Smart Search filter - check user permissions for page types

Lawrence LeFebour asked on May 25, 2017 16:11

Hi there, I have a smart search filter on a page that displays a list of page types. Some page types are restricted to specific user roles. How can I modify the filter to only display the page types that the current user has the ability to see? The results web part has the 'check permissions' option which works fine, but I'd prefer to also prevent the current user from even seeing a page type in the filter that they don't have access to. Any ideas on the 'where' clause or other methods to filter out the page types would be appreciated. Thanks in advance.

[updated] for reference, here is the current query applied to the filter: select distinct 'NodeParentID' as field, '(int)' + CONVERT(varchar, v.NodeParentID) as id, v.ClassDisplayName as name from View_CMS_Tree_Joined v where ##WHERE##

where clause: v.NodeLevel = 2 and v.Published = 1 order by name

We use a page type structure in our content tree where we have a 'parent' page type that represents the 'folder' level and the child 'page type' that represents the actual document. That's why we select the NodeLevel = 2

Correct Answer

Peter Mogilnitski answered on May 25, 2017 22:36

There are different permissions, assuming you want to get types with 'Read' permission

select 'classname', CMS_Class.ClassName, CMS_Class.ClassDisplayName
from CMS_Permission 
join CMS_RolePermission on CMS_RolePermission.PermissionID = CMS_Permission.PermissionID 
join CMS_Class  on CMS_Class.ClassID = CMS_Permission.ClassID 
join CMS_UserRole on  CMS_UserRole.RoleID = CMS_RolePermission.RoleID 
where ##WHERE##  and PermissionName = 'Read' and ClassName <> 'CMS.Folder'

with ##WHERE## looking like UserID = {%CurrentUser.UserID|(identity)GlobalAdministrator%}

0 votesVote for this answer Unmark Correct answer

Recent Answers

Lawrence LeFebour answered on May 29, 2017 17:56 (last edited on June 2, 2017 21:11)

Thanks Peter, I'm trying some variations on your response. One thing I'm not sure about is how permission inheritance is handled. Currently in my content tree, I have permissions set for the parent page which I then break at various levels of the content tree in order to have only specific roles access those page types. When I run your query above, I see the explicit page types that a specific role has been granted access to, but not the page types that inherit from the parent page. Any ideas about that?

[Update: I was able to make the permission inheritance more evident by manually adding the appropriate read permissions to the various page types. I'll be marking Peter's answer as the correct for my case.]

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.