Check permissions on part of items

Dmitriy Nenazhenko asked on June 7, 2016 12:02

Hello.

We have page type called DownloadItem. We have two sections on our website based on this page type and one of them is secured with certain roles. As logged user with role e.g. "CanDownload" he can download some documents from both sections. However if user is not logged in or have no role "CanDownload", he can download documents only from fisrt section that is not secured.

To be able to download document we use http handler and use something like in this example:

private bool CheckPagePermissions()
{
    // Creates a TreeProvider instance
    TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser);      
    // Gets the Example page
    TreeNode page = tree.SelectSingleNode(SiteContext.CurrentSiteName, "/Example", "en-US"); 
    if (page != null)
    {
        // Gets the user object
        UserInfo user = UserInfoProvider.GetUserInfo("CMSEditor"); 
        if (user != null)
        {
            // Checks whether the user has the Modify permission for the Example page
            if (page.CheckPermissions(PermissionsEnum.Modify, SiteContext.CurrentSiteName, user))
            {
                // Perform an action according to the result
                return true;
            }
        }
    } 
    return false; 
}

Unfortunately CheckPermissions method return false if we try to access unsecured downloads with not authorized or authenticated user.

As I understand we can use CheckPermissions only when we are 100% sure that the page that we are checking has some permissions set up. Is it so? Another question is how to set permissions like "All" -> "Read"?

check permissions

Recent Answers

Dawid Jachnik answered on June 7, 2016 12:13

Hello,

First you need to check which content is avalible for Check permission. Go to Setting > site name > Security & Membership > Content > Check page permissions (You need to select All pages)

Then for pages which should be visible for all users (Root document, rest of all documents will be inherit this) security permission role Not authenicated users with Read access to Allow - this will do that all pages will be visible for public users.

Next you can assign your role CanDownload for aproporiate sections.

Permissions will be checked for every page

2 votesVote for this answer Mark as a Correct answer

Joshua Adams answered on June 7, 2016 15:41

Also, looks like your user is pointing to a role, unless you have a user named that same thing.

UserInfo user = UserInfoProvider.GetUserInfo("CMSEditor");

Instead maybe try this:

UserInfo user = UserInfoProvider.GetUserInfo(MembershipContext.AuthenticatedUser.UserID);

Try getting a user by the UserID or something of that sort. Usually CMSEditor is referring to a built in role name. If thats a users username, I believe you would need the sitename as well in that call. If your user is coming in as null, that would make your permissions check fail, and return false every time. May want to debug and verify that this isn't the case.

Also, the solution above may not handle the users that aren't logged in, or that are using the public user account, so please keep that in mind.

0 votesVote for this answer Mark as a Correct answer