<?php
$policy_name = 'Users';
$policy_data = '{"load":true,"list":true,"view":true,"save":true,"remove":true,"copy":true,"view_unpublished":false}';
$role_rank = 9999;
$policy = $modx->newObject('modAccessPolicy');
$policy->fromArray(array(
'name' => $policy_name,
'description' => 'User access control',
'template' => 6,
'data' => $policy_data,
'lexicon' => 'permissions'
));
$policy->save();
$policyID = $policy->get('id');
$role = $modx->newObject('modUserGroupRole');
$role->fromArray(array(
'name' => $policy_name,
'authority' => $role_rank
));
$role->save();
$group = $modx->newObject('modUserGroup');
$group->fromArray(array(
'name' => $policy_name,
'parent' => 0,
'rank' => 0,
'dashboard' => 1
));
$group->save();
$groupID = $group->get('id');
$contextaccess_web = $modx->newObject('modAccessContext');
$contextaccess_web->fromArray(array(
'target' => 'web',
'principal_class' => 'modUserGroup',
'principal' => $groupID,
'authority' => $role_rank,
'policy' => $policyID
));
$contextaccess_web->save();