Change Document/Image/Video Permissions in code - Front- & Back-End Development - Front- & Back-End Development - Progress Community
 Front- & Back-End Development

Change Document/Image/Video Permissions in code

  • Change Document/Image/Video Permissions in code
  • How can I change a doc/image/video's permission in code?
  • Hi Kristian,

    Here is a sample code that illustrate how to set permissions for Telerik.Sitefinity.Libraries.Model.Image object

    LibrariesManager manager = LibrariesManager.GetManager();
    Telerik.Sitefinity.Security.Model.Permission permissionForEveryone = manager.CreatePermission(SecurityConstants.Sets.Image.SetName, img.Id, new Guid("role id"));
    permissionForEveryone.GrantActions(true, SecurityConstants.Sets.Image.View);
    img.Permissions.Add(permissionForEveryone);
    manager.SaveChanges();

    You can take a look at security articles from our documentation.

    Kind regards,
    Ivan Dimitrov
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.
  • Cool thanks that helps.

    I'm trying to set the permissions so that only one role of my choosing can view them. The code seems to be executing correctly, but when viewing the permissions in the backend pages it still looks like it is when having default permissions.

    However the code must have done something, because when trying set the permissions in the backend to the role i specified in my code i get an error saying return code 0, but checking any other role works ok.

    Do I need to deny everyone first?

    var userManager = UserManager.GetManager("Default");
    userManager.Provider.SuppressSecurityChecks = true;
     
    // Get the current logged in user.
    MembershipUser currentUser = Membership.GetUser();
    string loginName = currentUser.UserName;
     
    var user = userManager.GetUser(loginName);
    userManager.Provider.SuppressSecurityChecks = false;
     
     
    // Get the user's role
    RoleManager roleManager = RoleManager.GetManager(RoleManager.GetDefaultProviderName());
    Role myRole = roleManager.GetRoles().Where(r => r.Name == "MyRole").Single();
     
    // Document
    string albumTitle = "MyAlbum";
    string documentTitle = "DocTitle";
     
    LibrariesManager manager = LibrariesManager.GetManager();
    DocumentLibrary docLibToLocate = manager.GetDocumentLibraries()
        .Where(dL => dL.Title == albumTitle).Single();
     
     
    IQueryable<Document> docToUse = App.WorkWith().DocumentLibrary(docLibToLocate.Id)
        .Documents()
        .Where(d => d.Title == documentTitle).Get();
    Document doc = docToUse.FirstOrDefault();
     
    Permission privatePermission = manager.CreatePermission(
        SecurityConstants.Sets.Document.SetName, doc.Id, myRole.Id);
     
    privatePermission.GrantActions(false, SecurityConstants.Sets.Document.View);
    doc.Permissions.Add(privatePermission);
    manager.SaveChanges();

  • Hi Kristian,

    You have to remove manager.SaveChanges();, because the method is called internally. When you call this method this causes duplicate entries in sf_permissions table. Delete the broken item and re upload it.

    Best wishes,
    Ivan Dimitrov
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.
  • I tried removing the savechanges but still no success, do you need to break inheritance first? I'm somewhat confused because in your first post you call savechanges
  • Hello Kristian,

    Yes, first you need to break the inheritance, because the Image/File inherits permissions from the parent -  Album. You should work only with the master and you should add the permissions only if they are null for the given principal.

    below is a working code

    LibrariesManager manager = LibrariesManager.GetManager();
    var img = manager.GetItems<Telerik.Sitefinity.Libraries.Model.Image>().Where(mg => mg.Title == "pf" && mg.Status == Telerik.Sitefinity.GenericContent.Model.ContentLifecycleStatus.Master).FirstOrDefault();
    manager.BreakPermiossionsInheritance(img);
    var roleId = SecurityManager.ApplicationRoles["Everyone"].Id;
    Telerik.Sitefinity.Security.Model.Permission permissionForEveryone = img.GetActivePermissions().Where(p => p.PrincipalId == roleId && p.ObjectId == img.Id && p.SetName == SecurityConstants.Sets.Image.SetName).FirstOrDefault();
    if (permissionForEveryone == null)
        permissionForEveryone = manager.CreatePermission(SecurityConstants.Sets.Image.SetName, img.Id, roleId);
        img.Permissions.Add(permissionForEveryone);
    permissionForEveryone.GrantActions(true, SecurityConstants.Sets.Image.View);
    manager.SaveChanges();


    All the best,
    Ivan Dimitrov
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.
  • I've tried this and still get the return code 0 on backend pages, but now when trying to click the 'break inheritance' button. When you say master do you mean the document/image must be in draft mode?
    http://www.sitefinity.com/40/help/developer-manual/modules-built-in-modules-api-content-lifecycle.html

    I would think change this in code would show the proper permission settings in the admin pages.
  • Hello Kristian,

    The code below explicitly breaks the inheritance for the content item. You should use ContentLifecycleStatus.Master which is the primary state of an item and always exists. It is not required to have an item in draft mode.

    Greetings,
    Ivan Dimitrov
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.
  • Ok, thanks Ivan. I got your sample working.

    However I have some more requirements, I need to add permissions to a role I have created "MyCustomRole". to apply to a document within a certain library "MyLibrary".

    But when using a RoleManager and IQueryable I receive the error I mentioned. How should I go about retrieving the document and role I need?
  • Hello Kristian,

    I am testing with the following code to get a custom role and there are no errors thrown

    manager.GetRoles().Where(r => r.Name == "CustomRole").FirstOrDefault();

    Try deleting the image/document and upload it again. Then set the permissions.

    Kind regards,
    Ivan Dimitrov
    the Telerik team

    Check out Telerik Trainer, the state of the art learning tool for Telerik products.