public void SetRight(string strDatabase, string strItem, string strAccount, string strRights, Sitecore.Security.AccessControl.AccessPermission rightState, Sitecore.Security.AccessControl.PropagationType propagationType, Credentials credentials)
{
Error.AssertString(strDatabase, "strDatabase", false);
Error.AssertString(strItem, "strItem", false);
Error.AssertString(strAccount, "strAccount", false);
Error.AssertString(strRights, "strRights", false);
Login(credentials);
Sitecore.Data.Database db = Sitecore.Configuration.Factory.GetDatabase(strDatabase);
Sitecore.Data.Items.Item item = db.GetItem(strItem);
Sitecore.Security.Accounts.AccountType accountType = Sitecore.Security.Accounts.AccountType.User;
if (Sitecore.Security.SecurityUtility.IsRole(strAccount))
{
accountType = Sitecore.Security.Accounts.AccountType.Role;
}
Sitecore.Security.Accounts.Account account = Sitecore.Security.Accounts.Account.FromName(strAccount, accountType);
// Always ensure that a minimum of 1 "|" character exists
if (strRights.IndexOf("|") == -1)
{
strRights += '|';
}
string[] strRightsList = strRights.Split('|');
for (int t = 0; t < strRightsList.Length; t++)
{
string strRight = strRightsList[t];
if ((strRight != null) && (strRight != ""))
{
Sitecore.Security.AccessControl.AccessRight right = Sitecore.Security.AccessControl.AccessRight.FromName(strRight);
SetRight(item, account, right, rightState, propagationType);
}
}
}
private void SetRight(Sitecore.Data.Items.Item item, Sitecore.Security.Accounts.Account account, Sitecore.Security.AccessControl.AccessRight right, Sitecore.Security.AccessControl.AccessPermission rightState, Sitecore.Security.AccessControl.PropagationType propagationType)
{
Sitecore.Security.AccessControl.AccessRuleCollection accessRules = item.Security.GetAccessRules();
if (propagationType == Sitecore.Security.AccessControl.PropagationType.Any)
{
accessRules.Helper.RemoveExactMatches(account, right);
}
else
{
accessRules.Helper.RemoveExactMatches(account, right, propagationType);
}
if (rightState != Sitecore.Security.AccessControl.AccessPermission.NotSet)
{
if (propagationType == Sitecore.Security.AccessControl.PropagationType.Any)
{
accessRules.Helper.AddAccessPermission(account, right, Sitecore.Security.AccessControl.PropagationType.Entity, rightState);
accessRules.Helper.AddAccessPermission(account, right, Sitecore.Security.AccessControl.PropagationType.Descendants, rightState);
}
else
{
accessRules.Helper.AddAccessPermission(account, right, propagationType, rightState);
}
}
item.Security.SetAccessRules(accessRules);
}
private string GetAccessPermission(AccessRuleCollection rules, Sitecore.Security.Accounts.Account account, AccessRight accessRight, AccessPermission accessPermission, string sExistingPermissions)
{
if ((rules.Helper.GetAccessPermission(account, accessRight, PropagationType.Descendants) == accessPermission) &&
(sExistingPermissions.IndexOf(accessRight.Name) == -1))
{
sExistingPermissions += accessRight.Name + "|";
}
return(sExistingPermissions);
}
public string GetRight(string strDatabase, string strItem, string strAccount, SecurityPermission rightState, Credentials credentials)
{
Error.AssertString(strDatabase, "strDatabase", false);
Error.AssertString(strItem, "strItem", false);
Login(credentials);
Sitecore.Data.Database db = Sitecore.Configuration.Factory.GetDatabase(strDatabase);
Sitecore.Data.Items.Item item = db.GetItem(strItem);
if (strAccount.IndexOf("sitecore\\") == -1)
{
strAccount = "sitecore\\" + strAccount;
}
Sitecore.Security.Accounts.AccountType accountType = Sitecore.Security.Accounts.AccountType.User;
if (Sitecore.Security.SecurityUtility.IsRole(strAccount))
{
accountType = Sitecore.Security.Accounts.AccountType.Role;
}
Sitecore.Security.Accounts.Account account = Sitecore.Security.Accounts.Account.FromName(strAccount, accountType);
string sResults = "";
if (rightState == SecurityPermission.AllowAccess)
{
if (item.Security.CanAdmin(account))
{
sResults += AccessRight.ItemAdmin + "|";
}
if (item.Security.CanCreate(account))
{
sResults += AccessRight.ItemCreate + "|";
}
if (item.Security.CanDelete(account))
{
sResults += AccessRight.ItemDelete + "|";
}
if (item.Security.CanRead(account))
{
sResults += AccessRight.ItemRead + "|";
}
if (item.Security.CanRename(account))
{
sResults += AccessRight.ItemRename + "|";
}
if (item.Security.CanWrite(account))
{
sResults += AccessRight.ItemWrite + "|";
}
}
else if (rightState == SecurityPermission.DenyAccess)
{
if (!item.Security.CanAdmin(account))
{
sResults += AccessRight.ItemAdmin + "|";
}
if (!item.Security.CanCreate(account))
{
sResults += AccessRight.ItemCreate + "|";
}
if (!item.Security.CanDelete(account))
{
sResults += AccessRight.ItemDelete + "|";
}
if (!item.Security.CanRead(account))
{
sResults += AccessRight.ItemRead + "|";
}
if (!item.Security.CanRename(account))
{
sResults += AccessRight.ItemRename + "|";
}
if (!item.Security.CanWrite(account))
{
sResults += AccessRight.ItemWrite + "|";
}
}
return(sResults);
}
