How To Programmatically check permissions on a blog post

Posted by Community Admin on 04-Aug-2018 22:35

How To Programmatically check permissions on a blog post

Sitefinity - Front- & Back-End Development

All Replies

Posted by Community Admin on 27-Jun-2013 00:00

I'm building a custom template for the BlogPostList. In codebehind I need to know if a particular blog post  is set to deny anonymous users (Note: I'm talking about a blog POST, not the entire blog).  If yes then I will display a small lock icon. And if the user is an anonymous user then I will change the href of the links to a javascript alert stating they must log in to view the details of the blog post.

How do I check if a blog post is secured?

Posted by Community Admin on 02-Jul-2013 00:00

Hi,

To check permissions for blog post use the security API and query a single blog post like below.
In the highlighted code specify the single blog post to be checked.

BlogsManager blogsManager = BlogsManager.GetManager();
           UserManager usersManager = UserManager.GetManager();
  
           SecurityConfig secConfig = Config.Get<SecurityConfig>();
           Telerik.Sitefinity.Security.Configuration.Permission blogsPermSet = secConfig.Permissions[SecurityConstants.Sets.General.SetName];
           int actionsMask =
               blogsPermSet.Actions[SecurityConstants.Sets.General.Create].Value |
               blogsPermSet.Actions[SecurityConstants.Sets.General.Delete].Value;
  
           ISecuredObject securedObject = blogsManager.GetBlogPosts().Where(bp => bp.Title == "MyPost").First();
           Guid[] users = new Guid[] usersManager.GetUser(userName).Id ;
           bool isGranted = securedObject.IsGranted(SecurityConstants.Sets.General.SetName, users, actionsMask);

Regards,
Stanislav Velikov
Telerik
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 02-Jul-2013 00:00

No good.

First I get an the error;  Exception has been thrown by the target of an invocation. on the following line.

ISecuredObject securedObject = blogsManager.GetBlogPosts().Where(bp => bp.Title == "MyPost").First();

Since I'm working in the repeaters ItemDataBound method I already have access to the blog post so I tried setting this:
var item = (RadListViewDataItem)e.Item;
var post = item.DataItem as BlogPost;
ISecuredObject securedObject = post;

But then I get the error: Telerik.Sitefinity.Blogs.Model.BlogPost with ID 7fee238a-44f4-6476-85c2-ff0000fd6176 does not support permission set General. It supports BlogPost, Comments. on the line.
securedObject.IsGranted(SecurityConstants.Sets.General.SetName, users, actionsMask);

Any idea how to get around this?

Thanks,
Gregg Duncan

Posted by Community Admin on 05-Jul-2013 00:00

Hello Gregg,

Change the permission sets to be

BlogsManager blogsManager = BlogsManager.GetManager();
            UserManager usersManager = UserManager.GetManager();
            
            SecurityConfig secConfig = Config.Get<SecurityConfig>();
            Telerik.Sitefinity.Security.Configuration.Permission blogsPermSet = secConfig.Permissions["BlogPost"];
 
            int actionsMask =
                blogsPermSet.Actions["ViewBlogPost"].Value;
The sets for blog posts
"ViewBlogPost"
ManageBlogPost"
"ChangeBlogPostOwner"
"ChangeBlogPostPermissions"

Regards,
Stanislav Velikov
Telerik
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

This thread is closed