Create permission sets

To create a permission set you must perform the following:

Get the configuration manager.
Get an instance of the ConfigManager object.
Get the security configuration section.
To get the section, call the GetSection method of the configuration manager and pass the SecurityConfig type as generic argument.
Get the permissions element of the section.
The permissions element of the section is stored in the Permissions property.
Check if the permission set exists.
Make sure that a permission set with the same name does not exist.
Create new permission set.
To create a new permission set create a new instance of the Telerik.Sitefinity.Security.Configuration.Permission class. In the constructor pass the permissions element of the security section. Set the following properties:
- Name
  Gets or sets the programmatic name of the permission set. When granting or denying permissions, you use this name to access the permission set. The string must not contain any unsafe characters or spaces.
- Title
  Gets or sets the display name of the permission set. The value of this property is displayed in the UI.
- Description
  Gets or sets additional information about the permission set.
- ResourceClassId
  Gets or sets the name of the resource class. If the value is null or empty, the values of the Title and the Description properties are displayed. If there is a resource class assigned, the values of the Title and the Description properties must represent keys to entries in this resource class.
Add the permission set to the section.
To add the permission set to the security configuration section, add the instance to the permissions element.
Create actions.
To create an action in the permission set, you must create an instance of the SecurityAction class. In the constructor pass the permissions element of the security section. Set the following properties:
- Name
  Gets or sets the programmatic name of the action. When granting or denying permissions, you use this name to access the action. The string must not contain any unsafe characters or spaces.
- Type
  Gets or sets the type of the action. The SecurityActionTypes enumeration has the following values:
  - None
  - View
    Grants/denies querying an item.
  - Create
    Grants/denies creating an item.
  - Modify
    Grants/denies modifying an item.
  - Manage
    Grants denies modifying an item and managing its child items, e.g. "manage" a blog grants/denies modifying blog, and creating, deleting, and modifying its posts.
  - Delete
    Grants/denies deleting an item.
  - ChangeOwner
    Grants/denies changing the ownership of an item.
  - ChangePermissions
    Grants/denies changing the permissions of an item.
- Title
  Gets or sets the display name of the action. The value of this property is displayed in the UI.
- Description
  Gets or sets additional information about the action.
- ResourceClassId
  Gets or sets the name of the resource class. If the value is null or empty, the values of the Title and the Description properties are displayed. If there is a resource class assigned, the values of the Title and the Description properties must represent keys to entries in this resource class.
Add the action to the permission set.
To add the action to the permission set, add the instance of the action to the Actions collection of the permissions configuration element.
Save the section.
To save the permission set, you have to save the security configuration section by calling the SaveSection method of the manager and passing the instance of the section as an argument.

Here is a code example: ```C# using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; using Telerik.Sitefinity.Configuration; using Telerik.Sitefinity.Security.Configuration;

namespace Telerik.Sitefinity.Documentation.CodeSnippets.DeepDive.Security.Permissions.CreatingPermissionSets { public partial class PermissionsApiSnippets { public static void CreatePermissionSet(string name, string title, string createActionName, string viewActionName, string modifyActionName, string deleteActionName) { ConfigManager configManager = ConfigManager.GetManager(); SecurityConfig securityConfig = configManager.GetSection();

        ConfigElementDictionary<string, Permission> permissionSetConfig = securityConfig.Permissions;

        if (!permissionSetConfig.ContainsKey(name))
        {
            var permissionSet = new Telerik.Sitefinity.Security.Configuration.Permission(permissionSetConfig)
            {
                Name = name,
                Title = title,
                Description = title,
                ResourceClassId = string.Empty,
            };

            permissionSetConfig.Add(permissionSet);

            //Create action
            SecurityAction createAction = new SecurityAction(permissionSetConfig)
            {
                Name = createActionName,
                Type = SecurityActionTypes.Create,
                Title = createActionName,
                Description = createActionName,
                ResourceClassId = string.Empty,
            };

            permissionSet.Actions.Add(createAction);

            //View action
            SecurityAction viewAction = new SecurityAction(permissionSetConfig)
            {
                Name = viewActionName,
                Type = SecurityActionTypes.View,
                Title = viewActionName,
                Description = viewActionName,
                ResourceClassId = string.Empty,
            };

            permissionSet.Actions.Add(viewAction);

            //Modify action
            SecurityAction modifyAction = new SecurityAction(permissionSetConfig)
            {
                Name = modifyActionName,
                Type = SecurityActionTypes.Modify,
                Title = modifyActionName,
                Description = modifyActionName,
                ResourceClassId = string.Empty,
            };

            permissionSet.Actions.Add(modifyAction);

            //Delete action
            SecurityAction deleteAction = new SecurityAction(permissionSetConfig)
            {
                Name = deleteActionName,
                Type = SecurityActionTypes.Delete,
                Title = deleteActionName,
                Description = deleteActionName,
                ResourceClassId = string.Empty,
            };

            permissionSet.Actions.Add(deleteAction);

            configManager.SaveSection(securityConfig);
        }
    }
}

}

Want to learn more?

Enhance your Sitefinity skills by enrolling in free training sessions. Become Sitefinity certified through Progress Education Community to strengthen your professional credentials.

Get started with Integration Hub | Sitefinity Cloud

This free lesson teaches administrators, marketers, and other business professionals how to use Sitefinity Integration Hub to create automated workflows between Sitefinity and other business systems.

Web Security for Sitefinity Administrators

This free lesson teaches administrators the basics about protecting your Sitefinity instance and your sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.

Foundations of Sitefinity ASP.NET Core Development

The free on-demand video course teaches developers how to use Sitefinity ASP.NET Core and take advantage of its decoupled architecture and modern development model.