Maintenance on larger installations part 1: Resetting security

For one of our customers we are upgrading their Content Management Solution to another level. Problems found in the pevious versions in Sitecore are resolved after an upgrade and now we’re busy creating a stable base so Sitecore can be the base for all company-wide internet publications and the intern goup of developers is able to build their own solutions.
For the reason written down above, we had to decide to redesin the workflow and start at 0 with a clean security model. As you don’t want to reset your security for all domains(if you want to use Sitecore.Configuration.Factory.GetDomainNames() as domain-source in the PageLoad below) and Sitecore does not allow you to reset everything with just a sinle click, I’ve written some code:

private void Page_Load(object sender, System.EventArgs e)
{
Sitecore.Context.SetActiveSite(“shell”);

using(new SecuritySwitcher(Sitecore.Context.Domain.GetUser(“Admin”)))
{
ResetSecurity(Sitecore.Context.ContentDatabase.GetItem(“/sitecore”),new string[] {“sitecore”}, true, true);
}
//Sitecore.FieldIDs.Security;
//Sitecore.FieldIDs.InheritSecurity;

}
private void ResetSecurity(Item rootItem, string[] domains, bool inheritSecurity, bool recursive)
{
if(rootItem != null)
{
rootItem.Editing.BeginEdit ();

Response.Write(“Reseting Security for ” + rootItem.Paths.FullPath + “<br />”);
RemoveDomainSecurity(rootItem.Fields[Sitecore.FieldIDs.Security], domains);

Response.Write(“Settings Inherit Security to ‘on'”);
rootItem.Fields[Sitecore.FieldIDs.InheritSecurity].Value = “1”;

Response.Write(“Finished resetting.<br /><hr />\n”);
Response.Flush();

rootItem.Editing.AcceptChanges();
rootItem.Editing.EndEdit();

if(recursive && rootItem.HasChildren)
{
foreach(Item childItem in rootItem.Children)
{
ResetSecurity(childItem, domains, inheritSecurity, recursive);
}
}
}
}

private void RemoveDomainSecurity(Sitecore.Data.Fields.Field securityField, string[] domains)
{
SecurityField myField = securityField;
foreach(string domain in domains)
{
SecurityAssignment[] assigments = myField.Assignments.Select(domain);
foreach(SecurityAssignment securityAssign in assigments)
{

securityAssign.Clear();
Response.Write(“Resetting rights ” + securityAssign.Rights.ToString() + ” for Domain ” + securityAssign.DomainName + ” and the Entity ” + securityAssign.EntityID.ToString() + “<br />”);
Response.Flush();
}
}
}

It quite recommed to backup your master database before you use the stuff above ;).
Your access viewer for your Access Viewer for the editor will look like this:

When you login as an Editor after resetting your client, you’ll receive a Nullpointer when opeing the Content Editor. Nice error handling ;).

2 thoughts on “Maintenance on larger installations part 1: Resetting security”

  1. It is weird that the Sitecore 6.2 API does not have the SecurityField.
    Also it is available only in 5.3.1.
    That should be mentioned in any section to save our time.
    Isn’t it????????

  2. How to do the same thing in Sitecore 6.2 as it doesn’t have SecurityField

Comments are closed.