To manage permissions, you use the manager of the type that you manage permissions for. For example, to manage permissions for blogs, you use the blogs manager. For more information, see For developers: Permissions API.
All objects in Sitefinity CMS that implement the ISecuredObject interface can be secured with permissions. All content managers use data providers that implement ISecuredObject. All content items, if not explicitly secured, inherit their permissions from the data provider until the inheritance is broken.
Sitefinity CMS allows you to secure specific content items (for example, a specific blog item) or all items from given type (for example, all blogs). To secure all content items from given type, you create permissions for the content data provider. To get the security root for the provider, you use the GetSecurityRoot method of the manager class.
The examples below describe how to manage permissions for all blogs using the blogs data provider security root ID. You can use the same code to manage permissions for a specific item by using its ID.
The next example creates a permission associated with the blogs data provider and the specified user with no actions granted or denied. For more information, see For developers: Grant and deny permissions.
The next example queries for a permission associated with the blogs data provider and the specified user.
The next example deletes a permission associated with the blogs data provider and the specified user.
Revoking permission is resetting its Grant and Deny values to 0 (no actions granted and no actions denied) without deleting the permission from the secured object.
The next example revokes a permission associated with the blogs data provider and the specified user.
Back To Top