Custom permissions

From Sense/Net Wiki
Jump to: navigation, search
  •  
  •  
  •  
  •  
  • 100%
  • 6.0
  • Enterprise
  • Community
  • Planned

Overview

Permission settings
Sense/Net comes with a built-in permission system with the most common permission types. The pre-defined permission type set is adequate in most of the cases, but there might be some situations when it is desired to define custom permissions on content - for example if you want to control whether a specific user is allowed to print a certain document or not. This setting would be much more than a simple global role, since the setting could vary for different content and for different users at the same time.

Details

Besides the built-in permission types (See, Open, etc.) Sense/Net defines 14 custom permission types (Custom01, Custom02, etc.) that can be used for custom permission settings. A common example would be to allow a user to print a document (or deny it): for this builders/developers could assign the permission type Custom1 and use it consistently in the system to check permissions and allow or disallow printing.

Showing custom permissions in permission editor

By default the permission editor will only show the 18 built-in permission types. To show custom permissions in the list of permission types do the following:

  • edit /Root/System/SystemPlugins/Controls/PermissionEditor.ascx
  • at the top of the layout you will find a script running on server side overriding the OnInit function:
<script runat="server">
    string displayName = SenseNet.ContentRepository.Content.Create(PortalContext.Current.ContextNode).DisplayName;
 
    protected override void OnInit(EventArgs e)
    {
        ((SenseNet.Portal.UI.Controls.PermissionEditor)this).VisiblePermissionCount = 18;
        base.OnInit(e);
    }
</script>
  • increase the value of the VisiblePermissionCount property from 18 to the desired amount (eg.: 19 if you want to display Custom01, or 32 if you want to display all permission types)

After saving the file you will see the custom permissions appear in set permission dialogs:

Custom permissions in permission editor

Setting display name of custom permissions

Permission type names are internationalized which means that names come from string resources. You can find string resources of permission type names in the /Root/Localization/PortalResources.xml file, at keys starting with "Permission_":

Custom permission string resources

You can either override these string resources or it is even better to use the Resource editor to edit the texts:

Editing permission type names

After editing the custom names you should see something like the following in the permission editor:

Customized permission type names


Showing custom permissions in required permissions

Applications can ask for required permissions on content whenever a user tries to open the content with the specific application. For example if you have an application that deletes the content you can set the 'Delete' permission at the required permissions of your app and thus the user will not be able to click on your action link if the user is not allowed to delete the content. For more info on the topic read the following:

Custom permissions can also be used with this feature. To show custom permissions in the requred permissions field do the following:

  • edit the CTD of Application type (/Root/System/Schema/ContentTypes/GenericContent/Application)
  • at the definition of the RequiredPermissions field set the VisiblePermissionCount to the number of permissions you want to display:
    <Field name="RequiredPermissions" type="Choice">
      <DisplayName>$Ctd-Application,RequiredPermissions-DisplayName</DisplayName>
      <Description>$Ctd-Application,RequiredPermissions-Description</Description>
      <Configuration handler="SenseNet.ContentRepository.Fields.PermissionChoiceFieldSetting">
        <AllowMultiple>true</AllowMultiple>
        <VisibleBrowse>Advanced</VisibleBrowse>
        <VisibleEdit>Advanced</VisibleEdit>
        <VisibleNew>Advanced</VisibleNew>
        <VisiblePermissionCount>18</VisiblePermissionCount>
      </Configuration>
    </Field>

Checking if a user has a custom permission on a content

You can use the usual techniques to check for permissions (see Most common API calls#8. Checking permissions for examples). Simply use Custom01 - Custom17 permissiontypes:

var node = Node.LoadNode(path);
if (node.Security.HasPermission(PermissionType.Custom01)) {
   // ...
}

If you want to use custom names, simply create an alias:

public PermissionType PrintPermission
{
   get
   {
      return PermissionType.Custom01;
   }
}

After that you can use it the usual way:

if (node.Security.HasPermission(PrintPermission))
{
   // ...
}

Example/Tutorials

There are no examples for this article.

Related links

References

There are no external references for this article.