How to manage PermissionSet & Permissions ?

Estimated reading: 2 minutes 375 views

PermissionSets/Permissions operations

Add following namespaces in your code

using Novalys.VisualGuard.Security;
using Novalys.VisualGuard.Security.Common;
using Novalys.VisualGuard.Security.CommonProfileAttribute;
using Novalys.VisualGuard.Security.Database;
using Novalys.VisualGuard.Security.Membership;
using Novalys.VisualGuard.Security.UserProfile;
using System;
using System.Collections.Generic;

Define VisualGuard runtime

VGSecurityRuntime runtime = VGSecurityManager.Runtime;


Create/Update/Delete permissionset

//Get current application
var currentApp = runtime.Application.GetCurrentApplication();

//create permissionset
var ps_HR= runtime.PermissionSets.CreatePermissionSet("HR_permissions", "It contains a collection of HR permissions", currentApp);
var ps_temp = runtime.PermissionSets.CreatePermissionSet("temp_permissionset", "temp permissionSet", currentApp);

//update permissionset
ps_HR.Comment = "updated description of ps";
ps_HR.Name = "permissionset_HR";

runtime.PermissionSets.UpdatePermissionSet(ps_HR);

//delete permissionset
runtime.PermissionSets.DeletePermissionSet(ps_temp);


Get permissionsets from storage

//get permissionsets for all applications depending on user rights
var allPermissionsets = runtime.PermissionSets.GetAllPermissionSets(0, int.MaxValue);

//get permissionsets of current application
var appPermissionsets = runtime.PermissionSets.GetPermissionSetByApplication(currentApp, 0, int.MaxValue);


Create/Update/Delete permissions

//create permission
var perm_CanManageEmployeeProfile = runtime.Permissions.CreatePermission(currentApp,"CanManageEmployeeProfile", "CanManageEmployeeProfile permission");
var perm_CanManageLeavePolicy = runtime.Permissions.CreatePermission(currentApp, "CanManageLeavePolicy", "CanManageLeavePolicy permission");

//update permission
perm_CanManageEmployeeProfile.Description = "updated description of CanManageEmployeeProfile";
perm_CanManageEmployeeProfile.Name = "Perm_CanManageEmployeeProfile";

runtime.Permissions.UpdatePermission(perm_CanManageEmployeeProfile);

//delete permission
runtime.Permissions.DeletePermission(perm_CanManageLeavePolicy);


Get permissions

//Get All permission folders
var folders = runtime.Permissions.GetAllFolderByAppId(currentApp.Id);

//get all permissions of current application
var appPermissions = runtime.Permissions.GetAllPermissionByApp(currentApp);

//get all permissions of role
var rolePermissions = runtime.Permissions.GetAllPermission(roleHR);

//get all permissions of group, this method includes children groups
var groupPermissions = runtime.Permissions.GetAllPermission(groupHR);

//get all permissions of particular folder
var folderId = folders[0].Id;
var folderPermissions = runtime.Permissions.GetPermissionsByFolderId(currentApp, folderId);


Grant/revoke permissions to/from ps

//grant permissions to permissionset
runtime.PermissionSets.GrantPermissionToPermissionSet(perm_CanManageEmployeeProfile, ps_HR);
runtime.PermissionSets.GrantPermissionToPermissionSet(perm_CanManageLeavePolicy, ps_HR);

//revoke permission from permissionset
runtime.PermissionSets.RevokePermissionToPermissionSet(perm_CanManageLeavePolicy, ps_HR);


Grant/revoke permissionsets to/from permissionsets

//grant permissionset to permissionset
runtime.PermissionSets.GrantPermissionSetToPermissionSet(ps_temp, ps_HR);

//revoke permissionset from permissionset
runtime.PermissionSets.RevokePermissionSetToPermissionSet(ps_temp, ps_HR);