Oraclegirl, et al,
Yes, I did this just yesterday.
1. Open the Sitemap.config file.
2. Copy a line similar to what you want to use.
For instance, let's say you want to add a new permission to so you can block off the editing of Customer Roles to certain admins. My example is below:
<siteMapNode SystemName="Customer roles" nopResource="Admin.Customers.CustomerRoles" PermissionNames="ManageCustomerRoles" controller="CustomerRole" action="List" />
The main parts you want to pay attention to are the SystemName, PermissionsNames, and Controller.
3. Go into 'StandardPermissionsProvider.cs' in 'Libraries > Nop.Services > Security'
4. In StandardPermissionsProvider.cs' you will see a bunch of "public static readonly PermissionRecord" declarations. Copy one of the last lines of the 'Admin area' ones and just paste it below that line and in our case you will see a similar set up as we did for our newly created property in our sitemap.config.
So name the PermissionRecord accordingly, in this case it is CUSTOMManageCustomerRoles.
In the '= new PermissionRecord' portion after the 'Name =' add a custom string (this will show up in the list in ACL) and set the 'SystemName' the same as we did for the 'PermissionsName' in the sitemap.config
public static readonly PermissionRecord CUSTOMManageCustomerRoles = new PermissionRecord { Name = "Admin area. Manage Customers Roles", SystemName = "ManageCustomerRoles", Category = "Customers" };
6. Open your DB and go to the table dbo.PermissionRecord and create a new line the same as the one before. NOW for the 'Name' column put the 'Name' that we created in the PermissionRecord line above (in this case it is 'Admin area. Manage Customers Roles'), in the 'SystemName' column put the SystemName in the PermissionRecord line above (in this case it is 'ManageCustomerRoles'), in the 'Category' column put the same 'Category' as the PermissionRecord line above (in this case it is 'Customer')
Now build. Does that make sense?