The content you're reading is getting on in years
This post is on the older side and its content may be out of date.
Be sure to visit our blogs homepage for our latest news, updates and information.
SecurityConstants.Sets.Pages.ChangeOwner,
SecurityConstants.Sets.Pages.ChangePermissions,
SecurityConstants.Sets.Pages.Create,
SecurityConstants.Sets.Pages.CreateChildControls,
SecurityConstants.Sets.Pages.Delete,
SecurityConstants.Sets.Pages.EditContent,
SecurityConstants.Sets.Pages.Modify,
SecurityConstants.Sets.Pages.View
#region initialize managers and get items to work with
string
transactionName =
"transact"
+ Guid.NewGuid().ToString();
var pgManager = PageManager.GetManager(
null
, transactionName);
var page = pgManager.GetPageNodes().Where(pn => pn.RootNodeId == SiteInitializer.FrontendRootNodeId && pn.Title == pageTitle).SingleOrDefault();
if
(page ==
null
)
{
this
.statusLabel.Text =
"Unable to find page with the specified title "
;
return
;
}
var uManager = UserManager.GetManager();
var user = uManager.GetUser(userName);
if
(user ==
null
)
{
this
.statusLabel.Text =
"Unable to find user with the specified user name "
;
return
;
}
#endregion
We use the GetManager() overload with transaction name, so we can easily commit the transaction later on in our code.
NOTE: Please note that if you are working with content items (e.g. News, Blogs, etc.) you should retrieve the master item by using the LifecycleDecorator.GetMaster() call, for example:
var newsLive = nManager.GetNewsItems().Where(n => n.Title ==
"TestPerm"
&& n.Status == Telerik.Sitefinity.GenericContent.Model.ContentLifecycleStatus.Master).SingleOrDefault();
or
var newsLive = nManager.GetNewsItems().Where(n => n.Title ==
"TestPerm"
&& n.Status == Telerik.Sitefinity.GenericContent.Model.ContentLifecycleStatus.Live).SingleOrDefault();
NewsItem news = nManager.Lifecycle.GetMaster(newsLive)
as
NewsItem;
Now we're on to the actual part, namely implementing our permissions business logic. Each permission supports multiple grant and deny actions, which we can easily represent with a string[] that is populated with actions from the specific set in SecurityConstants class:
//set the allowed actions for that permission set
var actionsAllowedForUser =
new
string
[] { grantAction };
//set the denied actions for the permission set
var actionsDeniedForUser =
new
string
[] { denyAction };
//break inheritance
if
(page.InheritsPermissions)
pgManager.BreakPermiossionsInheritance(page);
TransactionManager.CommitTransaction(transactionName);
//Check whether such permission already exists, and if not create a new one
var perm = secItem.Permissions
.Where(p =>
p.SetName == permSet &&
p.PrincipalId == user.Id &&
p.ObjectId == page.Id)
.SingleOrDefault();
if
(perm ==
null
)
{
perm = pgManager.GetPermission(permSet, page.Id, user.Id);
if
(perm ==
null
)
{
perm = pgManager.CreatePermission(
permSet,
page.Id,
user.Id);
}
}
pgManager.AddPermissionToObject(page, pgManager, perm, transactionName);
secItem.Permissions.Add(perm);
//Get the permission agan as we're calling FlushTransaction internally
perm = pgManager.GetPermission(permSet, page.Id, user.Id);
//Grant the actions to the permission
perm.GrantActions(
true
, actionsAllowedForUser);
//Deny the actions to the permission
perm.DenyActions(
true
, actionsDeniedForUser);
TransactionManager.CommitTransaction(transactionName);
Boyan Barnev is a Principal Information Developer at Progress. His mission is to demonstrate the unlimited capabilities of Sitefinity CMS via product documentation, SDK samples, and technical blog posts. He has graduated from the American University in Bulgaria and joined Telerik in 2011. Since then Boyan has held various positions in the company, leading the strategy and operation of the Sitefinity CMS Technical support service worldwide.
Let our experts teach you how to use Sitefinity's best-in-class features to deliver compelling digital experiences.
Learn MoreSubscribe to get all the news, info and tutorials you need to build better business apps and sites
Progress collects the Personal Information set out in our Privacy Policy and the Supplemental Privacy notice for residents of California and other US States and uses it for the purposes stated in that policy.
You can also ask us not to share your Personal Information to third parties here: Do Not Sell or Share My Info
We see that you have already chosen to receive marketing materials from us. If you wish to change this at any time you may do so by clicking here.
Thank you for your continued interest in Progress. Based on either your previous activity on our websites or our ongoing relationship, we will keep you updated on our products, solutions, services, company news and events. If you decide that you want to be removed from our mailing lists at any time, you can change your contact preferences by clicking here.