Permission settings in production environment

From Sense/Net Wiki
Jump to: navigation, search
  •  
  •  
  •  
  •  
  • 90%
  • 6.0.7
  • Enterprise
  • Community
  • Planned

Overview

Sense/Net has a powerful and highly customizable Permission System. For more details on how you can set the accessibility of your content see the Permission settings article. This page focuses on best practices and advises on how you can make your site more secure in a production environment by modifying content permissions in the Content Repository.

General approach

There are a couple of things you should consider when building a production ready portal.

  • Set permissions on your content early in the development process: although it is easy to develop in an environment where everything is allowed, it will be harder to restrict users right before the release, when unexpected 'access denied' errors can occur.
  • Do not give permissions to the Root content: generally it is more advisable to grant permissions on lower levels instead of giving too much permission on higher level (e.g. the site root) and then break or deny permissions later.
  • Grant permissions on containers: this may contradict the previous one, but still: it is more advisable to grant permissions on containers (e.g. folders in a document library) than individual content (documents), to prevent creating too many permission entries than may become hard to manage later.
  • Grant permissions to groups: it is more advisable to grant permissions to groups instead of users, because it will be easier to manage them later.
  • Grant only the necessary permissions: sometimes it is enough to grant See or Run application permissions. In these cases do not grant Open or Preview permission to prevent information leak (remember: Open or Preview permissions allow users to access content through OData).

Please note that this page describes the default Content Repository structure and contains only advises for building a production-ready product. It cannot be ever complete because every portal has a different structure of custom content.

Regular content

Most of the Content items in the Content Repository are regular content: articles, documents, etc. To give access to these content, you may grant users the following permissions.

Content that need an application

Articles, news items or similar content are usually displayed by a browse Application or a standalone page. In these cases you should give users (meaning one or more user groups) the following permissions for the content itself:

  • Open
  • any other permissions related to managing content (e.g. Save, Delete, Set permissions)

Documents

Documents are special content that can be either downloaded or opened directly in the browser using the Sense/Net document viewer. The necessary permissions are the following:

  • Preview: if you only want to let users view the document in the browser, but not download or edit it using Microsoft Office.
  • Open: if you want to enable document download

Add content

The 'add new content' use case can be a complex scenario in terms of permissions and content settings. Please visit the following article for details on how to set permissions to allow users adding new content in Sense/Net ECMS:

Applications

Applications are essential part of Sense/Net ECMS. From version 6.3 the only permission you have to give users to be able to execute applications is the following:

  • Run application

For more details about application permissions see the following article.

Permissions for apps

Regular portlet pages

There are cases when content are displayed by regular pages under the site. In this case, you need to grant the following permissions for the pages to be accessible:

  • Open

Content views

Content views, Collection views and other controls (ascx, cshtml and vbhtml files) are very common in Sense/Net. When portlets try to load them, they will check for the following permissions:

  • Run application
Views

This means you do not have to grant Open permission for these types of files, the system will automatically load them in the background. But you can control which views are accessible by certain groups of users by using the Run application permission - e.g. allow displaying content for most of the users with a generic global view, but let others see a more specific local one.

Trash

  • /Root/Trash

If you want to allow users to delete content to the Trash, you have to grant the following permissions to them:

  • Open

They do not have to have Save permission there, because the system will handle moving items into and out of the Trash.

Executable files - from version 6.3.1 Patch 3

Sense/Net ECMS has very strict rules for executable files (e.g. aspx or ashx files). To learn about creating them and setting permissions correctly, please check the following article:

System content

There are a couple of content under the subtree /Root/System which you should grant access for to certain groups of users. It depends on the role of the users whether you let them access these content or not.

System content

Web root

System content that in case of a regular web application reside in the site web root are stored in the Content Repository in case of Sense/Net ECMS. If you want to grant users access to these files, you need to give them the following permissions:

  • Open
  • Run application

For example:

  • /Root/System/WebRoot/binaryhandler.ashx: for image requests (even for visitors)
  • /Root/System/WebRoot/picker.aspx: for copy and move operations
  • /Root/System/WebRoot/DelteAction.aspx: for delete operations
  • /Root/System/WebRoot/Explore.html: for accessing Content Explorer
  • /Root/System/WebRoot/ExploreFrame.html: for accessing Content Explorer
  • /Root/System/WebRoot/ExploreTree.aspx: for accessing Content Explorer

Permission placeholders

Sense/Net ECMS is able to handle role-based permissions in more than one way. Permission placeholders feature is one of them: it can be used to control the accessibility of certain features in Sense/Net. The following permission must be granted to users on permission placeholders to control user accessibility:

  • Run application

For example:

  • /Root/System/PermissionPlaceholders/ContentStore-mvc: for every action that needs to open the Content Picker.
  • /Root/System/PermissionPlaceholders/Wall-mvc: for using the Wall on workspaces.

Workflows

The Workflow framework is one of the huge advantages of Sense/Net ECMS. In this section you can learn the appropriate permission settings that let users edit or execute workflows in the system.

Assign workflows to lists

Workflow definitions reside in the following folder:

  • /Root/System/Workflows

Editors need to have the following permission for this folder (or individual workflow definitions in the folder) to be able to assign workflows to content lists:

  • Open (this is needed because of workflow definitions are listed using a regular content collection portlet)

Execute workflows

To execute a workflow (e.g. start a public registration process) users need to have the following permission for the appropriate workflow content type:

  • See

For example:

  • /Root/System/Schema/ContentTypes/GenericContent/Workflow/RegistrationWorkflow: even visitors have See permission for this workflow to be able to start the registration process.

CORS

Sense/Net ECM supports CORS (Cross-origin or cross-domain) requests sent to the portal from version 6.4. Please look into the following article for more details:

Related links

References

There are no external references for this article.