Kentico CMS 7.0 Developer's Guide

Checking permissions

Checking permissions

Previous topic Next topic Mail us feedback on this topic!  

Checking permissions

Previous topic Next topic JavaScript is required for the print function Mail us feedback on this topic!  

Arrow


API examples for newer versions


Please visit the latest API Examples documentation to view API examples for newer versions of Kentico.



The following example checks if the CMSEditor user has the Read permission for the Content module.

 

private bool CheckContentModulePermissions()

{

  // Get the user

  UserInfo user = UserInfoProvider.GetUserInfo("CMSEditor");

 

  if (user != null)

   {

      // Check permissions and perform an action according to the result

      if (UserInfoProvider.IsAuthorizedPerResource("CMS.Content", "Read", CMSContext.CurrentSiteName, user))

       {

 

           apiCheckContentModulePermissions.InfoMessage = "User 'CMSEditor' is allowed to read module 'Content'.";

       }

      else

       {

           apiCheckContentModulePermissions.InfoMessage = "User 'CMSEditor' is not allowed to read module 'Content'.";

       }

 

      return true;

   }

 

  return false;

}

 

The following example checks if the CMSEditor user has the Read permission for the CMS.MenuItem document type.

 

private bool CheckDocTypePermissions()

{

  // Get the user

  UserInfo user = UserInfoProvider.GetUserInfo("CMSEditor");

 

  if (user != null)

   {

      // Check permissions and perform an action according to the result

      if (UserInfoProvider.IsAuthorizedPerClass("CMS.MenuItem", "Read", CMSContext.CurrentSiteName, user))

       {

 

           apiCheckDocTypePermissions.InfoMessage = "User 'CMSEditor' is allowed to read document type 'MenuItem'.";

       }

      else

       {

           apiCheckDocTypePermissions.InfoMessage = "User 'CMSEditor' is not allowed to read document type 'MenuItem'.";

       }

 

      return true;

   }

 

  return false;

}

 

The following example checks if the CMSEditor user has the Read permission on document level for a single document.

 

private bool CheckDocumentPermissions()

{

  // Create an instance of the Tree provider

  TreeProvider tree = new TreeProvider(CMSContext.CurrentUser);

 

  // Get default culture code

  string culture = SettingsKeyProvider.GetStringValue(CMSContext.CurrentSiteName + ".CMSDefaultCultureCode");

 

  // Get the API Example document

  TreeNode node = tree.SelectSingleNode(CMSContext.CurrentSiteName, "/API-Example", culture);

 

  if (node != null)

   {

      // Get the user

      UserInfo user = UserInfoProvider.GetUserInfo("CMSEditor");

 

      if (user != null)

       {

          // Check permissions and perform an action according to the result

          if (TreeSecurityProvider.IsAuthorizedPerNode(node, NodePermissionsEnum.ModifyPermissions, user) == AuthorizationResultEnum.Allowed)

           {

               apiCheckDocumentPermissions.InfoMessage = "User 'CMSEditor' is allowed to modify permissions for document 'API Example'.";

           }

          else

           {

               apiCheckDocumentPermissions.InfoMessage = "User 'CMSEditor' is not allowed to modify permissions for document 'API Example'.";

           }

 

          return true;

       }

   }

 

  return false;

}

 

The following example gets multiple document into a DataSet, filters the documents depending on if the Modify permissions permission was granted to the CMS Editor user on their document level, and breaks permission inheritance of the filtered documents.

 

private bool FilterDataSet()

{

  // Create an instance of the Tree provider

  TreeProvider tree = new TreeProvider(CMSContext.CurrentUser);

 

  // Set the parameters for getting documents

  string siteName = CMSContext.CurrentSiteName;

  string aliasPath = "/%";

  string culture = SettingsKeyProvider.GetStringValue(CMSContext.CurrentSiteName + ".CMSDefaultCultureCode");

  bool combineWithDefaultCulture = true;

 

  // Get data set with documents

  DataSet documents = tree.SelectNodes(siteName, aliasPath, culture, combineWithDefaultCulture);

 

  // Get the user

  UserInfo user = UserInfoProvider.GetUserInfo("CMSEditor");

 

  if (user != null)

   {

      // Filter the data set by the user permissions

      TreeSecurityProvider.FilterDataSetByPermissions(documents, NodePermissionsEnum.ModifyPermissions, user);

 

      if (!DataHelper.DataSourceIsEmpty(documents))

       {

          // Create an instance of ACL provider

          AclProvider acl = new AclProvider(tree);

 

          // Loop through filtered documents

          foreach (DataRow documentRow in documents.Tables[0].Rows)

           {

              // Create a new Tree node from the data row

              TreeNode node = TreeNode.New(documentRow, "CMS.MenuItem", tree);

 

              // Break permission inheritance (with copying parent permissions)

               acl.BreakInherintance(node, true);

           }

 

          // Data set filtered successfully - permission inheritance broken for filtered items

           apiFilterDataSet.InfoMessage = "Data set with all documents filtered successfully by permission 'Modify permissions' for user 'CMSEditor'. Permission inheritance broken for filtered items.";

       }

      else

       {

          // Data set filtered successfully - no items left in data set

           apiFilterDataSet.InfoMessage = "Data set with all documents filtered successfully by permission 'Modify permissions' for user 'CMSEditor'. No items left in data set.";

       }

 

      return true;

   }

 

  return false;

}