Granting User Permissions with a Method

Overview

You can grant membership access via a server Method to allow a user who does not have membership rights to perform an operation programmatically. For example, to perform a Life Cycle promotion when a user does not belong to a Life Cycle transition Role.  The access grant persists for the life of the Method calling the grant (and any child Methods spawned from the starting the Method). You can also revoke the grant access at any time in the Method.

Get Current Identities

To get a comma delimited list of all identities a user belongs to (as a list of ids) use:

string identity_list =
Aras.Server.Security.Permissions.Current.IdentiesList;

Grant/Remove Access

To grant access in a server Method use the following: Aras.Server.Security.Identity identity = Aras.Server.Security.Identity.GetByName(“identity_name”); bool PermissionSet = Aras.Server.Security.Permissions.GrantIdentity(identity);Revoke Access

To remove grant access (before the Method ends) use:

Aras.Server.Security.Permissions.RevokeIdentity(identity);

Example:

The following example temporarily adds the user currently executing the Method to the Aras PLM identity.

Aras.Server.Security.Identity plmIdentity =
Aras.Server.Security.Identity.GetByName("Aras PLM");
bool PermissionWasSet =
Aras.Server.Security.Permissions.GrantIdentity(plmIdentity);
this.promote("Approved", "Promoted Automatically");
if (PermissionWasSet)
Aras.Server.Security.Permissions.RevokeIdentity(plmIdentity);
return this;

VB.NET

Dim plmIdentity as Aras.Server.Security.Identity =
Aras.Server.Security.Identity.GetByName("Aras PLM")
Dim PermissionWasSet as bool =
Aras.Server.Security.Permissions.GrantIdentity(plmIdentity)

Me.promote("Approved", "Promoted Automatically")

if PermissionWasSet Then
Aras.Server.Security.Permissions.RevokeIdentity(plmIdentity)
return Me

Leave a Reply