Change Document/Image/Video Permissions in code
How can I change a doc/image/video's permission in code?
Hi Kristian,
Here is a sample code that illustrate how to set permissions for Telerik.Sitefinity.Libraries.Model.Image object
LibrariesManager manager = LibrariesManager.GetManager();
Telerik.Sitefinity.Security.Model.Permission permissionForEveryone = manager.CreatePermission(SecurityConstants.Sets.Image.SetName, img.Id,
new
Guid(
"role id"
));
permissionForEveryone.GrantActions(
true
, SecurityConstants.Sets.Image.View);
img.Permissions.Add(permissionForEveryone);
manager.SaveChanges();
Cool thanks that helps.
I'm trying to set the permissions so that only one role of my choosing can view them. The code seems to be executing correctly, but when viewing the permissions in the backend pages it still looks like it is when having default permissions.
However the code must have done something, because when trying set the permissions in the backend to the role i specified in my code i get an error saying return code 0, but checking any other role works ok.
Do I need to deny everyone first?
var userManager = UserManager.GetManager(
"Default"
);
userManager.Provider.SuppressSecurityChecks =
true
;
// Get the current logged in user.
MembershipUser currentUser = Membership.GetUser();
string
loginName = currentUser.UserName;
var user = userManager.GetUser(loginName);
userManager.Provider.SuppressSecurityChecks =
false
;
// Get the user's role
RoleManager roleManager = RoleManager.GetManager(RoleManager.GetDefaultProviderName());
Role myRole = roleManager.GetRoles().Where(r => r.Name ==
"MyRole"
).Single();
// Document
string
albumTitle =
"MyAlbum"
;
string
documentTitle =
"DocTitle"
;
LibrariesManager manager = LibrariesManager.GetManager();
DocumentLibrary docLibToLocate = manager.GetDocumentLibraries()
.Where(dL => dL.Title == albumTitle).Single();
IQueryable<Document> docToUse = App.WorkWith().DocumentLibrary(docLibToLocate.Id)
.Documents()
.Where(d => d.Title == documentTitle).Get();
Document doc = docToUse.FirstOrDefault();
Permission privatePermission = manager.CreatePermission(
SecurityConstants.Sets.Document.SetName, doc.Id, myRole.Id);
privatePermission.GrantActions(
false
, SecurityConstants.Sets.Document.View);
doc.Permissions.Add(privatePermission);
manager.SaveChanges();
Hi Kristian,
You have to remove manager.SaveChanges();
, because the method is called internally. When you call this method this causes duplicate entries in sf_permissions table. Delete the broken item and re upload it.
Best wishes,
Ivan Dimitrov
the Telerik team
I tried removing the savechanges but still no success, do you need to break inheritance first? I'm somewhat confused because in your first post you call savechanges
Hello Kristian,
Yes, first you need to break the inheritance, because the Image/File inherits permissions from the parent - Album. You should work only with the master and you should add the permissions only if they are null for the given principal.
below is a working code
LibrariesManager manager = LibrariesManager.GetManager();
var img = manager.GetItems<Telerik.Sitefinity.Libraries.Model.Image>().Where(mg => mg.Title ==
"pf"
&& mg.Status == Telerik.Sitefinity.GenericContent.Model.ContentLifecycleStatus.Master).FirstOrDefault();
manager.BreakPermiossionsInheritance(img);
var roleId = SecurityManager.ApplicationRoles[
"Everyone"
].Id;
Telerik.Sitefinity.Security.Model.Permission permissionForEveryone = img.GetActivePermissions().Where(p => p.PrincipalId == roleId && p.ObjectId == img.Id && p.SetName == SecurityConstants.Sets.Image.SetName).FirstOrDefault();
if
(permissionForEveryone ==
null
)
permissionForEveryone = manager.CreatePermission(SecurityConstants.Sets.Image.SetName, img.Id, roleId);
img.Permissions.Add(permissionForEveryone);
permissionForEveryone.GrantActions(
true
, SecurityConstants.Sets.Image.View);
manager.SaveChanges();
I've tried this and still get the return code 0 on backend pages, but now when trying to click the 'break inheritance' button. When you say master do you mean the document/image must be in draft mode?
http://www.sitefinity.com/40/help/developer-manual/modules-built-in-modules-api-content-lifecycle.html
I would think change this in code would show the proper permission settings in the admin pages.
Hello Kristian,
The code below explicitly breaks the inheritance for the content item. You should use ContentLifecycleStatus
.Master which is the primary state of an item and always exists. It is not required to have an item in draft mode.
Greetings,
Ivan Dimitrov
the Telerik team
Ok, thanks Ivan. I got your sample working.
However I have some more requirements, I need to add permissions to a role I have created "MyCustomRole". to apply to a document within a certain library "MyLibrary".
But when using a RoleManager and IQueryable I receive the error I mentioned. How should I go about retrieving the document and role I need?
Hello Kristian,
I am testing with the following code to get a custom role and there are no errors thrown
manager.GetRoles().Where(r => r.Name == "CustomRole").FirstOrDefault();
Try deleting the image/document and upload it again. Then set the permissions.
Kind regards,
Ivan Dimitrov
the Telerik team