Adding and changing User and Roles to Sitecore domain through API

0
votes

I have to create a separate web project to access the Roles and Users API for sitecore domain, so I can programmatically add new Roles with custom access to the tree as well as custom language access. I have found the documentation for Security API, http://sdn.sitecore.net/upload/sitecore6/sc61keywords/security_api_cookbook_usletter.pdf

But I am not sure how to go about adding a new role, can I just create any type of project, like MVC4 or does it have to be in WebForms? Is this even possible to add custom permission to the tree by adding new roles and assigning them new users through API, so they can just login normally through the SiteCore domain? Also, what database am I supposed to use, I see there are 3 different ones (core,master,web), do I have to manually connect to the database and add roles there, or the API's will do that for me?

1
sitecoresitecore6
Are you sure you want to programatically add entirely new roles? You are likely to have difficulty in determining access rights to the parts of the tree you new role should have, it will be tricky esp from a custom UI perspective. Adding users to existing roles will be simple enough, but I would question the other requirement rather than whether it is possible. I would imagine your role structure would become a bit of a mess by the end of it and you would not be making good use of role inheritance.jammykam
Yeah, I am dealing with multiple language buckets for a multi-language site, but each language actually have their own buckets, as this is the design already implemented, so to add a new role, I have to manually revoke access to some languages and some parts of the tree for a ContentApproval Role and ContentManager Role of each language, and there is a possibility of adding more Languages, meaning more buckets in multiple places.I have to create a UI that allows the user to add a new Language and then automatically create buckets and Role and Users for the Editors and Managers. any direction?aminjam
So are you adding Sitecore languages via code as well? How will you handle the translations if you are just adding a new site language?jammykam

1 Answers

2
votes

I ended up creating a class that lets me add new languages(regions) when needed. Here is the idea I worked with.

using(new Sitecore.Security.Accounts.UserSwitcher(user) //To switch to any user you want, in my case it was the "sitecore/admin"


System.Web.Security.Roles.CreateRole(roleName) //To create roles
var role = Sitecore.Security.Accounts.Role.FromName(roleName) //To retrieve the role.
//Get a list of the permissions that you would like to set
//For every item in that list
AccessRuleCollection accessRule = Item.Security.GetAccessRules();
acessRule.Helper.AddAccessPermission(role,AccessRight,PropagationType,AccessPermission);

//Write the Rules back to the item
Item.Editing.BeginEdit();
Item.Security.SetAccessRules(accessRules);
Item.Editing.EndEdit();

Hope that helps.