permit a role to edit a page

Posted by Community Admin on 03-Aug-2018 23:26

permit a role to edit a page

All Replies

Posted by Community Admin on 31-Jan-2011 00:00
I need to programmatically give a role edit, create, and modify permissions for a specific page.

Can you please send me or direct me to some sample code that does this?

Thanks
Posted by Community Admin on 01-Feb-2011 00:00
Hello Phil,

Please take a look at Secured Object - extensions

Regards,
Ivan Dimitrov
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
Posted by Community Admin on 01-Feb-2011 00:00
Thanks.  I am working my way through that sample code.  I am having trouble though with this line
// assumed to be instantiated
    IManager manager;

I guess I don't know the object model well enough to know how to instantiate the proper object.  I am trying the following, but it doesn't like the string I have in there "IManager"  (I didn't think it would.)
IManager manager = ManagerBase.GetManager("IManager");

How do I properly instantiate the manager object that the code wants?

Thanks
Posted by Community Admin on 02-Feb-2011 00:00
Hi Phil,

Here is  a sample code that sets permission - ChangePermissions  for a page with title "PermissionsTest".

var pageManager = PageManager.GetManager();
var page = pageManager.GetPageNodes().Where(p => p.Title == "PermissionsTest").SingleOrDefault();
Permission perm = pageManager.CreatePermission(SecurityConstants.Sets.Pages.SetName, page.Id, SecurityManager.GetCurrentUserId());
perm.GrantActions(false, SecurityConstants.Sets.Pages.ChangePermissions);
page.Permissions.Add(perm);
pageManager.SaveChanges();


Best wishes,
Ivan Dimitrov
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
Posted by Community Admin on 02-Feb-2011 00:00
Thanks for the code.  I got a version of it running w o error (see box. I am giving permissions to a role) but I am not able to see that my role has the permissions that I give it anywhere in the SF gui.  I have looked at the following screens:
 - click Administration/ Roles/ click Permissions for the role
 - click Pages, then, for the page, click Actions/ Permissions

Please tell me where I can see my changes in the gui.  Maybe I have to do more in the code first(?)
        var myPageManager = PageManager.GetManager();
        var fluent = App.WorkWith();
        var pgFacade = fluent.Page(); //
// I have verified that this guid gets the page that I want
        var pG = new Guid("6DF1E778-A011-4DF1-8B2E-9CD59D2686E2");
// I get a PageNode, just like your code snippet gets
        PageNode pn = pgFacade.PageManager.GetPageNodes()
            .Where(p => p.Id == pG).FirstOrDefault();
 
        var rm = RoleManager.GetManager();
        var objRole = rm.GetRole("theRole");
 
        string sn = SecurityConstants.Sets.Pages.SetName;
        var thePermission = myPageManager.CreatePermission(sn, pn.Id, objRole.Id );
        thePermission.GrantActions(false, SecurityConstants.Sets.Pages.Modify);
 
        pn.Permissions.Add(thePermission);
        myPageManager.SaveChanges();
 
Posted by Community Admin on 07-Feb-2011 00:00
Hi Phil, There are a few minor issues with the code you published. I'm attaching a fixed revision of it with some remarks:

  1. Note that in your code you use 2 different instances of PageManger. The first you get into a local variable called myPageManager, and the second is used through the fluent API (Page facade) like so: App.WorkWith().Page().PageManager
    Since the fluent API works with its own transaction scope, changes that you make in objects retrieved through it will not be saved when you call SaveChanges on a different instance of the PageManager.

    In my code I've omitted the usage of the fluent API, and I use just your instance of myPageManager (see lines 06-07 in my code).

  2. If you add or change permissions attached to a specific secured object while the object inherits permissions from its parent (pages inherit permissions from each other in hierarchy), those permissions have no effect (since the parent permissions are the effective one).
    Through the UI there's an option to "Break the inheritance" in a click of a button. Through the API there's an option to do it through the manager. (See lines 12-13 in my code).

  3. Another thing to note is that a permission can be attached to a secured object only once. Duplicate permissions would cause an exception on the server side. Thus, it may be useful to first check whether the permission exists (lines 18-22 in my code), and only if it does not, create it and attach it.
    Permissions differ from each other by the 3 parameters which construct it: the permission set name, the id of the secured object and the id of the related principal (either user or role).
    Once the permission is found (or created and added), the action is granted (line 30) and the changes are saved (line 31).

01.var myPageManager = PageManager.GetManager();
02. 
03.// I have verified that this guid gets the page that I want
04.var pG = new Guid("6DF1E778-A011-4DF1-8B2E-9CD59D2686E2");
05.// I get a PageNode, just like your code snippet gets
06.PageNode pn = myPageManager.GetPageNodes()
07.    .Where(p => p.Id == pG).FirstOrDefault();
08. 
09.var rm = RoleManager.GetManager();
10.var objRole = rm.GetRole("theRole");
11. 
12.if(pn.InheritsPermissions)
13.    myPageManager.BreakPermiossionsInheritance(pn);
14.             
15.string sn = SecurityConstants.Sets.Pages.SetName;
16.Guid pageNodeId = pn.Id;
17.Guid principalId = objRole.Id;
18.Permission thePermission = pn.Permissions.Where(p =>
19.                p.SetName == sn &&
20.                p.ObjectId == pageNodeId &&
21.                p.PrincipalId == principalId).FirstOrDefault();
22.if (thePermission == null)
23.
24.    thePermission = myPageManager.CreatePermission(
25.            sn,
26.            pageNodeId,
27.            principalId);
28.    pn.Permissions.Add(thePermission);
29.
30.thePermission.GrantActions(false, SecurityConstants.Sets.Pages.Modify);
31.myPageManager.SaveChanges();




Greetings,
Alon Rotem
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
Posted by Community Admin on 07-Feb-2011 00:00
Thank you.  Your comments were very thorough and helpful.  I am gettin an error though:

Cannot insert duplicate key row in object 'dbo.sf_permissions' with unique index 'idx_sf_permissions'.

at the line:    myPageManager.SaveChanges();     When I look in the SF web app gui for the permission I dont see it.  I go to the Pages list and, for the page I am targeting, I click Actions/ Permissions.  And I see only premissions for Administrators. 

One section of code seems odd to me:  When we check to see if the permission exists we are using

SecurityConstants.Sets.Pages.SetName;

but when we use the GrantActions() method we use SecurityConstants.Sets.Pages.Modify  Is that correct?

Can you give me some ideas regarding why I am getting the error?
Posted by Community Admin on 10-Feb-2011 00:00

2nd request.

- should I be able to see the permissions that this code creates, somewhere in the SF web app gui?
       - if so, Where?
       - if not,
                  - what coding would I use to set permissions that allow a role to modify a page.  And these permission show up in the SF gui at:  Pages List/ click Actions for the page/ click Permissions.  (see attached pictures)

Posted by Community Admin on 11-Feb-2011 00:00
Hi Phil,

It seems the error you are getting is because this permission has been already added to the database and you need to check if this permission is exists before adding it .

You can accomplish that by using the GetPermission method of the manager in a fashion similar to the CreatePermission used in the last snippet we sent you below. Basically what you need to do, is to create a logic that checks if such a permission does not exists, and then creating it; otherwise the permission stays attached and you will continue get this exception.

Yes, you should be able to see the permissions that this code creates in the Sitefinity GUI.

Greetings,
George
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
Posted by Community Admin on 11-Feb-2011 00:00
Hi Phil,

Below is  a sample that will help you to check the existing permissions

var page  = //get the page here
var roleId = SecurityManager.ApplicationRoles["Everyone"].Id;
Telerik.Sitefinity.Security.Model.Permission permissionForEveryone = page.GetActivePermissions().Where(p => p.PrincipalId == roleId && p.ObjectId == page.Id && p.SetName == SecurityConstants.Sets.Pages.SetName).FirstOrDefault();
if(permissionForEveryone == null)
    permissionForEveryone = manager.CreatePermission(SecurityConstants.Sets.Pages.SetName, page.Id, roleId);
    page.Permissions.Add(permissionForEveryone);
permissionForEveryone.GrantActions(true, SecurityConstants.Sets.Pages.View);
manager.SaveChanges();


Kind regards,
Ivan Dimitrov
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
Posted by Community Admin on 15-Feb-2011 00:00
_
Posted by Community Admin on 18-Apr-2011 00:00
Hi.  I'm baaack. :-)

I am giving a role, CreatePage permissions (using code you supplied me in this thread), but users in that role cannot execute the PageFacade.Duplicate() method.  What permissions do I give a role programatically so that they can run code which executes the PageFacade.Duplicate() method?

The error I am getting is simply:   You have no permissions to create pages

Below is the code where I give the role the permissions.  Toward the bottom you will see
thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Create);
I thought that would do what I need, but it doesnt.

IDEA:  below you will see a variable "pn"    Does that have to be the page that I am Duplicating?  In the code below it is not.

foreach (string roleName in listRoleNames)
    var rm = RoleManager.GetManager();
    var objRole = rm.GetRole(roleName);
  
    #region _  get the permission set  _
  
    string sn = SecurityConstants.Sets.Pages.SetName; 
    Guid pageNodeId = pn.Id;
  
    Guid principalId = objRole.Id;
    Permission thePermission = pn.Permissions.Where(p =>
p.SetName == sn &&
p.ObjectId == pageNodeId &&
p.PrincipalId == principalId).FirstOrDefault();
    if (thePermission == null)
    
        thePermission = sfPageManager.CreatePermission(sn, pageNodeId, principalId);
        pn.Permissions.Add(thePermission);
        sfPageManager.SaveChanges();
    
  
    #endregion
  
    #region _  grant the actions to the permission  _
  
    thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Modify);
    thePermission.GrantActions(true, SecurityConstants.Sets.Pages.EditContent);
    thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Create);
    thePermission.GrantActions(true, SecurityConstants.Sets.Pages.CreateChildControls);
    thePermission.GrantActions(true, SecurityConstants.Sets.Pages.View);
    thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Delete);
  
    #endregion
  
    sfPageManager.SaveChanges();
 
Posted by Community Admin on 22-Apr-2011 00:00
Hi Phil,

Duplicate method is related to setting the parent and changing the permissions. This is not simply create right. You should have permissions to set the owner and change the permissions.

Kind regards,
Ivan Dimitrov
the Telerik team

Posted by Community Admin on 22-Apr-2011 00:00
I think I understand.  Is this correct:

The user that is running code which executes the PageFacade.Duplicate() method must have permissions to set the owner and change permissions.   

Posted by Community Admin on 25-Apr-2011 00:00
Hi Phil,

Yes, because this is what Duplicate method does. Try granting the user with these permissions and let me know if there are still issues.

Greetings,
Ivan Dimitrov
the Telerik team

This thread is closed