More in this section
Forums / Sitefinity SDK / Change Document/Image/Video Permissions in code

Change Document/Image/Video Permissions in code

The forums are in read-only mode. In case that you want to directly contact the Progress Sitefinity team use the support center. In our Google Plus group you can find more than one thousand Sitefinity developers discussing different topics. For the Stack Overflow threads don’t forget to use the “Sitefinity” tag.
10 posts, 1 answered
  1. Kristian
    Kristian avatar
    214 posts
    Registered:
    03 Jun 2010
    30 Dec 2010
    Link to this post
    How can I change a doc/image/video's permission in code?
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    30 Dec 2010
    Link to this post
    Hi Kristian,

    Here is a sample code that illustrate how to set permissions for Telerik.Sitefinity.Libraries.Model.Image object

    LibrariesManager manager = LibrariesManager.GetManager();
    Telerik.Sitefinity.Security.Model.Permission permissionForEveryone = manager.CreatePermission(SecurityConstants.Sets.Image.SetName, img.Id, new Guid("role id"));
    permissionForEveryone.GrantActions(true, SecurityConstants.Sets.Image.View);
    img.Permissions.Add(permissionForEveryone);
    manager.SaveChanges();

    You can take a look at security articles from our documentation.

    Kind regards,
    Ivan Dimitrov
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.
    3.
  3. Kristian
    Kristian avatar
    214 posts
    Registered:
    03 Jun 2010
    30 Dec 2010
    Link to this post
    Cool thanks that helps.

    I'm trying to set the permissions so that only one role of my choosing can view them. The code seems to be executing correctly, but when viewing the permissions in the backend pages it still looks like it is when having default permissions.

    However the code must have done something, because when trying set the permissions in the backend to the role i specified in my code i get an error saying return code 0, but checking any other role works ok.

    Do I need to deny everyone first?

    var userManager = UserManager.GetManager("Default");
    userManager.Provider.SuppressSecurityChecks = true;
     
    // Get the current logged in user.
    MembershipUser currentUser = Membership.GetUser();
    string loginName = currentUser.UserName;
     
    var user = userManager.GetUser(loginName);
    userManager.Provider.SuppressSecurityChecks = false;
     
     
    // Get the user's role
    RoleManager roleManager = RoleManager.GetManager(RoleManager.GetDefaultProviderName());
    Role myRole = roleManager.GetRoles().Where(r => r.Name == "MyRole").Single();
     
    // Document
    string albumTitle = "MyAlbum";
    string documentTitle = "DocTitle";
     
    LibrariesManager manager = LibrariesManager.GetManager();
    DocumentLibrary docLibToLocate = manager.GetDocumentLibraries()
        .Where(dL => dL.Title == albumTitle).Single();
     
     
    IQueryable<Document> docToUse = App.WorkWith().DocumentLibrary(docLibToLocate.Id)
        .Documents()
        .Where(d => d.Title == documentTitle).Get();
    Document doc = docToUse.FirstOrDefault();
     
    Permission privatePermission = manager.CreatePermission(
        SecurityConstants.Sets.Document.SetName, doc.Id, myRole.Id);
     
    privatePermission.GrantActions(false, SecurityConstants.Sets.Document.View);
    doc.Permissions.Add(privatePermission);
    manager.SaveChanges();

  4. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    31 Dec 2010
    Link to this post
    Hi Kristian,

    You have to remove manager.SaveChanges();, because the method is called internally. When you call this method this causes duplicate entries in sf_permissions table. Delete the broken item and re upload it.

    Best wishes,
    Ivan Dimitrov
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.
  5. Kristian
    Kristian avatar
    214 posts
    Registered:
    03 Jun 2010
    03 Jan 2011
    Link to this post
    I tried removing the savechanges but still no success, do you need to break inheritance first? I'm somewhat confused because in your first post you call savechanges
  6. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    04 Jan 2011
    Link to this post
    Hello Kristian,

    Yes, first you need to break the inheritance, because the Image/File inherits permissions from the parent -  Album. You should work only with the master and you should add the permissions only if they are null for the given principal.

    below is a working code

    LibrariesManager manager = LibrariesManager.GetManager();
    var img = manager.GetItems<Telerik.Sitefinity.Libraries.Model.Image>().Where(mg => mg.Title == "pf" && mg.Status == Telerik.Sitefinity.GenericContent.Model.ContentLifecycleStatus.Master).FirstOrDefault();
    manager.BreakPermiossionsInheritance(img);
    var roleId = SecurityManager.ApplicationRoles["Everyone"].Id;
    Telerik.Sitefinity.Security.Model.Permission permissionForEveryone = img.GetActivePermissions().Where(p => p.PrincipalId == roleId && p.ObjectId == img.Id && p.SetName == SecurityConstants.Sets.Image.SetName).FirstOrDefault();
    if (permissionForEveryone == null)
    {
        permissionForEveryone = manager.CreatePermission(SecurityConstants.Sets.Image.SetName, img.Id, roleId);
        img.Permissions.Add(permissionForEveryone);
    }
    permissionForEveryone.GrantActions(true, SecurityConstants.Sets.Image.View);
    manager.SaveChanges();


    All the best,
    Ivan Dimitrov
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.
  7. Kristian
    Kristian avatar
    214 posts
    Registered:
    03 Jun 2010
    04 Jan 2011
    Link to this post
    I've tried this and still get the return code 0 on backend pages, but now when trying to click the 'break inheritance' button. When you say master do you mean the document/image must be in draft mode?
    http://www.sitefinity.com/40/help/developer-manual/modules-built-in-modules-api-content-lifecycle.html

    I would think change this in code would show the proper permission settings in the admin pages.
  8. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    04 Jan 2011
    Link to this post
    Hello Kristian,

    The code below explicitly breaks the inheritance for the content item. You should use ContentLifecycleStatus.Master which is the primary state of an item and always exists. It is not required to have an item in draft mode.

    Greetings,
    Ivan Dimitrov
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.
  9. Kristian
    Kristian avatar
    214 posts
    Registered:
    03 Jun 2010
    04 Jan 2011
    Link to this post
    Ok, thanks Ivan. I got your sample working.

    However I have some more requirements, I need to add permissions to a role I have created "MyCustomRole". to apply to a document within a certain library "MyLibrary".

    But when using a RoleManager and IQueryable I receive the error I mentioned. How should I go about retrieving the document and role I need?
  10. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    05 Jan 2011
    Link to this post
    Hello Kristian,

    I am testing with the following code to get a custom role and there are no errors thrown

    manager.GetRoles().Where(r => r.Name == "CustomRole").FirstOrDefault();

    Try deleting the image/document and upload it again. Then set the permissions.

    Kind regards,
    Ivan Dimitrov
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.
    Answered
10 posts, 1 answered