Manage permissionsets and permissions operations |
You can perform various operations on permissionsets and permissions via API.
using Novalys.VisualGuard.Security; using Novalys.VisualGuard.Security.Common; using Novalys.VisualGuard.Security.CommonProfileAttribute; using Novalys.VisualGuard.Security.Database; using Novalys.VisualGuard.Security.Membership; using Novalys.VisualGuard.Security.UserProfile; using System; using System.Collections.Generic;
VGSecurityRuntime runtime = VGSecurityManager.Runtime;
//Get current application var currentApp = runtime.Application.GetCurrentApplication(); //create permissionset var ps_HR= runtime.PermissionSets.CreatePermissionSet("HR_permissions", "It contains a collection of HR permissions", currentApp); var ps_temp = runtime.PermissionSets.CreatePermissionSet("temp_permissionset", "temp permissionSet", currentApp); //update permissionset ps_HR.Comment = "updated description of ps"; ps_HR.Name = "permissionset_HR"; runtime.PermissionSets.UpdatePermissionSet(ps_HR); //delete permissionset runtime.PermissionSets.DeletePermissionSet(ps_temp);
//get permissionsets for all applications depending on user rights var allPermissionsets = runtime.PermissionSets.GetAllPermissionSets(0, int.MaxValue); //get permissionsets of current application var appPermissionsets = runtime.PermissionSets.GetPermissionSetByApplication(currentApp, 0, int.MaxValue);
//create permission var perm_CanManageEmployeeProfile = runtime.Permissions.CreatePermission(currentApp,"CanManageEmployeeProfile", "CanManageEmployeeProfile permission"); var perm_CanManageLeavePolicy = runtime.Permissions.CreatePermission(currentApp, "CanManageLeavePolicy", "CanManageLeavePolicy permission"); //update permission perm_CanManageEmployeeProfile.Description = "updated description of CanManageEmployeeProfile"; perm_CanManageEmployeeProfile.Name = "Perm_CanManageEmployeeProfile"; runtime.Permissions.UpdatePermission(perm_CanManageEmployeeProfile); //delete permission runtime.Permissions.DeletePermission(perm_CanManageLeavePolicy);
//Get All permission folders var folders = runtime.Permissions.GetAllFolderByAppId(currentApp.Id); //get all permissions of current application var appPermissions = runtime.Permissions.GetAllPermissionByApp(currentApp); //get all permissions of role var rolePermissions = runtime.Permissions.GetAllPermission(roleHR); //get all permissions of group, this method includes children groups var groupPermissions = runtime.Permissions.GetAllPermission(groupHR); //get all permissions of particular folder var folderId = folders[0].Id; var folderPermissions = runtime.Permissions.GetPermissionsByFolderId(currentApp, folderId);
//grant permissions to permissionset runtime.PermissionSets.GrantPermissionToPermissionSet(perm_CanManageEmployeeProfile, ps_HR); runtime.PermissionSets.GrantPermissionToPermissionSet(perm_CanManageLeavePolicy, ps_HR); //revoke permission from permissionset runtime.PermissionSets.RevokePermissionToPermissionSet(perm_CanManageLeavePolicy, ps_HR);
//grant permissionset to permissionset runtime.PermissionSets.GrantPermissionSetToPermissionSet(ps_temp, ps_HR); //revoke permissionset from permissionset runtime.PermissionSets.RevokePermissionSetToPermissionSet(ps_temp, ps_HR);