Posted on 28/09/2014 20:26:26
Hi Jonas,
Setting up permissions is not a simple task in Dynamicweb, but below is a working example.
Remember to also disable read access to the secure folder in IIS if you don't want these files to be accessible by entering the full URL in a browser.
// Get the user.
var user = User.GetUserByID(256);
// Get the path to the files folder - either "/Files" or "/Filer".
var filesFolderPath = "/" + Installation.FilesFolderName;
// Get the path to the secure folder (Management Center > Control Panel > Modules > User Management > Extranet secure folder).
// Note: This requires that you have already set up a secure folder (e.g. "Forhandler") with permissions (deny "All", allow access for user group "Forhandler").
var secureFolderName = Base.ChkString(Base.GetGs("/Globalsettings/Modules/Users/SecureFolderName"));
var secureFolderPath = filesFolderPath + "/" + secureFolderName;
// Create a folder for this user
var folderName = FilesAndFolders.GetValidFileAndFolderName(user.Name);
var folderPath = secureFolderPath + "/" + folderName;
FilesAndFolders.CreateFolder(secureFolderPath, folderName);
// Deny anonymous access (id = 0 is "All")
var permissionAnonymous = Permission.GetPermissionByID("0", folderPath) ?? new Permission();
permissionAnonymous.AccessElementPermissionElementTextID = folderPath;
permissionAnonymous.AccessElementPermissionTypeID = 1;
permissionAnonymous.AccessElementPermissionUserID = 0;
permissionAnonymous.AccessElementPermissionTypePermission = Permission.FolderPermissionAccess.Deny;
permissionAnonymous.Save();
// Allow access for a given user / group
var permission = Permission.GetPermissionByID(user.ID.ToString(CultureInfo.InvariantCulture), folderPath) ?? new Permission();
permission.AccessElementPermissionElementTextID = folderPath;
permission.AccessElementPermissionTypeID = 1;
permission.AccessElementPermissionUserID = user.ID;
permission.AccessElementPermissionTypePermission = Permission.FolderPermissionAccess.Allow;
permission.Save();
