;
    
        app.onactivated = function (args) {
            if (args.detail.kind === activation.ActivationKind.launch) {
                if (args.detail.previousExecutionState !== activation.ApplicationExecutionState.terminated) {
                    // TODO: This application has been newly launched. Initialize
                    // your application here.
                } else {
                    // TODO: This application has been reactivated from suspension.
                    // Restore application state here.
                }
    
                testButton = document.getElementById("TestButton");
                testButton.addEventListener("click", testButtonClick, false);
                //addFolder("NewFolder1");
                Windows.Storage.StorageFolder.getFolderFromPathAsync(appRootFolder.localFolder.path + "\\NewFolder1").then(
                    function (folder) {
                        protectItem(folder, enterpriseIdentity);
                        var status;
                        Windows.Security.EnterpriseData.FileRevocationManager.getStatusAsync(folder).then(
                            function (s) {
                                status = s;
                            });
                        addFile("NewFile1.txt", folder);
                    });
    
                args.setPromise(WinJS.UI.processAll());
            }
        }
    
        app.oncheckpoint = function (args) {
            // TODO: This application is about to be suspended. Save any state
            // that needs to persist across suspensions here. You might use the
            // WinJS.Application.sessionState object, which is automatically
            // saved and restored across suspension. If you need to complete an
            // asynchronous operation before your application is suspended, call
            // args.setPromise().
        };
    
        function testButtonClick() {
            initializeApp("testuser");
            Windows.Storage.StorageFile.getFileFromPathAsync(appRootFolder.localFolder.path + "\\NewFolder1\\NewFile1.txt").then(
                    function (file) {
                        getFileContents(file.path);
                    });
        }
    
        //<Snippet_Global_JS>
        var appRootFolder = Windows.Storage.ApplicationData.current;
        var enterpriseIdentity = "example.com";
        var accessDeniedHResult = -2147024891;  // Access Denied (0x80070005)
        //</Snippet_Global_JS>
    
        //<Snippet_Protect_JS>
        // Add a folder and protect it using Selective Wipe.
        function addFolder(folderName) {
            appRootFolder.localFolder.createFolderAsync(folderName).then(
                function (newFolder) {
                    protectItem(newFolder);
                });
        }
    
        // Add a file and protect it using Selective Wipe.
        function addFile(fileName, folder) {
            folder.createFileAsync(fileName).then(
                function (newFile) {
                    Windows.Security.EnterpriseData.
                        FileRevocationManager.getStatusAsync(newFile).then(
                            function (status) {
                                if (status != Windows.Security.EnterpriseData.
                                        FileProtectionStatus.Protected) {
                                    protectItem(newFile, enterpriseIdentity);
                                }
                            });
                },
                function (err) {
                    // Handle error. For example, file already exists.
                });
        }
    
        function protectItem(item, enterpriseIdentity) {
            Windows.Security.EnterpriseData.FileRevocationManager.
                protectAsync(item, enterpriseIdentity).then(
                    function (status) {
                        return status;
                    });
        }
        //</Snippet_Protect_JS>
    
        //<Snippet_GetStatus_JS>
        function getFileContents(filePath) {
            var stream;
            var file;
    
            Windows.Storage.StorageFile.getFileFromPathAsync(filePath).then(
                function (f) {
                    file = f;
                    file.openReadAsync().then(
                        function (s) {
                            stream = s;
                            return stream;
                        },
                        function (err) {
                            if (err.number == accessDeniedHResult) {
                                // Delete file if it has been revoked.
                                selectiveWipeCleanup(file);
                            }
                        });
                });
    
            return null;
        }
    
        // Delete items revoked by Selective Wipe.
        function selectiveWipeCleanup(file) {
            Windows.Security.EnterpriseData.FileRevocationManager.
                getStatusAsync(file).then(
                    function (status) {
                        if (status == 
                            Windows.Security.EnterpriseData.FileProtectionStatus.revoked) {
                                file.deleteAsync();
                        }
                });
    
        }
        //</Snippet_GetStatus_JS>
    
        //<Snippet_Revoke_JS>
        function initializeApp(userName) {
            if (getUserStatus(userName) == "Not Found") {
                Windows.Security.EnterpriseData.FileRevocationManager.revoke(enterpriseIdentity);
            }
        }
        //</Snippet_Revoke_JS>
    
        function getUserStatus(userName) {
            return "Not Found";
        }
    
        //<Snippet_CopyProtection_JS>
        function copyFile(file, newFolder) {
            file.copyAsync(newFolder).then(
                function (newFile) {
                    Windows.Security.EnterpriseData.FileRevocationManager.
                        copyProtectionAsync(file, newFile);
                },
                function (err) {
                    // Handle error. For example, copy already exists.
                });
        }
        //</Snippet_CopyProtection_JS>
    
    
        app.start();
    })();
    
    function copyFile(file, newFolder) {
        file.copyAsync(newFolder).then(
            function (newFile) {
                Windows.Security.EnterpriseData.FileRevocationManager.
                    copyProtectionAsync(file, newFile);
            },
            function (err) {
                // Handle error. For example, copy already exists.
            });
    }
    

    The CopyProtectionAsync(Windows.Storage.IStorageItem,Windows.Storage.IStorageItem) method requires exclusive access to the file or folder being encrypted, and will fail if another process is using has a handle open to the file or folder.

  • GetStatusAsync(Windows.Storage.IStorageItem)
    GetStatusAsync(Windows.Storage.IStorageItem)
    GetStatusAsync(Windows.Storage.IStorageItem)
    GetStatusAsync(Windows.Storage.IStorageItem)
    Note

    FileRevocationManager may be unavailable for releases after Windows 10. Instead, use FileProtectionManager.

    Note

    Windows Information Protection (WIP) policy cannot be applied on Windows 10, version 1511 (build 10586) or earlier.

    Gets the selective wipe protection status for a file or folder.

    public static IAsyncOperation<FileProtectionStatus> GetStatusAsync(Windows.Storage.IStorageItem storageItem)public static IAsyncOperation<FileProtectionStatus> GetStatusAsync(Windows.Storage.IStorageItem storageItem)Public Static Function GetStatusAsync(storageItem As Windows.Storage.IStorageItem) As IAsyncOperation( Of FileProtectionStatus )

    Parameters

    Returns

    • An aysnchronous operation that retrieves the selective wipe protection status for the storageItem.

    Remarks

    You can use the GetStatusAsync(Windows.Storage.IStorageItem) method to determine the Selective Wipe protection status of a file or folder. This will tell you if a file is protected or not, if a file is protected by another user on the computer, and so on. A common use of the GetStatusAsync(Windows.Storage.IStorageItem) method is to determine when a protected file should be deleted. For example, when a protected file is revoked, an attempt to access the file contents will result in an "Access is denied" exception. When you encounter that exception, you can use the GetStatusAsync(Windows.Storage.IStorageItem) method to determine if the file has been revoked by Selective Wipe and then delete the file if it has, as shown in the following example.

    ApplicationData appRootFolder = ApplicationData.Current;
    string enterpriseIdentity = "example.com";
    int AccessDeniedHResult = -2147024891;  // Access Denied (0x80070005)
    
    // For an introduction to the Blank template, see the following documentation:
    // http://go.microsoft.com/fwlink/?LinkId=232509
    (function () {
        "use strict";
    
        var app = WinJS.Application;
        var activation = Windows.ApplicationModel.Activation;
    
        var testButton;
    
        app.onactivated = function (args) {
            if (args.detail.kind === activation.ActivationKind.launch) {
                if (args.detail.previousExecutionState !== activation.ApplicationExecutionState.terminated) {
                    // TODO: This application has been newly launched. Initialize
                    // your application here.
                } else {
                    // TODO: This application has been reactivated from suspension.
                    // Restore application state here.
                }
    
                testButton = document.getElementById("TestButton");
                testButton.addEventListener("click", testButtonClick, false);
                //addFolder("NewFolder1");
                Windows.Storage.StorageFolder.getFolderFromPathAsync(appRootFolder.localFolder.path + "\\NewFolder1").then(
                    function (folder) {
                        protectItem(folder, enterpriseIdentity);
                        var status;
                        Windows.Security.EnterpriseData.FileRevocationManager.getStatusAsync(folder).then(
                            function (s) {
                                status = s;
                            });
                        addFile("NewFile1.txt", folder);
                    });
    
                args.setPromise(WinJS.UI.processAll());
            }
        }
    
        app.oncheckpoint = function (args) {
            // TODO: This application is about to be suspended. Save any state
            // that needs to persist across suspensions here. You might use the
            // WinJS.Application.sessionState object, which is automatically
            // saved and restored across suspension. If you need to complete an
            // asynchronous operation before your application is suspended, call
            // args.setPromise().
        };
    
        function testButtonClick() {
            initializeApp("testuser");
            Windows.Storage.StorageFile.getFileFromPathAsync(appRootFolder.localFolder.path + "\\NewFolder1\\NewFile1.txt").then(
                    function (file) {
                        getFileContents(file.path);
                    });
        }
    
        //<Snippet_Global_JS>
        var appRootFolder = Windows.Storage.ApplicationData.current;
        var enterpriseIdentity = "example.com";
        var accessDeniedHResult = -2147024891;  // Access Denied (0x80070005)
        //</Snippet_Global_JS>
    
        //<Snippet_Protect_JS>
        // Add a folder and protect it using Selective Wipe.
        function addFolder(folderName) {
            appRootFolder.localFolder.createFolderAsync(folderName).then(
                function (newFolder) {
                    protectItem(newFolder);
                });
        }
    
        // Add a file and protect it using Selective Wipe.
        function addFile(fileName, folder) {
            folder.createFileAsync(fileName).then(
                function (newFile) {
                    Windows.Security.EnterpriseData.
                        FileRevocationManager.getStatusAsync(newFile).then(
                            function (status) {
                                if (status != Windows.Security.EnterpriseData.
                                        FileProtectionStatus.Protected) {
                                    protectItem(newFile, enterpriseIdentity);
                                }
                            });
                },
                function (err) {
                    // Handle error. For example, file already exists.
                });
        }
    
        function protectItem(item, enterpriseIdentity) {
            Windows.Security.EnterpriseData.FileRevocationManager.
                protectAsync(item, enterpriseIdentity).then(
                    function (status) {
                        return status;
                    });
        }
        //</Snippet_Protect_JS>
    
        //<Snippet_GetStatus_JS>
        function getFileContents(filePath) {
            var stream;
            var file;
    
            Windows.Storage.StorageFile.getFileFromPathAsync(filePath).then(
                function (f) {
                    file = f;
                    file.openReadAsync().then(
                        function (s) {
                            stream = s;
                            return stream;
                        },
                        function (err) {
                            if (err.number == accessDeniedHResult) {
                                // Delete file if it has been revoked.
                                selectiveWipeCleanup(file);
                            }
                        });
                });
    
            return null;
        }
    
        // Delete items revoked by Selective Wipe.
        function selectiveWipeCleanup(file) {
            Windows.Security.EnterpriseData.FileRevocationManager.
                getStatusAsync(file).then(
                    function (status) {
                        if (status == 
                            Windows.Security.EnterpriseData.FileProtectionStatus.revoked) {
                                file.deleteAsync();
                        }
                });
    
        }
        //</Snippet_GetStatus_JS>
    
        //<Snippet_Revoke_JS>
        function initializeApp(userName) {
            if (getUserStatus(userName) == "Not Found") {
                Windows.Security.EnterpriseData.FileRevocationManager.revoke(enterpriseIdentity);
            }
        }
        //</Snippet_Revoke_JS>
    
        function getUserStatus(userName) {
            return "Not Found";
        }
    
        //<Snippet_CopyProtection_JS>
        function copyFile(file, newFolder) {
            file.copyAsync(newFolder).then(
                function (newFile) {
                    Windows.Security.EnterpriseData.FileRevocationManager.
                        copyProtectionAsync(file, newFile);
                },
                function (err) {
                    // Handle error. For example, copy already exists.
                });
        }
        //</Snippet_CopyProtection_JS>
    
    
        app.start();
    })();
    
    private async Task<IRandomAccessStream> GetFileContents(string filePath)
    {
        IRandomAccessStream stream = null;
        StorageFile file = null;
    
        try
        {
            file = await StorageFile.GetFileFromPathAsync(filePath);
            stream = await file.OpenReadAsync();
        }
        catch (UnauthorizedAccessException e)
        {
            if (e.HResult == AccessDeniedHResult)
            {
                // Delete file if it has been revoked.
                SelectiveWipeCleanup(file);
            }
    
            return null;
        }
    
        return stream;
    }
    
    // Delete items revoked by Selective Wipe.
    private async void SelectiveWipeCleanup(StorageFile file)
    {
        var status = await Windows.Security.EnterpriseData.FileRevocationManager.GetStatusAsync(file);
        if (status == Windows.Security.EnterpriseData.FileProtectionStatus.Revoked)
        {
            await file.DeleteAsync();
        }
    }
    
    // For an introduction to the Blank template, see the following documentation:
    // http://go.microsoft.com/fwlink/?LinkId=232509
    (function () {
        "use strict";
    
        var app = WinJS.Application;
        var activation = Windows.ApplicationModel.Activation;
    
        var testButton;
    
        app.onactivated = function (args) {
            if (args.detail.kind === activation.ActivationKind.launch) {
                if (args.detail.previousExecutionState !== activation.ApplicationExecutionState.terminated) {
                    // TODO: This application has been newly launched. Initialize
                    // your application here.
                } else {
                    // TODO: This application has been reactivated from suspension.
                    // Restore application state here.
                }
    
                testButton = document.getElementById("TestButton");
                testButton.addEventListener("click", testButtonClick, false);
                //addFolder("NewFolder1");
                Windows.Storage.StorageFolder.getFolderFromPathAsync(appRootFolder.localFolder.path + "\\NewFolder1").then(
                    function (folder) {
                        protectItem(folder, enterpriseIdentity);
                        var status;
                        Windows.Security.EnterpriseData.FileRevocationManager.getStatusAsync(folder).then(
                            function (s) {
                                status = s;
                            });
                        addFile("NewFile1.txt", folder);
                    });
    
                args.setPromise(WinJS.UI.processAll());
            }
        }
    
        app.oncheckpoint = function (args) {
            // TODO: This application is about to be suspended. Save any state
            // that needs to persist across suspensions here. You might use the
            // WinJS.Application.sessionState object, which is automatically
            // saved and restored across suspension. If you need to complete an
            // asynchronous operation before your application is suspended, call
            // args.setPromise().
        };
    
        function testButtonClick() {
            initializeApp("testuser");
            Windows.Storage.StorageFile.getFileFromPathAsync(appRootFolder.localFolder.path + "\\NewFolder1\\NewFile1.txt").then(
                    function (file) {
                        getFileContents(file.path);
                    });
        }
    
        //<Snippet_Global_JS>
        var appRootFolder = Windows.Storage.ApplicationData.current;
        var enterpriseIdentity = "example.com";
        var accessDeniedHResult = -2147024891;  // Access Denied (0x80070005)
        //</Snippet_Global_JS>
    
        //<Snippet_Protect_JS>
        // Add a folder and protect it using Selective Wipe.
        function addFolder(folderName) {
            appRootFolder.localFolder.createFolderAsync(folderName).then(
                function (newFolder) {
                    protectItem(newFolder);
                });
        }
    
        // Add a file and protect it using Selective Wipe.
        function addFile(fileName, folder) {
            folder.createFileAsync(fileName).then(
                function (newFile) {
                    Windows.Security.EnterpriseData.
                        FileRevocationManager.getStatusAsync(newFile).then(
                            function (status) {
                                if (status != Windows.Security.EnterpriseData.
                                        FileProtectionStatus.Protected) {
                                    protectItem(newFile, enterpriseIdentity);
                                }
                            });
                },
                function (err) {
                    // Handle error. For example, file already exists.
                });
        }
    
        function protectItem(item, enterpriseIdentity) {
            Windows.Security.EnterpriseData.FileRevocationManager.
                protectAsync(item, enterpriseIdentity).then(
                    function (status) {
                        return status;
                    });
        }
        //</Snippet_Protect_JS>
    
        //<Snippet_GetStatus_JS>
        function getFileContents(filePath) {
            var stream;
            var file;
    
            Windows.Storage.StorageFile.getFileFromPathAsync(filePath).then(
                function (f) {
                    file = f;
                    file.openReadAsync().then(
                        function (s) {
                            stream = s;
                            return stream;
                        },
                        function (err) {
                            if (err.number == accessDeniedHResult) {
                                // Delete file if it has been revoked.
                                selectiveWipeCleanup(file);
                            }
                        });
                });
    
            return null;
        }
    
        // Delete items revoked by Selective Wipe.
        function selectiveWipeCleanup(file) {
            Windows.Security.EnterpriseData.FileRevocationManager.
                getStatusAsync(file).then(
                    function (status) {
                        if (status == 
                            Windows.Security.EnterpriseData.FileProtectionStatus.revoked) {
                                file.deleteAsync();
                        }
                });
    
        }
        //</Snippet_GetStatus_JS>
    
        //<Snippet_Revoke_JS>
        function initializeApp(userName) {
            if (getUserStatus(userName) == "Not Found") {
                Windows.Security.EnterpriseData.FileRevocationManager.revoke(enterpriseIdentity);
            }
        }
        //</Snippet_Revoke_JS>
    
        function getUserStatus(userName) {
            return "Not Found";
        }
    
        //<Snippet_CopyProtection_JS>
        function copyFile(file, newFolder) {
            file.copyAsync(newFolder).then(
                function (newFile) {
                    Windows.Security.EnterpriseData.FileRevocationManager.
                        copyProtectionAsync(file, newFile);
                },
                function (err) {
                    // Handle error. For example, copy already exists.
                });
        }
        //</Snippet_CopyProtection_JS>
    
    
        app.start();
    })();
    
    var appRootFolder = Windows.Storage.ApplicationData.current;
    var enterpriseIdentity = "example.com";
    var accessDeniedHResult = -2147024891;  // Access Denied (0x80070005)
    
    function getFileContents(filePath) {
        var stream;
        var file;
    
        Windows.Storage.StorageFile.getFileFromPathAsync(filePath).then(
            function (f) {
                file = f;
                file.openReadAsync().then(
                    function (s) {
                        stream = s;
                        return stream;
                    },
                    function (err) {
                        if (err.number == accessDeniedHResult) {
                            // Delete file if it has been revoked.
                            selectiveWipeCleanup(file);
                        }
                    });
            });
    
        return null;
    }
    
    // Delete items revoked by Selective Wipe.
    function selectiveWipeCleanup(file) {
        Windows.Security.EnterpriseData.FileRevocationManager.
            getStatusAsync(file).then(
                function (status) {
                    if (status == 
                        Windows.Security.EnterpriseData.FileProtectionStatus.revoked) {
                            file.deleteAsync();
                    }
            });
    
    }
    
  • ProtectAsync(Windows.Storage.IStorageItem,System.String)
    ProtectAsync(Windows.Storage.IStorageItem,System.String)
    ProtectAsync(Windows.Storage.IStorageItem,System.String)
    ProtectAsync(Windows.Storage.IStorageItem,System.String)
    Note

    FileRevocationManager may be unavailable for releases after Windows 10. Instead, use FileProtectionManager.

    Note

    Windows Information Protection (WIP) policy cannot be applied on Windows 10, version 1511 (build 10586) or earlier.

    Protects a file or folder for selective wipe.

    public static IAsyncOperation<FileProtectionStatus> ProtectAsync(Windows.Storage.IStorageItem storageItem,System.String enterpriseIdentity)public static IAsyncOperation<FileProtectionStatus> ProtectAsync(Windows.Storage.IStorageItem storageItem,System.String enterpriseIdentity)Public Static Function ProtectAsync(storageItem As Windows.Storage.IStorageItem,enterpriseIdentity As System.String) As IAsyncOperation( Of FileProtectionStatus )

    Parameters

    • storageItem

      The file or folder to protect for selective wipe.

    • enterpriseIdentity
      System.String
      System.String
      System.String
      System.String

      The enterprise id that the file or folder is protected for. The enterpriseIdentity value must be formatted as an Internationalized Domain Name (IDN) and cannot contain spaces. For example, contoso.com.

    Returns

    • An asynchronous operation that retrieves the selective wipe protection status for the storageItem.

    Remarks

    You can use the ProtectAsync(Windows.Storage.IStorageItem,System.String) method to protect a file or folder using Selective Wipe. This identifies the file as protected for your enterprise identifier, such as "example.com", as shown in the previous code example. If you protect a folder using the ProtectAsync(Windows.Storage.IStorageItem,System.String) method, then all files in that folder inherit the same protection.

    ApplicationData appRootFolder = ApplicationData.Current;
    string enterpriseIdentity = "example.com";
    int AccessDeniedHResult = -2147024891;  // Access Denied (0x80070005)
    
    // For an introduction to the Blank template, see the following documentation:
    // http://go.microsoft.com/fwlink/?LinkId=232509
    (function () {
        "use strict";
    
        var app = WinJS.Application;
        var activation = Windows.ApplicationModel.Activation;
    
        var testButton;
    
        app.onactivated = function (args) {
            if (args.detail.kind === activation.ActivationKind.launch) {
                if (args.detail.previousExecutionState !== activation.ApplicationExecutionState.terminated) {
                    // TODO: This application has been newly launched. Initialize
                    // your application here.
                } else {
                    // TODO: This application has been reactivated from suspension.
                    // Restore application state here.
                }
    
                testButton = document.getElementById("TestButton");
                testButton.addEventListener("click", testButtonClick, false);
                //addFolder("NewFolder1");
                Windows.Storage.StorageFolder.getFolderFromPathAsync(appRootFolder.localFolder.path + "\\NewFolder1").then(
                    function (folder) {
                        protectItem(folder, enterpriseIdentity);
                        var status;
                        Windows.Security.EnterpriseData.FileRevocationManager.getStatusAsync(folder).then(
                            function (s) {
                                status = s;
                            });
                        addFile("NewFile1.txt", folder);
                    });
    
                args.setPromise(WinJS.UI.processAll());
            }
        }
    
        app.oncheckpoint = function (args) {
            // TODO: This application is about to be suspended. Save any state
            // that needs to persist across suspensions here. You might use the
            // WinJS.Application.sessionState object, which is automatically
            // saved and restored across suspension. If you need to complete an
            // asynchronous operation before your application is suspended, call
            // args.setPromise().
        };
    
        function testButtonClick() {
            initializeApp("testuser");
            Windows.Storage.StorageFile.getFileFromPathAsync(appRootFolder.localFolder.path + "\\NewFolder1\\NewFile1.txt").then(
                    function (file) {
                        getFileContents(file.path);
                    });
        }
    
        //<Snippet_Global_JS>
        var appRootFolder = Windows.Storage.ApplicationData.current;
        var enterpriseIdentity = "example.com";
        var accessDeniedHResult = -2147024891;  // Access Denied (0x80070005)
        //</Snippet_Global_JS>
    
        //<Snippet_Protect_JS>
        // Add a folder and protect it using Selective Wipe.
        function addFolder(folderName) {
            appRootFolder.localFolder.createFolderAsync(folderName).then(
                function (newFolder) {
                    protectItem(newFolder);
                });
        }
    
        // Add a file and protect it using Selective Wipe.
        function addFile(fileName, folder) {
            folder.createFileAsync(fileName).then(
                function (newFile) {
                    Windows.Security.EnterpriseData.
                        FileRevocationManager.getStatusAsync(newFile).then(
                            function (status) {
                                if (status != Windows.Security.EnterpriseData.
                                        FileProtectionStatus.Protected) {
                                    protectItem(newFile, enterpriseIdentity);
                                }
                            });
                },
                function (err) {
                    // Handle error. For example, file already exists.
                });
        }
    
        function protectItem(item, enterpriseIdentity) {
            Windows.Security.EnterpriseData.FileRevocationManager.
                protectAsync(item, enterpriseIdentity).then(
                    function (status) {
                        return status;
                    });
        }
        //</Snippet_Protect_JS>
    
        //<Snippet_GetStatus_JS>
        function getFileContents(filePath) {
            var stream;
            var file;
    
            Windows.Storage.StorageFile.getFileFromPathAsync(filePath).then(
                function (f) {
                    file = f;
                    file.openReadAsync().then(
                        function (s) {
                            stream = s;
                            return stream;
                        },
                        function (err) {
                            if (err.number == accessDeniedHResult) {
                                // Delete file if it has been revoked.
                                selectiveWipeCleanup(file);
                            }
                        });
                });
    
            return null;
        }
    
        // Delete items revoked by Selective Wipe.
        function selectiveWipeCleanup(file) {
            Windows.Security.EnterpriseData.FileRevocationManager.
                getStatusAsync(file).then(
                    function (status) {
                        if (status == 
                            Windows.Security.EnterpriseData.FileProtectionStatus.revoked) {
                                file.deleteAsync();
                        }
                });
    
        }
        //</Snippet_GetStatus_JS>
    
        //<Snippet_Revoke_JS>
        function initializeApp(userName) {
            if (getUserStatus(userName) == "Not Found") {
                Windows.Security.EnterpriseData.FileRevocationManager.revoke(enterpriseIdentity);
            }
        }
        //</Snippet_Revoke_JS>
    
        function getUserStatus(userName) {
            return "Not Found";
        }
    
        //<Snippet_CopyProtection_JS>
        function copyFile(file, newFolder) {
            file.copyAsync(newFolder).then(
                function (newFile) {
                    Windows.Security.EnterpriseData.FileRevocationManager.
                        copyProtectionAsync(file, newFile);
                },
                function (err) {
                    // Handle error. For example, copy already exists.
                });
        }
        //</Snippet_CopyProtection_JS>
    
    
        app.start();
    })();
    
    // Add a folder and protect it using Selective Wipe.
    private async Task<StorageFolder> AddFolder(string folderName)
    {
        StorageFolder newFolder = await appRootFolder.LocalFolder.CreateFolderAsync(folderName);
    
        var status = await ProtectItem(newFolder, enterpriseIdentity);
    
        return newFolder;
    }
    
    // Add a file and protect it using Selective Wipe.
    private async Task<StorageFile> AddFile(string fileName, StorageFolder folder)
    {
        StorageFile newFile = await folder.CreateFileAsync(fileName);
    
        var status = 
            await Windows.Security.EnterpriseData.FileRevocationManager.
                GetStatusAsync(newFile);
    
        if (status != Windows.Security.EnterpriseData.FileProtectionStatus.Protected)
        {
            status = await ProtectItem(newFile, enterpriseIdentity);
        }
    
        return newFile;
    }
    
    private async Task<Windows.Security.EnterpriseData.FileProtectionStatus> 
        ProtectItem(IStorageItem item, string enterpriseIdentity)
    {
        var status = 
            await Windows.Security.EnterpriseData.FileRevocationManager.
                ProtectAsync(item, enterpriseIdentity);
    
        return status;
    }
    
    // For an introduction to the Blank template, see the following documentation:
    // http://go.microsoft.com/fwlink/?LinkId=232509
    (function () {
        "use strict";
    
        var app = WinJS.Application;
        var activation = Windows.ApplicationModel.Activation;
    
        var testButton;
    
        app.onactivated = function (args) {
            if (args.detail.kind === activation.ActivationKind.launch) {
                if (args.detail.previousExecutionState !== activation.ApplicationExecutionState.terminated) {
                    // TODO: This application has been newly launched. Initialize
                    // your application here.
                } else {
                    // TODO: This application has been reactivated from suspension.
                    // Restore application state here.
                }
    
                testButton = document.getElementById("TestButton");
                testButton.addEventListener("click", testButtonClick, false);
                //addFolder("NewFolder1");
                Windows.Storage.StorageFolder.getFolderFromPathAsync(appRootFolder.localFolder.path + "\\NewFolder1").then(
                    function (folder) {
                        protectItem(folder, enterpriseIdentity);
                        var status;
                        Windows.Security.EnterpriseData.FileRevocationManager.getStatusAsync(folder).then(
                            function (s) {
                                status = s;
                            });
                        addFile("NewFile1.txt", folder);
                    });
    
                args.setPromise(WinJS.UI.processAll());
            }
        }
    
        app.oncheckpoint = function (args) {
            // TODO: This application is about to be suspended. Save any state
            // that needs to persist across suspensions here. You might use the
            // WinJS.Application.sessionState object, which is automatically
            // saved and restored across suspension. If you need to complete an
            // asynchronous operation before your application is suspended, call
            // args.setPromise().
        };
    
        function testButtonClick() {
            initializeApp("testuser");
            Windows.Storage.StorageFile.getFileFromPathAsync(appRootFolder.localFolder.path + "\\NewFolder1\\NewFile1.txt").then(
                    function (file) {
                        getFileContents(file.path);
                    });
        }
    
        //<Snippet_Global_JS>
        var appRootFolder = Windows.Storage.ApplicationData.current;
        var enterpriseIdentity = "example.com";
        var accessDeniedHResult = -2147024891;  // Access Denied (0x80070005)
        //</Snippet_Global_JS>
    
        //<Snippet_Protect_JS>
        // Add a folder and protect it using Selective Wipe.
        function addFolder(folderName) {
            appRootFolder.localFolder.createFolderAsync(folderName).then(
                function (newFolder) {
                    protectItem(newFolder);
                });
        }
    
        // Add a file and protect it using Selective Wipe.
        function addFile(fileName, folder) {
            folder.createFileAsync(fileName).then(
                function (newFile) {
                    Windows.Security.EnterpriseData.
                        FileRevocationManager.getStatusAsync(newFile).then(
                            function (status) {
                                if (status != Windows.Security.EnterpriseData.
                                        FileProtectionStatus.Protected) {
                                    protectItem(newFile, enterpriseIdentity);
                                }
                            });
                },
                function (err) {
                    // Handle error. For example, file already exists.
                });
        }
    
        function protectItem(item, enterpriseIdentity) {
            Windows.Security.EnterpriseData.FileRevocationManager.
                protectAsync(item, enterpriseIdentity).then(
                    function (status) {
                        return status;
                    });
        }
        //</Snippet_Protect_JS>
    
        //<Snippet_GetStatus_JS>
        function getFileContents(filePath) {
            var stream;
            var file;
    
            Windows.Storage.StorageFile.getFileFromPathAsync(filePath).then(
                function (f) {
                    file = f;
                    file.openReadAsync().then(
                        function (s) {
                            stream = s;
                            return stream;
                        },
                        function (err) {
                            if (err.number == accessDeniedHResult) {
                                // Delete file if it has been revoked.
                                selectiveWipeCleanup(file);
                            }
                        });
                });
    
            return null;
        }
    
        // Delete items revoked by Selective Wipe.
        function selectiveWipeCleanup(file) {
            Windows.Security.EnterpriseData.FileRevocationManager.
                getStatusAsync(file).then(
                    function (status) {
                        if (status == 
                            Windows.Security.EnterpriseData.FileProtectionStatus.revoked) {
                                file.deleteAsync();
                        }
                });
    
        }
        //</Snippet_GetStatus_JS>
    
        //<Snippet_Revoke_JS>
        function initializeApp(userName) {
            if (getUserStatus(userName) == "Not Found") {
                Windows.Security.EnterpriseData.FileRevocationManager.revoke(enterpriseIdentity);
            }
        }
        //</Snippet_Revoke_JS>
    
        function getUserStatus(userName) {
            return "Not Found";
        }
    
        //<Snippet_CopyProtection_JS>
        function copyFile(file, newFolder) {
            file.copyAsync(newFolder).then(
                function (newFile) {
                    Windows.Security.EnterpriseData.FileRevocationManager.
                        copyProtectionAsync(file, newFile);
                },
                function (err) {
                    // Handle error. For example, copy already exists.
                });
        }
        //</Snippet_CopyProtection_JS>
    
    
        app.start();
    })();
    
    var appRootFolder = Windows.Storage.ApplicationData.current;
    var enterpriseIdentity = "example.com";
    var accessDeniedHResult = -2147024891;  // Access Denied (0x80070005)
    
    // Add a folder and protect it using Selective Wipe.
    function addFolder(folderName) {
        appRootFolder.localFolder.createFolderAsync(folderName).then(
            function (newFolder) {
                protectItem(newFolder);
            });
    }
    
    // Add a file and protect it using Selective Wipe.
    function addFile(fileName, folder) {
        folder.createFileAsync(fileName).then(
            function (newFile) {
                Windows.Security.EnterpriseData.
                    FileRevocationManager.getStatusAsync(newFile).then(
                        function (status) {
                            if (status != Windows.Security.EnterpriseData.
                                    FileProtectionStatus.Protected) {
                                protectItem(newFile, enterpriseIdentity);
                            }
                        });
            },
            function (err) {
                // Handle error. For example, file already exists.
            });
    }
    
    function protectItem(item, enterpriseIdentity) {
        Windows.Security.EnterpriseData.FileRevocationManager.
            protectAsync(item, enterpriseIdentity).then(
                function (status) {
                    return status;
                });
    }
    

    The ProtectAsync(Windows.Storage.IStorageItem,System.String) method requires exclusive access to the file or folder being encrypted, and will fail if another process is using has a handle open to the file or folder.

  • Revoke(System.String)
    Revoke(System.String)
    Revoke(System.String)
    Revoke(System.String)
    Note

    FileRevocationManager may be unavailable for releases after Windows 10. Instead, use FileProtectionManager.

    Note

    Windows Information Protection (WIP) policy cannot be applied on Windows 10, version 1511 (build 10586) or earlier.

    Revokes all files and folders protected for selective wipe for a specified enterprise id.

    public static void Revoke(System.String enterpriseIdentity)public static void Revoke(System.String enterpriseIdentity)Public Static Function Revoke(enterpriseIdentity As System.String) As void

    Parameters

    • enterpriseIdentity
      System.String
      System.String
      System.String
      System.String

      Revoke all files and folders protected by selective wipe for this enterprise id. The enterpriseIdentity value must be formatted as an Internationalized Domain Name (IDN) and cannot contain spaces. For example, contoso.com.

    Remarks

    When your app determines that a user is no longer valid, you can quickly revoke access to all of the files and folders protected for an enterprise identity using the Revoke(System.String) method, as shown in the following example. The file is not deleted by the Revoke(System.String) method. The Revoke(System.String) method puts the file into state where it cannot be accessed. You can add code to your app to delete a file that is inaccessible and has been revoked.

Device family

Windows Desktop Extension SDK (introduced v10.0.10240.0)
Windows Mobile Extension SDK (introduced v10.0.10240.0)

API contract

Windows.Security.EnterpriseData.EnterpriseDataContract (introduced v1)

Attributes

Windows.Foundation.Metadata.DeprecatedAttribute
Windows.Foundation.Metadata.MarshalingBehaviorAttribute
Windows.Foundation.Metadata.ThreadingAttribute
Windows.Foundation.Metadata.ContractVersionAttribute
Windows.Foundation.Metadata.DualApiPartitionAttribute
Windows.Foundation.Metadata.StaticAttribute

Details

Assembly

Windows.Security.EnterpriseData.dll