Enabling various roles to work with existing resource strings in form fields

   —   

Restricting roles to use only new resource strings is not always necessary. In this article I'm gonna show you how you can enable various roles to use an existing resource strings. 

Current situation

When working with multilingual websites, Kentico offers an option to localize form fields using resource strings. Localization can be added by clicking the “+” button in the localizable field:

fig1.png

1. Adding locale to a field

Resource strings are a global resource, which means that they bring some restrictions. If you’re not a Global Admin, you won’t be able to select existing resource strings:

fig2.png

2. Choosing the Resource string for non-Global admin

This is due to the fact, that resource strings can contain sensitive information from other sites within your Kentico instance. Example in figure (1) is taken from the Forms builder, but it works the same way with any other localizable field.

This model is a little restrictive, especially if this is not a concern for your particular instance. Luckily there is a workaround, where you can create a way to work with existing resource strings based on role permissions. Let’s dive into it.

Quick workaround

Easiest way to get around the restriction is to modify the code which checks whether the current user is a Global admin. You can either get rid of it completely or you can simply include all of your roles as allowed in the permission check. This would mean that all roles/users have the access to existing resource strings. Only do this, if you’re absolutely sure there is no security concern.

True solution

Creating a custom module is the way to go when adding custom functionality and this is no exception.  With the module you can grant permissions only to those roles you want to be using  existing Resource strings. This approach is more suitable from a security point of view as well.

How to create the module and get it all working

First of all, you need to create a custom module.

  1. Go to Modules application and click New module
  2. Fill in the Module display name as Localization permission and hit Save
  3. Switch to Permissions names tab and click New permission
  4. Fill in the Permission display name as Use existing resource strings
  5. Enable both Display in matrix and Editable only by global admin and hit Save

Now you need to perform a small code change

  1. Open the following file in your solution:
    ~\CMS\CMSFormControls\Selectors\LocalizableTextBox\LocalizeField.aspx.cs
  2. Find the following line:

    lstExistingOrNew.Items[1].Enabled = CurrentUser.CheckPrivilegeLevel(UserPrivilegeLevelEnum.GlobalAdmin);

    And replace it with this one:

    bool isAuthorized = UserInfoProvider.IsAuthorizedPerResource("LocalizationPermission", "UseExistingResourceStrings", SiteContext.CurrentSiteName, MembershipContext.AuthenticatedUser);
    lstExistingOrNew.Items[1].Enabled = CurrentUser.CheckPrivilegeLevel(UserPrivilegeLevelEnum.GlobalAdmin) || isAuthorized;

     
  3. Save the changes
Share this article on   LinkedIn Google+