delete_filter_rule Method
Deletes a particular standard filter rule or access rule.
Syntax
def delete_filter_rule(mask: str, access_flags: int, control_flags: int) -> bool: ...
Remarks
This method deletes the specified AccessFlags and/or ControlFlags from the standard filter rule and/or access rule identified by Mask. If the aforementioned parameters include all flags currently present in the rule, then the entire rule is deleted; otherwise, the specified flags are simply removed from the rule.
If the flags and/or rule are deleted successfully, this method returns True; otherwise, it returns False.
The Mask parameter must be the registry key mask of an existing rule. If a rule with the specified mask cannot be found, this method will fail.
The AccessFlags parameter specifies which access restrictions should be removed from the rule. The value passed for this parameter should be constructed by OR'ing together zero or more of the following flags:
ACCESS_NONE | 0x00 | No access restrictions. |
ACCESS_READ_ONLY | 0x01 | Read-only access; writing and deleting is prohibited. |
ACCESS_WRITE_ONLY | 0x02 | Write-only access; reading and deleting is prohibited. |
ACCESS_DELETE_PROTECT | 0x04 | Deletion and renaming is prohibited. |
ACCESS_EXECUTE_PROTECT | 0x08 | Execution is prohibited. |
ACCESS_NO_CHANGE_DAC | 0x10 | Change of security attributes is prohibited. |
ACCESS_NO_CHANGE_OWNER | 0x20 | Change of owner is prohibited. |
ACCESS_RENAME_PROTECT | 0x40 | Renaming is prohibited. |
ACCESS_DELETE_ONLY_PROTECT | 0x80 | Deletion is prohibited (renaming is not affected). |
ACCESS_REMOTE_ACCESS_PROTECT | 0x100 | Access from other systems is prohibited. |
ACCESS_DENY_ALL | 0x200 | All access is denied. |
ACCESS_ALL_FLAGS | -1 | Used to denote all currently set access restriction flags. |
The ControlFlags parameter specifies which Control Event flags should be removed from the rule. The value passed for this parameter should be constructed by OR'ing together zero or more of the following flags:
REG_CE_NONE | 0 | Don't fire for any registry operations.
Control Events will not fire for any registry operations. |
REG_CE_BEFORE_CREATE_KEY | 0x00000001L | Fire before registry key creation operations.
The on_before_create_key event will fire anytime the OS attempts to create a registry key. |
REG_CE_AFTER_CREATE_KEY | 0x00000002L | Fire after registry key creation operations.
The on_after_create_key event will fire after a registry key creation request has been processed, before the response is returned. |
REG_CE_BEFORE_OPEN_KEY | 0x00000004L | Fire before registry key open operations.
The on_before_open_key event will fire anytime the OS attempts to open a registry key. |
REG_CE_AFTER_OPEN_KEY | 0x00000008L | Fire after registry key open operations.
The on_after_open_key event will fire after a registry key open request has been processed, before the response is returned. |
REG_CE_BEFORE_CLOSE_KEY | 0x00000010L | Fire before registry key close operations.
The on_before_close_key event will fire anytime the OS closes a registry key. |
REG_CE_AFTER_CLOSE_KEY | 0x00000020L | Fire after registry key close operations.
The on_after_close_key event will fire after a registry key close request has been processed, before the response is returned. |
REG_CE_BEFORE_DELETE_KEY | 0x00000040L | Fire before registry key delete operations.
The on_before_delete_key event will fire anytime the OS attempts to delete a registry key. |
REG_CE_AFTER_DELETE_KEY | 0x00000080L | Fire after registry key delete operations.
The on_after_delete_key event will fire after a registry key delete request has been processed, before the response is returned. |
REG_CE_BEFORE_RENAME_KEY | 0x00000100L | Fire before registry key rename operations.
The on_before_rename_key event will fire anytime the OS attempts to rename a registry key. |
REG_CE_AFTER_RENAME_KEY | 0x00000200L | Fire after registry key rename operations.
The on_after_rename_key event will fire after a registry key rename request has been processed, before the response is returned. |
REG_CE_BEFORE_ENUM_KEY | 0x00000400L | Fire before subkey enumeration operations.
The on_before_enumerate_key event will fire anytime the OS attempts to enumerate a registry key's subkeys. |
REG_CE_AFTER_ENUM_KEY | 0x00000800L | Fire after subkey enumeration operations.
The on_after_enumerate_key event will fire after a subkey enumeration request has been processed, before the response is returned. |
REG_CE_BEFORE_QUERY_KEY | 0x00001000L | Fire before registry key metadata retrieval operations.
The on_before_query_key event will fire anytime the OS attempts to retrieve a registry key's metadata. |
REG_CE_AFTER_QUERY_KEY | 0x00002000L | Fire after registry key metadata retrieval operations.
The on_after_query_key event will fire after a registry key metadata retrieval request has been processed, before the response is returned. |
REG_CE_BEFORE_SET_KEY | 0x00004000L | Fire before registry key metadata update operations.
The on_before_set_key event will fire anytime the OS attempts to a registry key's metadata. |
REG_CE_AFTER_SET_KEY | 0x00008000L | Fire after registry key metadata update operations.
The on_after_set_key event will fire after a registry key metadata update request has been processed, before the response is returned. |
REG_CE_BEFORE_DELETE_VALUE | 0x00010000L | Fire before registry value delete operations.
The on_before_delete_value event will fire anytime the OS attempts to delete a registry value. |
REG_CE_AFTER_DELETE_VALUE | 0x00020000L | Fire after registry value delete operations.
The on_after_delete_value event will fire after a registry value delete request has been processed, before the response is returned. |
REG_CE_BEFORE_ENUM_VALUE | 0x00040000L | Fire before value enumeration operations.
The on_before_enumerate_value event will fire anytime the OS attempts to enumerate a registry key's values. |
REG_CE_AFTER_ENUM_VALUE | 0x00080000L | Fire after value enumeration operations.
The on_after_enumerate_value event will fire after a value enumeration request has been processed, before the response is returned. |
REG_CE_BEFORE_QUERY_VALUE | 0x00100000L | Fire before registry value query operations.
The on_before_query_value event will fire anytime the OS attempts to query a registry value. |
REG_CE_AFTER_QUERY_VALUE | 0x00200000L | Fire after registry value query operations.
The on_after_query_value event will fire after a registry value query request has been processed, before the response is returned. |
REG_CE_BEFORE_SET_VALUE | 0x00400000L | Fire before registry value set/update operations.
The on_before_set_value event will fire anytime the OS attempts to set or update a registry value. |
REG_CE_AFTER_SET_VALUE | 0x00800000L | Fire after registry value set/update operations.
The on_after_set_value event will fire after a registry value set or update request has been processed, before the response is returned. |
REG_CE_ALL | -1 | Fire for all registry operations.
Control Events will fire for all registry operations. |
To delete all standard filter rules and access rules, use the delete_all_filter_rules method instead.
Note: The methods and properties related to rule management are not intended to be used from multiple threads at once. Applications that wish to use said methods and properties from multiple threads are responsible for employing proper thread synchronization techniques to ensure that manipulation and enumeration of the rule lists occurs in a thread-safe manner.