Developer forum

Forum » Development » Permissions

Permissions

E-mail notifications
Mads Kold
Reply
Posted on 01/10/2018 13:10:18

Hi

Is it posible to create custom permissions and use them with the Permision class? I can't find it in the doc's!

Br. Mads


Replies

 
Martin Vang
Martin Vang
Posted on 02/10/2018 08:55:11
Reply

Hi Mads,

Ehm. Custom permissions? I think you need to clarify what you want to do. It's probably possible without doing anything custom.

If you want to set permissions on a non-dynamicweb object, we can oblige out of the box:

 
Setting:
int id = 0;
string userId = "123456";
string key = "UniqueIdentifierForEvent"; //this is the PK used in the database - make sure it is unique, as it will override existing permissions otherwise.
string name = "MyCustomCode"; //General area is the custom code for the "MyCustomCode" project
string subName = "Database"; //Permissions for the Database section of the project
PermissionLevel level = PermissionLevel.Read | PermissionLevel.Edit; //Allow both read and edit. All permissions are enum flags and can be concatenated together
 
var permission = new UnifiedPermission(id, userId, key, name, subName, level);
var service = new UnifiedPermissionService();
 
service.Save(permission);
 
 
You can call "permission.ToIdentifier();" to see exactly what "thing" you've assigned permissions to. You need such an identifier to check permissions again:
 
Getting:
string key = "UniqueIdentifierForEvent"; 
string name = "MyCustomCode";
string subName = "Database";
var identifier = new UnifiedPermissionIdentifier(key, name, subName);
PermissionLevel level;
if(service.TryGetPermission(identifier, out level)){
   if(level == PermissionLevel.Edit){
      ...
   } else if(level == PermissionLevel.Read){
      ...
   }
}
 
 
If you have an object that should be permission controlled, you can implement the interface "IPermissionControlled" to get the same behavior as fx. Dynamicweb.Page.vb
Custom permission object:
 
public class MyCustomObject : IPermissionControlled {
    public string ImportantProperty{get;set;}   
    public string Identifier {get;set;}
   
    public IPermissionControlled GetParent()
        {
            throw new NotImplementedException();
        }
 
    public UnifiedPermissionIdentifier GetPermissionIdentifier()
    {
        return new UnifiedPermission(Identifier, "MyCustomObject", ""); //note that subName may be empty if you prefer...
    }
}
 
You can now use the following code:
 
var newObject = new MyCustomObject();
if(newObject.HasPermission(PermissionLevel.Read)){
   ...
}
 
etc.
 
Hope this helps you finish your task. :)
 
BR
Martin
 
Mads Kold
Posted on 02/10/2018 09:05:01
Reply

Hi Martin

I think what you send me covers my version of "custom" permissions :-) We primary want to show/hide funktions in the front end depending on what usergroup you are in, is that posible?

When are you creating the permissions, they only have to be created once?

Br. Mads

 
Martin Vang
Martin Vang
Posted on 03/10/2018 13:22:58
Reply

Hi Mads,

Another good question. :)

We persist the permissions to a single database table, so it can be moved/cleaned/whatever. The important bits are the 3 key-values and the usergroupid:

  1. Key
  2. Name
  3. SubName
  4. UserId

You can even move the data from fx. Staging to Production, if you have such a setup. As long as the you "name" the composite keys in the same way, it will work out of the box.

You can even set up integration/something else to update this table if you need to (I sometimes just do it manually to test things). It's just plain data with a single value (PermissionLevel). Calculating the value needed in the PermissionLevel column in the database is a bit tricky, though. It follows the rules here: bitflag enums. Let me know if you need help with this.

Once you have a permission for a key-name-subname + userId, it is saved until you delete it.

Let me know how this works out.

BR

Martin

 

You must be logged in to post in the forum