CSSecurityDescriptor Class

Content Studio 5.7 SDK

Content Studio Web Content Management System

[This is preliminary documentation and is subject to change.]

This class represents a Content Studio security descriptor.

Inheritance Hierarchy

SystemObject
ContentStudio.Security.AccessControlEditCSGenericSecurityDescriptor
ContentStudio.Security.AccessControlEditCSSecurityDescriptor

Namespace: ContentStudio.Security.AccessControlEdit
Assembly: CSServer5 (in CSServer5.dll) Version: 5.7.5016.0 (5.7.5016.0)

Syntax

Copy

public sealed class CSSecurityDescriptor : CSGenericSecurityDescriptor

Public NotInheritable Class CSSecurityDescriptor
	Inherits CSGenericSecurityDescriptor

The CSSecurityDescriptor type exposes the following members.

Constructors

	Name	Description
	CSSecurityDescriptor	Creates a new instance of the CSSecurityDescriptor class using Xml retrieved from Content Studio.

Top

Properties

	Name	Description
	ControlFlags	Gets the controlflags in the security descriptor. (Inherited from CSGenericSecurityDescriptor.)
	DACLProtected	Get as value that indicates whether the object this security descriptor's discretionary access control list is protected from receiving inheritable permissions from its parent object or not. To set this property use the AccessControl.SetObjectSecurity method.
	DiscretionaryAccessControlList	Gets a CSDiscretionaryAccessControlList that represents the discretionary access control list in a Content Studio security descriptor.
	IsContainer	Get as value that indicates whether the object this security descriptor belongs to is a container for other objects or not. (Inherited from CSGenericSecurityDescriptor.)
	IsFileSystemObject	Gets a value indicating whether this security descriptor represents file system object. (Inherited from CSGenericSecurityDescriptor.)
	ObjectId	Gets the identifier of the securable object that this security descriptor belongs to. (Inherited from CSGenericSecurityDescriptor.)
	ObjectName	Get the name of the object that this security descriptor belongs to. (Inherited from CSGenericSecurityDescriptor.)
	ObjectType	Gets the type of object that this security descriptor belongs to. (Inherited from CSGenericSecurityDescriptor.)
	Owner	Gets SecurityIdentifier object that indicates the owner of the object that this security descriptor belongs to. To set this flag use the AccessControl.SetObjectSecurity method. (Inherited from CSGenericSecurityDescriptor.)
	OwnerName	Gets the name of the owner of this security descriptor. (Inherited from CSGenericSecurityDescriptor.)
	SecurityDescriptorId	Gets the internal Content Studio identifier of the security descriptor. (Inherited from CSGenericSecurityDescriptor.)
	TreeId	Gets the identifier of the topmost parent securable object that this security descriptor belongs to. (Inherited from CSGenericSecurityDescriptor.)

Top

Methods

	Name	Description
	Equals	(Inherited from Object.)
	GetHashCode	(Inherited from Object.)
	GetType	(Inherited from Object.)
	ToString	(Inherited from Object.)
	WriteXml	Writes the Xml representation of this object to the supplied XmlWriter. (Overrides CSGenericSecurityDescriptorWriteXml(XmlWriter).)

Top

Remarks

This class is used to read, edit and save security information for any type of securable object in Content Studio.

Examples

The following code shows how to set permissions to a Content Studio object (error handling is omitted in this example).
Note
Observe how the well-known group Everyone is created in the sample. Never rely on the name of any well-known principal; those names are localized and differ between different language versions of the operating system.

Copy

using System;
using System.Xml;
using System.Text;
using System.Security.Principal;
using System.Security.AccessControl;
using ContentStudio;
using ContentStudio.Security;
using ContentStudio.Security.AccessControlEdit;

public class TheClass
{
    public void Main()
    {
        const int CONNECTION_ID = 1;
        //Create a new session.
        SessionManager sman = new SessionManager();
        int SessionID = sman.OpenSession(CONNECTION_ID);
        ContentStudio.Security.AccessControl acc = new AccessControl();
        //Get the security descriptor on document id 2558.
        string sd = acc.GetObjectSecurity(CONNECTION_ID,
                                          SessionID,
                                          2558,
                                          CSSecurableObjects.DocumentItem);
        /*
        Use the ContentStudio.Security.AccessControlEdit.CSSecurityDescriptor object.
        This object is not executed over remoting.
        */
        CSSecurityDescriptor secDesc = new CSSecurityDescriptor(sd);
        /*
        Add two new permission entries with the AddAccess method on the DiscretionaryAccessControlList
        of the CSSecurityDescriptor object.  Let's use Everyone - read, and CONTENTSTUDIO\Editors - modify.
        */
        SecurityIdentifier SID = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
        secDesc.DiscretionaryAccessControlList.AddAccess(SID,
                                                         AccessControlType.Allow,
                                                         CSObjectPermissions.Read ,
                                                         AceFlags.None);
        const CSObjectPermissions MODIFY = CSObjectPermissions.Write | 
                                           CSObjectPermissions.Create | 
                                           CSObjectPermissions.Read | 
                                           CSObjectPermissions.SendForRevision;
        /*
        A SecurityIdentifier can also be created if you have the user name in the 
        format Domain\Username or the UPN-format (e.g. Editors@contentstudio.com).
        */
        NTAccount ntac = new NTAccount("CONTENTSTUDIO\\Editors");
        //Translate to a SecurityIdentifier
        SID = (SecurityIdentifier)ntac.Translate(typeof(SecurityIdentifier));
        secDesc.DiscretionaryAccessControlList.AddAccess(SID,
                                                         AccessControlType.Allow,
                                                         MODIFY,
                                                         AceFlags.None);
        //Get the the security descriptor in the Xml format.
        StringBuilder sbu = new StringBuilder();
        XmlWriter XWriter = XmlWriter.Create(sbu);
        secDesc.WriteXml(XWriter);
        XWriter.Flush();
        sd = sbu.ToString();
        //Save the security back to the object that provided it.
        acc.SetObjectSecurity(CONNECTION_ID, SessionID, AccessControl.SecurityInfoClass.DACL, sd);
    }
}

Imports System
Imports System.Xml
Imports System.Text
Imports System.Security.Principal
Imports System.Security.AccessControl
Imports ContentStudio
Imports ContentStudio.Security
Imports ContentStudio.Security.AccessControlEdit

Public Class TheClass
{
    Public Sub Main()
        Const CONNECTION_ID As Integer = 1
        'Create a new session.
        Dim sman SessionManager As New SessionManager()
        Dim SessionID As Integer = sman.OpenSession(CONNECTION_ID)
        Dim acc As ContentStudio.Security.AccessControl = New AccessControl()
        'Get the security descriptor on document id 2558.
        Dim sd As String = acc.GetObjectSecurity(CONNECTION_ID, _
                                                 SessionID, _
                                                 2558, _
                                                 CSSecurableObjects.DocumentItem)

        'Use the ContentStudio.Security.AccessControlEdit.CSSecurityDescriptor object.

        Dim secDesc As New CSSecurityDescriptor(sd)

        'Add a new permission with the AddAccess method on the DiscretionaryAccessControlList
        'of the CSSecurityDescriptor object. Let's use Everyone - read, and CONTENTSTUDIO\Editors - modify.
        Dim SID As New SecurityIdentifier(WellKnownSidType.WorldSid, Nothing)
        secDesc.DiscretionaryAccessControlList.AddAccess(SID, _
                                                         AccessControlType.Allow, _
                                                         MODIFY, _
                                                         AceFlags.None)
        Const MODIFY As CSObjectPermissions = CSObjectPermissions.Write Or _
                                              CSObjectPermissions.Create Or _
                                              CSObjectPermissions.Read Or _
                                              CSObjectPermissions.SendForRevision

        'A SecurityIdentifier can also be created if you have the user name in the 
        'format Domain\Username or the UPN-format (e.g. Editors@contentstudio.com).
        Dim ntac = New NTAccount("CONTENTSTUDIO\Editors")
        'Translate into a SecurityIdentifier
        SID = DirectCast(ntac.Translate(GetType(SecurityIdentifier)), SecurityIdentifier)
        secDesc.DiscretionaryAccessControlList.AddAccess(SID, _
                                                         AccessControlType.Allow, _
                                                         MODIFY, _
                                                         AceFlags.None)
        'Get the the security descriptor in the Xml format.
        Dim sbu As New StringBuilder()
        Dim XWriter AsXmlWriter = XmlWriter.Create(sbu)
        secDesc.WriteXml(XWriter)
        XWriter.Flush()
        sd = sbu.ToString()
        'Save the security back to the object that provided it.
        acc.SetObjectSecurity(CONNECTION_ID, SessionID, AccessControl.SecurityInfoClass.DACL, sd)
    End Sub
End Class

Reference

ContentStudio.Security.AccessControlEdit Namespace