permit a role to edit a page
I need to programmatically give a role edit, create, and modify permissions for a specific page.
Can you please send me or direct me to some sample code that does this?
Thanks
Hello Phil,
Please take a look at Secured Object - extensions
Regards,
Ivan Dimitrov
the Telerik team
Thanks. I am working my way through that sample code. I am having trouble though with this line
// assumed to be instantiated
IManager manager;
IManager manager = ManagerBase.GetManager("IManager");
Hi Phil,
Here is a sample code that sets permission - ChangePermissions
for a page with title "PermissionsTest".
var pageManager = PageManager.GetManager();
var page = pageManager.GetPageNodes().Where(p => p.Title ==
"PermissionsTest"
).SingleOrDefault();
Permission perm = pageManager.CreatePermission(SecurityConstants.Sets.Pages.SetName, page.Id, SecurityManager.GetCurrentUserId());
perm.GrantActions(
false
, SecurityConstants.Sets.Pages.ChangePermissions);
page.Permissions.Add(perm);
pageManager.SaveChanges();
Thanks for the code. I got a version of it running w o error (see box. I am giving permissions to a role) but I am not able to see that my role has the permissions that I give it anywhere in the SF gui. I have looked at the following screens:
- click Administration/ Roles/ click Permissions for the role
- click Pages, then, for the page, click Actions/ Permissions
Please tell me where I can see my changes in the gui. Maybe I have to do more in the code first(?)
var myPageManager = PageManager.GetManager();
var fluent = App.WorkWith();
var pgFacade = fluent.Page(); //
// I have verified that this guid gets the page that I want
var pG = new Guid("6DF1E778-A011-4DF1-8B2E-9CD59D2686E2");
// I get a PageNode, just like your code snippet gets
PageNode pn = pgFacade.PageManager.GetPageNodes()
.Where(p => p.Id == pG).FirstOrDefault();
var rm = RoleManager.GetManager();
var objRole = rm.GetRole("theRole");
string sn = SecurityConstants.Sets.Pages.SetName;
var thePermission = myPageManager.CreatePermission(sn, pn.Id, objRole.Id );
thePermission.GrantActions(false, SecurityConstants.Sets.Pages.Modify);
pn.Permissions.Add(thePermission);
myPageManager.SaveChanges();
Hi Phil, There are a few minor issues with the code you published. I'm attaching a fixed revision of it with some remarks:
01.
var myPageManager = PageManager.GetManager();
02.
03.
// I have verified that this guid gets the page that I want
04.
var pG =
new
Guid(
"6DF1E778-A011-4DF1-8B2E-9CD59D2686E2"
);
05.
// I get a PageNode, just like your code snippet gets
06.
PageNode pn = myPageManager.GetPageNodes()
07.
.Where(p => p.Id == pG).FirstOrDefault();
08.
09.
var rm = RoleManager.GetManager();
10.
var objRole = rm.GetRole(
"theRole"
);
11.
12.
if
(pn.InheritsPermissions)
13.
myPageManager.BreakPermiossionsInheritance(pn);
14.
15.
string
sn = SecurityConstants.Sets.Pages.SetName;
16.
Guid pageNodeId = pn.Id;
17.
Guid principalId = objRole.Id;
18.
Permission thePermission = pn.Permissions.Where(p =>
19.
p.SetName == sn &&
20.
p.ObjectId == pageNodeId &&
21.
p.PrincipalId == principalId).FirstOrDefault();
22.
if
(thePermission ==
null
)
23.
24.
thePermission = myPageManager.CreatePermission(
25.
sn,
26.
pageNodeId,
27.
principalId);
28.
pn.Permissions.Add(thePermission);
29.
30.
thePermission.GrantActions(
false
, SecurityConstants.Sets.Pages.Modify);
31.
myPageManager.SaveChanges();
Thank you. Your comments were very thorough and helpful. I am gettin an error though:
SecurityConstants.Sets.Pages.SetName;
SecurityConstants.Sets.Pages.Modify
Is that correct?2nd request.
- should I be able to see the permissions that this code creates, somewhere in the SF web app gui?
- if so, Where?
- if not,
- what coding would I use to set permissions that allow a role to modify a page. And these permission show up in the SF gui at: Pages List/ click Actions for the page/ click Permissions. (see attached pictures)
Hi Phil,
It seems the error you are getting is because this permission has been already added to the database and you need to check if this permission is exists before adding it .
You can accomplish that by using the GetPermission
method of the manager in a fashion similar to the CreatePermission
used in the last snippet we sent you below. Basically what you need to do, is to create a logic that checks if such a permission does not exists, and then creating it; otherwise the permission stays attached and you will continue get this exception.
Yes, you should be able to see the permissions that this code creates in the Sitefinity GUI.
Greetings,
George
the Telerik team
Hi Phil,
Below is a sample that will help you to check the existing permissions
var page =
//get the page here
var roleId = SecurityManager.ApplicationRoles[
"Everyone"
].Id;
Telerik.Sitefinity.Security.Model.Permission permissionForEveryone = page.GetActivePermissions().Where(p => p.PrincipalId == roleId && p.ObjectId == page.Id && p.SetName == SecurityConstants.Sets.Pages.SetName).FirstOrDefault();
if
(permissionForEveryone ==
null
)
permissionForEveryone = manager.CreatePermission(SecurityConstants.Sets.Pages.SetName, page.Id, roleId);
page.Permissions.Add(permissionForEveryone);
permissionForEveryone.GrantActions(
true
, SecurityConstants.Sets.Pages.View);
manager.SaveChanges();
_
Hi. I'm baaack. :-)
I am giving a role, CreatePage permissions (using code you supplied me in this thread), but users in that role cannot execute the PageFacade.Duplicate() method. What permissions do I give a role programatically so that they can run code which executes the PageFacade.Duplicate() method?
The error I am getting is simply: You have no permissions to create pages
Below is the code where I give the role the permissions. Toward the bottom you will see
thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Create);
I thought that would do what I need, but it doesnt.
IDEA: below you will see a variable "pn" Does that have to be the page that I am Duplicating? In the code below it is not.
foreach (string roleName in listRoleNames)
var rm = RoleManager.GetManager();
var objRole = rm.GetRole(roleName);
#region _ get the permission set _
string sn = SecurityConstants.Sets.Pages.SetName;
Guid pageNodeId = pn.Id;
Guid principalId = objRole.Id;
Permission thePermission = pn.Permissions.Where(p =>
p.SetName == sn &&
p.ObjectId == pageNodeId &&
p.PrincipalId == principalId).FirstOrDefault();
if (thePermission == null)
thePermission = sfPageManager.CreatePermission(sn, pageNodeId, principalId);
pn.Permissions.Add(thePermission);
sfPageManager.SaveChanges();
#endregion
#region _ grant the actions to the permission _
thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Modify);
thePermission.GrantActions(true, SecurityConstants.Sets.Pages.EditContent);
thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Create);
thePermission.GrantActions(true, SecurityConstants.Sets.Pages.CreateChildControls);
thePermission.GrantActions(true, SecurityConstants.Sets.Pages.View);
thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Delete);
#endregion
sfPageManager.SaveChanges();
Hi Phil,
Duplicate method is related to setting the parent and changing the permissions. This is not simply create right. You should have permissions to set the owner and change the permissions.
Kind regards,
Ivan Dimitrov
the Telerik team
I think I understand. Is this correct:
The user that is running code which executes the PageFacade.Duplicate() method must have permissions to set the owner and change permissions.
Hi Phil,
Yes, because this is what Duplicate method does. Try granting the user with these permissions and let me know if there are still issues.
Greetings,
Ivan Dimitrov
the Telerik team