public void SetRight(string strDatabase, string strItem, string strAccount, string strRights, Sitecore.Security.AccessControl.AccessPermission rightState, Sitecore.Security.AccessControl.PropagationType propagationType, Credentials credentials) { Error.AssertString(strDatabase, "strDatabase", false); Error.AssertString(strItem, "strItem", false); Error.AssertString(strAccount, "strAccount", false); Error.AssertString(strRights, "strRights", false); Login(credentials); Sitecore.Data.Database db = Sitecore.Configuration.Factory.GetDatabase(strDatabase); Sitecore.Data.Items.Item item = db.GetItem(strItem); Sitecore.Security.Accounts.AccountType accountType = Sitecore.Security.Accounts.AccountType.User; if (Sitecore.Security.SecurityUtility.IsRole(strAccount)) { accountType = Sitecore.Security.Accounts.AccountType.Role; } Sitecore.Security.Accounts.Account account = Sitecore.Security.Accounts.Account.FromName(strAccount, accountType); // Always ensure that a minimum of 1 "|" character exists if (strRights.IndexOf("|") == -1) { strRights += '|'; } string[] strRightsList = strRights.Split('|'); for (int t = 0; t < strRightsList.Length; t++) { string strRight = strRightsList[t]; if ((strRight != null) && (strRight != "")) { Sitecore.Security.AccessControl.AccessRight right = Sitecore.Security.AccessControl.AccessRight.FromName(strRight); SetRight(item, account, right, rightState, propagationType); } } }
private void SetRight(Sitecore.Data.Items.Item item, Sitecore.Security.Accounts.Account account, Sitecore.Security.AccessControl.AccessRight right, Sitecore.Security.AccessControl.AccessPermission rightState, Sitecore.Security.AccessControl.PropagationType propagationType) { Sitecore.Security.AccessControl.AccessRuleCollection accessRules = item.Security.GetAccessRules(); if (propagationType == Sitecore.Security.AccessControl.PropagationType.Any) { accessRules.Helper.RemoveExactMatches(account, right); } else { accessRules.Helper.RemoveExactMatches(account, right, propagationType); } if (rightState != Sitecore.Security.AccessControl.AccessPermission.NotSet) { if (propagationType == Sitecore.Security.AccessControl.PropagationType.Any) { accessRules.Helper.AddAccessPermission(account, right, Sitecore.Security.AccessControl.PropagationType.Entity, rightState); accessRules.Helper.AddAccessPermission(account, right, Sitecore.Security.AccessControl.PropagationType.Descendants, rightState); } else { accessRules.Helper.AddAccessPermission(account, right, propagationType, rightState); } } item.Security.SetAccessRules(accessRules); }
private string GetAccessPermission(AccessRuleCollection rules, Sitecore.Security.Accounts.Account account, AccessRight accessRight, AccessPermission accessPermission, string sExistingPermissions) { if ((rules.Helper.GetAccessPermission(account, accessRight, PropagationType.Descendants) == accessPermission) && (sExistingPermissions.IndexOf(accessRight.Name) == -1)) { sExistingPermissions += accessRight.Name + "|"; } return(sExistingPermissions); }
public string GetRight(string strDatabase, string strItem, string strAccount, SecurityPermission rightState, Credentials credentials) { Error.AssertString(strDatabase, "strDatabase", false); Error.AssertString(strItem, "strItem", false); Login(credentials); Sitecore.Data.Database db = Sitecore.Configuration.Factory.GetDatabase(strDatabase); Sitecore.Data.Items.Item item = db.GetItem(strItem); if (strAccount.IndexOf("sitecore\\") == -1) { strAccount = "sitecore\\" + strAccount; } Sitecore.Security.Accounts.AccountType accountType = Sitecore.Security.Accounts.AccountType.User; if (Sitecore.Security.SecurityUtility.IsRole(strAccount)) { accountType = Sitecore.Security.Accounts.AccountType.Role; } Sitecore.Security.Accounts.Account account = Sitecore.Security.Accounts.Account.FromName(strAccount, accountType); string sResults = ""; if (rightState == SecurityPermission.AllowAccess) { if (item.Security.CanAdmin(account)) { sResults += AccessRight.ItemAdmin + "|"; } if (item.Security.CanCreate(account)) { sResults += AccessRight.ItemCreate + "|"; } if (item.Security.CanDelete(account)) { sResults += AccessRight.ItemDelete + "|"; } if (item.Security.CanRead(account)) { sResults += AccessRight.ItemRead + "|"; } if (item.Security.CanRename(account)) { sResults += AccessRight.ItemRename + "|"; } if (item.Security.CanWrite(account)) { sResults += AccessRight.ItemWrite + "|"; } } else if (rightState == SecurityPermission.DenyAccess) { if (!item.Security.CanAdmin(account)) { sResults += AccessRight.ItemAdmin + "|"; } if (!item.Security.CanCreate(account)) { sResults += AccessRight.ItemCreate + "|"; } if (!item.Security.CanDelete(account)) { sResults += AccessRight.ItemDelete + "|"; } if (!item.Security.CanRead(account)) { sResults += AccessRight.ItemRead + "|"; } if (!item.Security.CanRename(account)) { sResults += AccessRight.ItemRename + "|"; } if (!item.Security.CanWrite(account)) { sResults += AccessRight.ItemWrite + "|"; } } return(sResults); }