How to use .Net API ?

How to manage PermissionSet & Permissions ?

Estimated reading: 3 minutes 1606 views

Permission Sets and Permissions are key components of Visual Guard’s authorization model, enabling you to define and manage access to application features. Using the Visual Guard .NET API, you can programmatically create, update, delete, and retrieve permission sets and permissions, as well as grant or revoke permissions from permission sets. This article demonstrates how to perform these operations using the VGSecurityRuntime class.


Add following namespaces in your code

  • C#
using Novalys.VisualGuard.Security;
using Novalys.VisualGuard.Security.Common;
using Novalys.VisualGuard.Security.CommonProfileAttribute;
using Novalys.VisualGuard.Security.Database;
using Novalys.VisualGuard.Security.Membership;
using Novalys.VisualGuard.Security.UserProfile;
using System;
using System.Collections.Generic;

Define VisualGuard runtime

  • C#
VGSecurityRuntime runtime = VGSecurityManager.Runtime;

1. Create/Update/Delete permissionset

    • C#
    //Get current application
    var currentApp = runtime.Application.GetCurrentApplication();
    
    //create permissionset
    var ps_HR= runtime.PermissionSets.CreatePermissionSet("HR_permissions", "It contains a collection of HR permissions", currentApp);
    var ps_temp = runtime.PermissionSets.CreatePermissionSet("temp_permissionset", "temp permissionSet", currentApp);
    
    //update permissionset
    ps_HR.Comment = "updated description of ps";
    ps_HR.Name = "permissionset_HR";
    
    runtime.PermissionSets.UpdatePermissionSet(ps_HR);
    
    //delete permissionset
    runtime.PermissionSets.DeletePermissionSet(ps_temp);


    2. Get permissionsets from storage

    • C#
    //get permissionsets for all applications depending on user rights
    var allPermissionsets = runtime.PermissionSets.GetAllPermissionSets(0, int.MaxValue);
    
    //get permissionsets of current application
    var appPermissionsets = runtime.PermissionSets.GetPermissionSetByApplication(currentApp, 0, int.MaxValue);


    3. Create/Update/Delete permissions

    • C#
    //create permission
    var perm_CanManageEmployeeProfile = runtime.Permissions.CreatePermission(currentApp,"CanManageEmployeeProfile", "CanManageEmployeeProfile permission");
    var perm_CanManageLeavePolicy = runtime.Permissions.CreatePermission(currentApp, "CanManageLeavePolicy", "CanManageLeavePolicy permission");
    
    //update permission
    perm_CanManageEmployeeProfile.Description = "updated description of CanManageEmployeeProfile";
    perm_CanManageEmployeeProfile.Name = "Perm_CanManageEmployeeProfile";
    
    runtime.Permissions.UpdatePermission(perm_CanManageEmployeeProfile);
    
    //delete permission
    runtime.Permissions.DeletePermission(perm_CanManageLeavePolicy);


    4. Get permissions

    • C#
    //Get All permission folders
    var folders = runtime.Permissions.GetAllFolderByAppId(currentApp.Id);
    
    //get all permissions of current application
    var appPermissions = runtime.Permissions.GetAllPermissionByApp(currentApp);
    
    //get all permissions of role
    var rolePermissions = runtime.Permissions.GetAllPermission(roleHR);
    
    //get all permissions of group, this method includes children groups
    var groupPermissions = runtime.Permissions.GetAllPermission(groupHR);
    
    //get all permissions of particular folder
    var folderId = folders[0].Id;
    var folderPermissions = runtime.Permissions.GetPermissionsByFolderId(currentApp, folderId);


    5. Grant/revoke permissions to/from permissionset

    • C#
    //grant permissions to permissionset
    runtime.PermissionSets.GrantPermissionToPermissionSet(perm_CanManageEmployeeProfile, ps_HR);
    runtime.PermissionSets.GrantPermissionToPermissionSet(perm_CanManageLeavePolicy, ps_HR);
    
    //revoke permission from permissionset
    runtime.PermissionSets.RevokePermissionToPermissionSet(perm_CanManageLeavePolicy, ps_HR);


    6. Grant/revoke permissionsets to/from permissionsets

    • C#
    //grant permissionset to permissionset
    runtime.PermissionSets.GrantPermissionSetToPermissionSet(ps_temp, ps_HR);
    
    //revoke permissionset from permissionset
    runtime.PermissionSets.RevokePermissionSetToPermissionSet(ps_temp, ps_HR);