More in this section

Forums / General Discussions / permit a role to edit a page

permit a role to edit a page

15 posts, 0 answered
  1. Phil
    Phil avatar
    89 posts
    Registered:
    19 Oct 2010
    31 Jan 2011
    Link to this post
    I need to programmatically give a role edit, create, and modify permissions for a specific page.

    Can you please send me or direct me to some sample code that does this?

    Thanks
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    01 Feb 2011
    Link to this post
    Hello Phil,

    Please take a look at Secured Object - extensions

    Regards,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  3. Phil
    Phil avatar
    89 posts
    Registered:
    19 Oct 2010
    01 Feb 2011
    Link to this post
    Thanks.  I am working my way through that sample code.  I am having trouble though with this line
    // assumed to be instantiated
        IManager manager;

    I guess I don't know the object model well enough to know how to instantiate the proper object.  I am trying the following, but it doesn't like the string I have in there "IManager"  (I didn't think it would.)
    IManager manager = ManagerBase.GetManager("IManager");

    How do I properly instantiate the manager object that the code wants?

    Thanks
  4. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    02 Feb 2011
    Link to this post
    Hi Phil,

    Here is  a sample code that sets permission - ChangePermissions  for a page with title "PermissionsTest".

    var pageManager = PageManager.GetManager();
    var page = pageManager.GetPageNodes().Where(p => p.Title == "PermissionsTest").SingleOrDefault();
    Permission perm = pageManager.CreatePermission(SecurityConstants.Sets.Pages.SetName, page.Id, SecurityManager.GetCurrentUserId());
    perm.GrantActions(false, SecurityConstants.Sets.Pages.ChangePermissions);
    page.Permissions.Add(perm);
    pageManager.SaveChanges();


    Best wishes,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  5. Phil
    Phil avatar
    89 posts
    Registered:
    19 Oct 2010
    02 Feb 2011
    Link to this post
    Thanks for the code.  I got a version of it running w o error (see box. I am giving permissions to a role) but I am not able to see that my role has the permissions that I give it anywhere in the SF gui.  I have looked at the following screens:
     - click Administration/ Roles/ click Permissions for the role
     - click Pages, then, for the page, click Actions/ Permissions

    Please tell me where I can see my changes in the gui.  Maybe I have to do more in the code first(?)
            var myPageManager = PageManager.GetManager();
            var fluent = App.WorkWith();
            var pgFacade = fluent.Page(); //
    // I have verified that this guid gets the page that I want
            var pG = new Guid("6DF1E778-A011-4DF1-8B2E-9CD59D2686E2");
    // I get a PageNode, just like your code snippet gets
            PageNode pn = pgFacade.PageManager.GetPageNodes()
                .Where(p => p.Id == pG).FirstOrDefault();
     
            var rm = RoleManager.GetManager();
            var objRole = rm.GetRole("theRole");
     
            string sn = SecurityConstants.Sets.Pages.SetName;
            var thePermission = myPageManager.CreatePermission(sn, pn.Id, objRole.Id );
            thePermission.GrantActions(false, SecurityConstants.Sets.Pages.Modify);
     
            pn.Permissions.Add(thePermission);
            myPageManager.SaveChanges();
     
  6. Alon Rotem
    Alon Rotem avatar
    26 posts
    Registered:
    29 Feb 2016
    07 Feb 2011
    Link to this post
    Hi Phil, There are a few minor issues with the code you published. I'm attaching a fixed revision of it with some remarks:

    1. Note that in your code you use 2 different instances of PageManger. The first you get into a local variable called myPageManager, and the second is used through the fluent API (Page facade) like so: App.WorkWith().Page().PageManager
      Since the fluent API works with its own transaction scope, changes that you make in objects retrieved through it will not be saved when you call SaveChanges on a different instance of the PageManager.

      In my code I've omitted the usage of the fluent API, and I use just your instance of myPageManager (see lines 06-07 in my code).

    2. If you add or change permissions attached to a specific secured object while the object inherits permissions from its parent (pages inherit permissions from each other in hierarchy), those permissions have no effect (since the parent permissions are the effective one).
      Through the UI there's an option to "Break the inheritance" in a click of a button. Through the API there's an option to do it through the manager. (See lines 12-13 in my code).

    3. Another thing to note is that a permission can be attached to a secured object only once. Duplicate permissions would cause an exception on the server side. Thus, it may be useful to first check whether the permission exists (lines 18-22 in my code), and only if it does not, create it and attach it.
      Permissions differ from each other by the 3 parameters which construct it: the permission set name, the id of the secured object and the id of the related principal (either user or role).
      Once the permission is found (or created and added), the action is granted (line 30) and the changes are saved (line 31).

    01.var myPageManager = PageManager.GetManager();
    02. 
    03.// I have verified that this guid gets the page that I want
    04.var pG = new Guid("6DF1E778-A011-4DF1-8B2E-9CD59D2686E2");
    05.// I get a PageNode, just like your code snippet gets
    06.PageNode pn = myPageManager.GetPageNodes()
    07.    .Where(p => p.Id == pG).FirstOrDefault();
    08. 
    09.var rm = RoleManager.GetManager();
    10.var objRole = rm.GetRole("theRole");
    11. 
    12.if(pn.InheritsPermissions)
    13.    myPageManager.BreakPermiossionsInheritance(pn);
    14.             
    15.string sn = SecurityConstants.Sets.Pages.SetName;
    16.Guid pageNodeId = pn.Id;
    17.Guid principalId = objRole.Id;
    18.Permission thePermission = pn.Permissions.Where(p =>
    19.                p.SetName == sn &&
    20.                p.ObjectId == pageNodeId &&
    21.                p.PrincipalId == principalId).FirstOrDefault();
    22.if (thePermission == null)
    23.{
    24.    thePermission = myPageManager.CreatePermission(
    25.            sn,
    26.            pageNodeId,
    27.            principalId);
    28.    pn.Permissions.Add(thePermission);
    29.}
    30.thePermission.GrantActions(false, SecurityConstants.Sets.Pages.Modify);
    31.myPageManager.SaveChanges();




    Greetings,
    Alon Rotem
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  7. Phil
    Phil avatar
    89 posts
    Registered:
    19 Oct 2010
    07 Feb 2011
    Link to this post
    Thank you.  Your comments were very thorough and helpful.  I am gettin an error though:

    Cannot insert duplicate key row in object 'dbo.sf_permissions' with unique index 'idx_sf_permissions'.

    at the line:    myPageManager.SaveChanges();     When I look in the SF web app gui for the permission I dont see it.  I go to the Pages list and, for the page I am targeting, I click Actions/ Permissions.  And I see only premissions for Administrators. 

    One section of code seems odd to me:  When we check to see if the permission exists we are using

    SecurityConstants.Sets.Pages.SetName;

    but when we use the GrantActions() method we use SecurityConstants.Sets.Pages.Modify  Is that correct?

    Can you give me some ideas regarding why I am getting the error?
  8. Phil
    Phil avatar
    89 posts
    Registered:
    19 Oct 2010
    10 Feb 2011
    Link to this post
    2nd request.

    - should I be able to see the permissions that this code creates, somewhere in the SF web app gui?
           - if so, Where?
           - if not,
                      - what coding would I use to set permissions that allow a role to modify a page.  And these permission show up in the SF gui at:  Pages List/ click Actions for the page/ click Permissions.  (see attached pictures)
  9. George
    George avatar
    28 posts
    Registered:
    24 Sep 2012
    11 Feb 2011
    Link to this post
    Hi Phil,

    It seems the error you are getting is because this permission has been already added to the database and you need to check if this permission is exists before adding it .

    You can accomplish that by using the GetPermission method of the manager in a fashion similar to the CreatePermission used in the last snippet we sent you below. Basically what you need to do, is to create a logic that checks if such a permission does not exists, and then creating it; otherwise the permission stays attached and you will continue get this exception.

    Yes, you should be able to see the permissions that this code creates in the Sitefinity GUI.

    Greetings,
    George
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  10. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    11 Feb 2011
    Link to this post
    Hi Phil,

    Below is  a sample that will help you to check the existing permissions

    var page  = //get the page here
    var roleId = SecurityManager.ApplicationRoles["Everyone"].Id;
    Telerik.Sitefinity.Security.Model.Permission permissionForEveryone = page.GetActivePermissions().Where(p => p.PrincipalId == roleId && p.ObjectId == page.Id && p.SetName == SecurityConstants.Sets.Pages.SetName).FirstOrDefault();
    if(permissionForEveryone == null)
    {
        permissionForEveryone = manager.CreatePermission(SecurityConstants.Sets.Pages.SetName, page.Id, roleId);
        page.Permissions.Add(permissionForEveryone);
    }
    permissionForEveryone.GrantActions(true, SecurityConstants.Sets.Pages.View);
    manager.SaveChanges();


    Kind regards,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  11. Phil
    Phil avatar
    89 posts
    Registered:
    19 Oct 2010
    15 Feb 2011
    Link to this post
    _
  12. Phil
    Phil avatar
    89 posts
    Registered:
    19 Oct 2010
    18 Apr 2011
    Link to this post
    Hi.  I'm baaack. :-)

    I am giving a role, CreatePage permissions (using code you supplied me in this thread), but users in that role cannot execute the PageFacade.Duplicate() method.  What permissions do I give a role programatically so that they can run code which executes the PageFacade.Duplicate() method?

    The error I am getting is simply:   You have no permissions to create pages

    Below is the code where I give the role the permissions.  Toward the bottom you will see
    thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Create);
    I thought that would do what I need, but it doesnt.

    IDEA:  below you will see a variable "pn"    Does that have to be the page that I am Duplicating?  In the code below it is not.

    foreach (string roleName in listRoleNames)
    {
        var rm = RoleManager.GetManager();
        var objRole = rm.GetRole(roleName);
      
        #region _  get the permission set  _
      
        string sn = SecurityConstants.Sets.Pages.SetName; 
        Guid pageNodeId = pn.Id;
      
        Guid principalId = objRole.Id;
        Permission thePermission = pn.Permissions.Where(p =>
    p.SetName == sn &&
    p.ObjectId == pageNodeId &&
    p.PrincipalId == principalId).FirstOrDefault();
        if (thePermission == null)
        {
            thePermission = sfPageManager.CreatePermission(sn, pageNodeId, principalId);
            pn.Permissions.Add(thePermission);
            sfPageManager.SaveChanges();
        }
      
        #endregion
      
        #region _  grant the actions to the permission  _
      
        thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Modify);
        thePermission.GrantActions(true, SecurityConstants.Sets.Pages.EditContent);
        thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Create);
        thePermission.GrantActions(true, SecurityConstants.Sets.Pages.CreateChildControls);
        thePermission.GrantActions(true, SecurityConstants.Sets.Pages.View);
        thePermission.GrantActions(true, SecurityConstants.Sets.Pages.Delete);
      
        #endregion
      
        sfPageManager.SaveChanges();
  13. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    22 Apr 2011
    Link to this post
    Hi Phil,

    Duplicate method is related to setting the parent and changing the permissions. This is not simply create right. You should have permissions to set the owner and change the permissions.

    Kind regards,
    Ivan Dimitrov
    the Telerik team

  14. Phil
    Phil avatar
    89 posts
    Registered:
    19 Oct 2010
    22 Apr 2011
    Link to this post
    I think I understand.  Is this correct:

    The user that is running code which executes the PageFacade.Duplicate() method must have permissions to set the owner and change permissions.   

  15. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    25 Apr 2011
    Link to this post
    Hi Phil,

    Yes, because this is what Duplicate method does. Try granting the user with these permissions and let me know if there are still issues.

    Greetings,
    Ivan Dimitrov
    the Telerik team

15 posts, 0 answered