permit a role to edit a page

I need to programmatically give a role edit, create, and modify permissions for a specific page.

Can you please send me or direct me to some sample code that does this?

Thanks

Hello Phil,

Please take a look at Secured Object - extensions

Regards,
Ivan Dimitrov
the Telerik team

Thanks.  I am working my way through that sample code.  I am having trouble though with this line

Hi Phil,

Here is  a sample code that sets permission - ChangePermissions  for a page with title "PermissionsTest".

Thanks for the code.  I got a version of it running w o error (see box. I am giving permissions to a role) but I am not able to see that my role has the permissions that I give it anywhere in the SF gui.  I have looked at the following screens:
 - click Administration/ Roles/ click Permissions for the role
 - click Pages, then, for the page, click Actions/ Permissions

Please tell me where I can see my changes in the gui.  Maybe I have to do more in the code first(?)

Hi Phil, There are a few minor issues with the code you published. I'm attaching a fixed revision of it with some remarks:

1. Note that in your code you use 2 different instances of PageManger. The first you get into a local variable called myPageManager, and the second is used through the fluent API (Page facade) like so: App.WorkWith().Page().PageManager
   Since the fluent API works with its own transaction scope, changes that you make in objects retrieved through it will not be saved when you call SaveChanges on a different instance of the PageManager.
   
   In my code I've omitted the usage of the fluent API, and I use just your instance of myPageManager (see lines 06-07 in my code).
   
   
2. If you add or change permissions attached to a specific secured object while the object inherits permissions from its parent (pages inherit permissions from each other in hierarchy), those permissions have no effect (since the parent permissions are the effective one).
   Through the UI there's an option to "Break the inheritance" in a click of a button. Through the API there's an option to do it through the manager. (See lines 12-13 in my code).
   
   
3. Another thing to note is that a permission can be attached to a secured object only once. Duplicate permissions would cause an exception on the server side. Thus, it may be useful to first check whether the permission exists (lines 18-22 in my code), and only if it does not, create it and attach it.
   Permissions differ from each other by the 3 parameters which construct it: the permission set name, the id of the secured object and the id of the related principal (either user or role).
   Once the permission is found (or created and added), the action is granted (line 30) and the changes are saved (line 31).

Thank you.  Your comments were very thorough and helpful.  I am gettin an error though:

Cannot insert duplicate key row in object 'dbo.sf_permissions' with unique index 'idx_sf_permissions'.

SecurityConstants.Sets.Pages.SetName;

2nd request.

- should I be able to see the permissions that this code creates, somewhere in the SF web app gui?
       - if so, Where?
       - if not,
                  - what coding would I use to set permissions that allow a role to modify a page.  And these permission show up in the SF gui at:  Pages List/ click Actions for the page/ click Permissions.  (see attached pictures)

Hi Phil,

It seems the error you are getting is because this permission has been already added to the database and you need to check if this permission is exists before adding it .

You can accomplish that by using the GetPermission method of the manager in a fashion similar to the CreatePermission used in the last snippet we sent you below. Basically what you need to do, is to create a logic that checks if such a permission does not exists, and then creating it; otherwise the permission stays attached and you will continue get this exception.

Yes, you should be able to see the permissions that this code creates in the Sitefinity GUI.

Greetings,
George
the Telerik team

Hi Phil,

Below is  a sample that will help you to check the existing permissions

_

Hi.  I'm baaack. :-)

I am giving a role, CreatePage permissions (using code you supplied me in this thread), but users in that role cannot execute the PageFacade.Duplicate() method.  What permissions do I give a role programatically so that they can run code which executes the PageFacade.Duplicate() method?

The error I am getting is simply:   You have no permissions to create pages

Below is the code where I give the role the permissions.  Toward the bottom you will see
thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Create);
I thought that would do what I need, but it doesnt.

IDEA:  below you will see a variable "pn"    Does that have to be the page that I am Duplicating?  In the code below it is not.

Hi Phil,

Duplicate method is related to setting the parent and changing the permissions. This is not simply create right. You should have permissions to set the owner and change the permissions.

Kind regards,
Ivan Dimitrov
the Telerik team

I think I understand.  Is this correct:

The user that is running code which executes the PageFacade.Duplicate() method must have permissions to set the owner and change permissions.   

Hi Phil,

Yes, because this is what Duplicate method does. Try granting the user with these permissions and let me know if there are still issues.

Greetings,
Ivan Dimitrov
the Telerik team