DocumentQuery like CheckPermissions(), but for Modify/Create etc..

Stefan Lorenz asked on October 16, 2014 10:31

Hi,

I've got the following query, which gives me all docs the user has read-access to:

var docs = new TreeProvider().SelectNodes("Kplus.Docs")
                                        .OnSite(SiteContext.CurrentSiteName)
                                        .CheckPermissions(true)
                                        .TypedResult;

Does anyone know how to filter for other permissions than Read, e.g. Create/Modify/Delete? I could iterate over the result and check each doc on it's own, but it would be way better to have a proper query instead of fetching all readable and discarding most rows later.

Thanks in advance,

Stefan

Correct Answer

Brenden Kehren answered on October 17, 2014 14:12

That particular method will ONLY check READ permissions for the user. Check out the example here. The second to last method shows how they check at the node level.

0 votesVote for this answer Unmark Correct answer

Recent Answers

Stefan Lorenz answered on October 20, 2014 09:07

Like said in my post, I'm aware how to check each node after fetching them all. What I'm missing is a way to filter (i.e. define a query) for other permissions than read.

0 votesVote for this answer Mark as a Correct answer

Juraj Ondrus answered on December 6, 2014 11:03 (last edited on December 6, 2014 11:05)

Hi Stefan,

In the link shared by Brenden, there is a sample how to check the modify permission, however, you need to get the document(s) first and then check the permissions for each individually since the pemrissions can be set per page:

// Checks whether the user has the Modify permission for the Example page
            if (page.CheckPermissions(PermissionsEnum.Modify, SiteContext.CurrentSiteName, user))
            {
                // Perform an action according to the result
                return true;
            }
0 votesVote for this answer Mark as a Correct answer

Stefan Lorenz answered on December 8, 2014 13:46

Hi Juraj,

Read-Permission is also given per page, right? If yes, why do the API offers a way to check for Read-Permission on the SQL side (within the query), but for any other permission on a node level only after all data is read(resulting in a lot of more SQL queries at all). Isn't this very inefficient?

0 votesVote for this answer Mark as a Correct answer

Juraj Ondrus answered on December 9, 2014 10:28

Hi Stefan,

The check is not done on the SQL server side but it is done in the memory - there are the data filtered. So, it should not be that inefficient. Here is just the check for read - since other should not be required.

Also, have you tried using the FilterDataSetByPermissions from the TreeSecurityProvider class? It may fit your needs too.

Best regards,
Juraj Ondrus

0 votesVote for this answer Mark as a Correct answer

Stefan Lorenz answered on December 9, 2014 12:17

Thanks for the info, I'll give this a try!

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.