How to manage PermissionSet & Permissions ?

PermissionSets/Permissions operations

• Create/Update/Delete permissionset
• Get permissionsets from storage
• Create/Update/Delete permissions
• Get permissions
• Grant/revoke permissions to/from permissionsets
• Grant/revoke permissionsets to/from permissionsets

Add following namespaces in your code

using Novalys.VisualGuard.Security;
using Novalys.VisualGuard.Security.Common;
using Novalys.VisualGuard.Security.CommonProfileAttribute;
using Novalys.VisualGuard.Security.Database;
using Novalys.VisualGuard.Security.Membership;
using Novalys.VisualGuard.Security.UserProfile;
using System;
using System.Collections.Generic;

Define VisualGuard runtime

VGSecurityRuntime runtime = VGSecurityManager.Runtime;

Create/Update/Delete permissionset

//Get current application
var currentApp = runtime.Application.GetCurrentApplication();

//create permissionset
var ps_HR= runtime.PermissionSets.CreatePermissionSet("HR_permissions", "It contains a collection of HR permissions", currentApp);
var ps_temp = runtime.PermissionSets.CreatePermissionSet("temp_permissionset", "temp permissionSet", currentApp);

//update permissionset
ps_HR.Comment = "updated description of ps";
ps_HR.Name = "permissionset_HR";

runtime.PermissionSets.UpdatePermissionSet(ps_HR);

//delete permissionset
runtime.PermissionSets.DeletePermissionSet(ps_temp);

Get permissionsets from storage

//get permissionsets for all applications depending on user rights
var allPermissionsets = runtime.PermissionSets.GetAllPermissionSets(0, int.MaxValue);

//get permissionsets of current application
var appPermissionsets = runtime.PermissionSets.GetPermissionSetByApplication(currentApp, 0, int.MaxValue);

Create/Update/Delete permissions

//create permission
var perm_CanManageEmployeeProfile = runtime.Permissions.CreatePermission(currentApp,"CanManageEmployeeProfile", "CanManageEmployeeProfile permission");
var perm_CanManageLeavePolicy = runtime.Permissions.CreatePermission(currentApp, "CanManageLeavePolicy", "CanManageLeavePolicy permission");

//update permission
perm_CanManageEmployeeProfile.Description = "updated description of CanManageEmployeeProfile";
perm_CanManageEmployeeProfile.Name = "Perm_CanManageEmployeeProfile";

runtime.Permissions.UpdatePermission(perm_CanManageEmployeeProfile);

//delete permission
runtime.Permissions.DeletePermission(perm_CanManageLeavePolicy);

Get permissions

//Get All permission folders
var folders = runtime.Permissions.GetAllFolderByAppId(currentApp.Id);

//get all permissions of current application
var appPermissions = runtime.Permissions.GetAllPermissionByApp(currentApp);

//get all permissions of role
var rolePermissions = runtime.Permissions.GetAllPermission(roleHR);

//get all permissions of group, this method includes children groups
var groupPermissions = runtime.Permissions.GetAllPermission(groupHR);

//get all permissions of particular folder
var folderId = folders[0].Id;
var folderPermissions = runtime.Permissions.GetPermissionsByFolderId(currentApp, folderId);

Grant/revoke permissions to/from ps

//grant permissions to permissionset
runtime.PermissionSets.GrantPermissionToPermissionSet(perm_CanManageEmployeeProfile, ps_HR);
runtime.PermissionSets.GrantPermissionToPermissionSet(perm_CanManageLeavePolicy, ps_HR);

//revoke permission from permissionset
runtime.PermissionSets.RevokePermissionToPermissionSet(perm_CanManageLeavePolicy, ps_HR);

Grant/revoke permissionsets to/from permissionsets

//grant permissionset to permissionset
runtime.PermissionSets.GrantPermissionSetToPermissionSet(ps_temp, ps_HR);

//revoke permissionset from permissionset
runtime.PermissionSets.RevokePermissionSetToPermissionSet(ps_temp, ps_HR);