DeleteDefaultRule Method
Deletes a particular default rule.
Syntax
public boolean deleteDefaultRule(String mask, int accessFlags, String productGUID);
Remarks
This method deletes the specified AccessFlags from the default rule identified by Mask and associated with the application identified by ProductGUID. If AccessFlags includes all flags currently present in the rule, then the entire rule is deleted; otherwise, the flags specified by AccessFlags are simply removed from the rule.
If the flags and/or rule are deleted successfully, this method returns true; otherwise, it returns false.
The Mask parameter must be the file mask of an existing rule. If a rule with the specified mask cannot be found, this method will fail.
The AccessFlags parameter specifies which access restrictions should be removed from the rule. The value passed for this parameter should be constructed by OR'ing together zero or more of the following flags:
| ACCESS_NONE | 0x00 | No access restrictions. |
| ACCESS_READ_ONLY | 0x01 | Read-only access; writing and deleting is prohibited. |
| ACCESS_WRITE_ONLY | 0x02 | Write-only access; reading and deleting is prohibited. |
| ACCESS_DELETE_PROTECT | 0x04 | Deletion and renaming is prohibited. |
| ACCESS_EXECUTE_PROTECT | 0x08 | Execution is prohibited. |
| ACCESS_NO_CHANGE_DAC | 0x10 | Change of security attributes is prohibited. |
| ACCESS_NO_CHANGE_OWNER | 0x20 | Change of owner is prohibited. |
| ACCESS_RENAME_PROTECT | 0x40 | Renaming is prohibited. |
| ACCESS_DELETE_ONLY_PROTECT | 0x80 | Deletion is prohibited (renaming is not affected). |
| ACCESS_REMOTE_ACCESS_PROTECT | 0x100 | Access from other systems is prohibited. |
| ACCESS_DENY_ALL | 0x200 | All access is denied. |
| ACCESS_ALL_FLAGS | -1 | Used to denote all currently set access restriction flags. |
In most cases, the value passed for the ProductGUID parameter should be the same one that was used to call the Initialize method. Please refer to the AddDefaultRule method's documentation for more information.
This method requires administrative rights to execute successfully. If the user account of the process that calls this method doesn't have such rights, the call will fail with an ERROR_PRIVILEGE_NOT_HELD (0x0522) error. Please refer to the Default Rules topic for more information.
Note: The methods and properties related to rule management are not intended to be used from multiple threads at once. Applications that wish to use said methods and properties from multiple threads (such as, e.g., during the AfterFilterAttachToVolume and AfterFilterDetachFromVolume events) are responsible for employing proper thread synchronization techniques to ensure that manipulation and enumeration of the rule lists occurs in a thread-safe manner.