FileRevocationManager.ProtectAsync(IStorageItem, String) Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Note
Starting in July 2022, Microsoft is deprecating Windows Information Protection (WIP) and the APIs that support WIP. Microsoft will continue to support WIP on supported versions of Windows. New versions of Windows won't include new capabilities for WIP, and it won't be supported in future versions of Windows. For more information, see Announcing sunset of Windows Information Protection.
For your data protection needs, Microsoft recommends that you use Microsoft Purview Information Protection and Microsoft Purview Data Loss Prevention. Purview simplifies the configuration set-up and provides an advanced set of capabilities.
Note
FileRevocationManager may be unavailable for releases after Windows 10. Instead, use FileProtectionManager.
Protects a file or folder for selective wipe.
public:
static IAsyncOperation<FileProtectionStatus> ^ ProtectAsync(IStorageItem ^ storageItem, Platform::String ^ enterpriseIdentity);
/// [Windows.Foundation.Metadata.Deprecated("FileRevocationManager might be unavailable after Windows 10. Instead, use FileProtectionManager.", Windows.Foundation.Metadata.DeprecationType.Deprecate, 65536, Windows.Security.EnterpriseData.EnterpriseDataContract)]
/// [Windows.Foundation.Metadata.RemoteAsync]
static IAsyncOperation<FileProtectionStatus> ProtectAsync(IStorageItem const& storageItem, winrt::hstring const& enterpriseIdentity);
/// [Windows.Foundation.Metadata.RemoteAsync]
/// [Windows.Foundation.Metadata.Deprecated("FileRevocationManager might be unavailable after Windows 10. Instead, use FileProtectionManager.", Windows.Foundation.Metadata.DeprecationType.Deprecate, 65536, "Windows.Security.EnterpriseData.EnterpriseDataContract")]
static IAsyncOperation<FileProtectionStatus> ProtectAsync(IStorageItem const& storageItem, winrt::hstring const& enterpriseIdentity);
[Windows.Foundation.Metadata.Deprecated("FileRevocationManager might be unavailable after Windows 10. Instead, use FileProtectionManager.", Windows.Foundation.Metadata.DeprecationType.Deprecate, 65536, typeof(Windows.Security.EnterpriseData.EnterpriseDataContract))]
[Windows.Foundation.Metadata.RemoteAsync]
public static IAsyncOperation<FileProtectionStatus> ProtectAsync(IStorageItem storageItem, string enterpriseIdentity);
[Windows.Foundation.Metadata.RemoteAsync]
[Windows.Foundation.Metadata.Deprecated("FileRevocationManager might be unavailable after Windows 10. Instead, use FileProtectionManager.", Windows.Foundation.Metadata.DeprecationType.Deprecate, 65536, "Windows.Security.EnterpriseData.EnterpriseDataContract")]
public static IAsyncOperation<FileProtectionStatus> ProtectAsync(IStorageItem storageItem, string enterpriseIdentity);
function protectAsync(storageItem, enterpriseIdentity)
Public Shared Function ProtectAsync (storageItem As IStorageItem, enterpriseIdentity As String) As IAsyncOperation(Of FileProtectionStatus)
Parameters
- storageItem
- IStorageItem
The file or folder to protect for selective wipe.
- enterpriseIdentity
-
String
Platform::String
winrt::hstring
The enterprise id that the file or folder is protected for. The enterpriseIdentity value must be formatted as an Internationalized Domain Name (IDN) and cannot contain spaces. For example, contoso.com
.
Returns
An asynchronous operation that retrieves the selective wipe protection status for the storageItem.
- Attributes
Remarks
You can use the ProtectAsync method to protect a file or folder using Selective Wipe. This identifies the file as protected for your enterprise identifier, such as "example.com", as shown in the previous code example. If you protect a folder using the ProtectAsync method, then all files in that folder inherit the same protection.
ApplicationData appRootFolder = ApplicationData.Current;
string enterpriseIdentity = "example.com";
int AccessDeniedHResult = -2147024891; // Access Denied (0x80070005)
// Add a folder and protect it using Selective Wipe.
private async Task<StorageFolder> AddFolder(string folderName)
{
StorageFolder newFolder = await appRootFolder.LocalFolder.CreateFolderAsync(folderName);
var status = await ProtectItem(newFolder, enterpriseIdentity);
return newFolder;
}
// Add a file and protect it using Selective Wipe.
private async Task<StorageFile> AddFile(string fileName, StorageFolder folder)
{
StorageFile newFile = await folder.CreateFileAsync(fileName);
var status =
await Windows.Security.EnterpriseData.FileRevocationManager.
GetStatusAsync(newFile);
if (status != Windows.Security.EnterpriseData.FileProtectionStatus.Protected)
{
status = await ProtectItem(newFile, enterpriseIdentity);
}
return newFile;
}
private async Task<Windows.Security.EnterpriseData.FileProtectionStatus>
ProtectItem(IStorageItem item, string enterpriseIdentity)
{
var status =
await Windows.Security.EnterpriseData.FileRevocationManager.
ProtectAsync(item, enterpriseIdentity);
return status;
}
The ProtectAsync method requires exclusive access to the file or folder being encrypted, and will fail if another process is using has a handle open to the file or folder.