public void SetRight(string strDatabase, string strItem, string strAccount, string strRights, Sitecore.Security.AccessControl.AccessPermission rightState, Sitecore.Security.AccessControl.PropagationType propagationType, Credentials credentials) { Error.AssertString(strDatabase, "strDatabase", false); Error.AssertString(strItem, "strItem", false); Error.AssertString(strAccount, "strAccount", false); Error.AssertString(strRights, "strRights", false); Login(credentials); Sitecore.Data.Database db = Sitecore.Configuration.Factory.GetDatabase(strDatabase); Sitecore.Data.Items.Item item = db.GetItem(strItem); Sitecore.Security.Accounts.AccountType accountType = Sitecore.Security.Accounts.AccountType.User; if (Sitecore.Security.SecurityUtility.IsRole(strAccount)) { accountType = Sitecore.Security.Accounts.AccountType.Role; } Sitecore.Security.Accounts.Account account = Sitecore.Security.Accounts.Account.FromName(strAccount, accountType); // Always ensure that a minimum of 1 "|" character exists if (strRights.IndexOf("|") == -1) { strRights += '|'; } string[] strRightsList = strRights.Split('|'); for (int t = 0; t < strRightsList.Length; t++) { string strRight = strRightsList[t]; if ((strRight != null) && (strRight != "")) { Sitecore.Security.AccessControl.AccessRight right = Sitecore.Security.AccessControl.AccessRight.FromName(strRight); SetRight(item, account, right, rightState, propagationType); } } }
private void SetRight(Sitecore.Data.Items.Item item, Sitecore.Security.Accounts.Account account, Sitecore.Security.AccessControl.AccessRight right, Sitecore.Security.AccessControl.AccessPermission rightState, Sitecore.Security.AccessControl.PropagationType propagationType) { Sitecore.Security.AccessControl.AccessRuleCollection accessRules = item.Security.GetAccessRules(); if (propagationType == Sitecore.Security.AccessControl.PropagationType.Any) { accessRules.Helper.RemoveExactMatches(account, right); } else { accessRules.Helper.RemoveExactMatches(account, right, propagationType); } if (rightState != Sitecore.Security.AccessControl.AccessPermission.NotSet) { if (propagationType == Sitecore.Security.AccessControl.PropagationType.Any) { accessRules.Helper.AddAccessPermission(account, right, Sitecore.Security.AccessControl.PropagationType.Entity, rightState); accessRules.Helper.AddAccessPermission(account, right, Sitecore.Security.AccessControl.PropagationType.Descendants, rightState); } else { accessRules.Helper.AddAccessPermission(account, right, propagationType, rightState); } } item.Security.SetAccessRules(accessRules); }