Limit widgets in PageControls toolbox for certain roles/user

Posted by Community Admin on 26-Jan-2013 00:00

I have a requirement - some editors don't have to see some widgets, like: navigation, data, javascript, etc. We need to make them see only basic content widgets: content block, image, etc. I'm speaking about Pages module, backend page edit functionality.

Not sure how to do it in Sitefinity 5.3. Was searching on forums and found solution for Sitefinity 3. Can I do something similar for Sitefinity 5? Can I override how PageControls toolbox is contracted some how? Also, some topics mention Policy functionality, but looks like it doesn't work.

Please advice how to do this.
Thanks,
Denis.

Posted by Community Admin on 31-Jan-2013 00:00

Hello Denis,

You can achieve this by registering a custom pageEditorRouteHandler in the Global.asax file.

The sample allows you to restrict access to any number of widgets based on a role. This is configured through a new setting in the toolbox section called disallowed roles. All you have to do is include the code sample in your project and enumerate the disallowed roles in your configurations.

Instructions

Unpack the attached code sample

Include the Global.asax file in your project root

You can add rules from the toolbox settings in your administration. You are able to set the different deny rules for a specific set of roles separated by a coma. Create a new Toolbox Item parameter called DisallowedRoles for any control and set the list of roles. Here is a screenshot of a sample configuration:

I have attached the custom RouteHandler, where we specify the logic for displaying toolbox items for users from particular role only.

Kind regards,
Jen Peleva
the Telerik team

[View:/cfs-file/__key/communityserver-discussions-components-files/296/fd5c8177_2D00_6f2c_2D00_4303_2D00_915c_2D00_41a717617115_5F00_PageEditorRouteHandler.zip:320:240]

Posted by Community Admin on 18-Mar-2014 00:00

Hello,

Please find a modified custom page editor route handler which is working with version Sitefinity 6.x:

public class CustomPageEditorRouteHandler : PageEditorRouteHandler

protected override void ApplyLayoutsAndControls(System.Web.UI.Page page, System.Web.Routing.RequestContext requestContext)

base.ApplyLayoutsAndControls(page, requestContext);

var zoneEditor = page.Form.FindControl("ZoneEditor") as ZoneEditor;

// ZoneEditor is not available is some cases like when the page is locked

if (zoneEditor == null)

return;

Guid userId = SecurityManager.GetCurrentUserId();

User user = UserManager.GetManager().GetUser(userId);

var tools = new Dictionary<string, ToolboxItem>();

foreach (var section in zoneEditor.ControlToolbox.Sections)

foreach (ToolboxItem tool in section.Tools)

if (!tools.ContainsKey(tool.Name))

tools.Add(tool.Name, tool);

foreach (var toolboxItem in tools)

var disallowedRoles = toolboxItem.Value.Parameters["DisallowedRoles"];

if (!string.IsNullOrEmpty(disallowedRoles)) // means that there are role based limitations set for the specific widget

var roleNames = disallowedRoles.Split(CustomPageEditorRouteHandler.RoleSeparator, StringSplitOptions.RemoveEmptyEntries);

foreach (var roleName in roleNames)

if (IsUserInRole(userId, roleName.Trim()))

toolboxItem.Value.Enabled = false;

private bool IsUserInRole(Guid userId, string roleName)

bool isUserInRole = false;

// here we get the AppRoles provider, because Authors and Editors roles are in this provider

RoleManager roleManager = RoleManager.GetManager("AppRoles");

bool roleExists = roleManager.RoleExists(roleName);

if (roleExists)

isUserInRole = roleManager.IsUserInRole(userId, roleName);

return isUserInRole;

private static readonly char[] RoleSeparator = new[] ',' ;

AppRoles contains the following roles:
    [0]: Role "Editors", Id=a4f170a2-dc31-43d0-b61f-1f594d5f9782
    [1]: Role "Everyone", Id=b7210e90-5a45-4073-9d0e-35c3d1849219
    [2]: Role "BackendUsers", Id=842c900e-1db1-46df-94df-3949c505ccf4
    [3]: Role "Authenticated", Id=146ce21d-8a5e-491c-875e-4702b0a7bf7d
    [4]: Role "Anonymous", Id=325b1c5b-98db-4c6a-811e-78170cc25843
    [5]: Role "Administrators", Id=e6529888-9fa0-490f-b8d4-80fbb675c2bd
    [6]: Role "Authors", Id=413b3b3e-a237-4125-a873-89cf2d201968
    [7]: Role "Owner", Id=ec5f81f5-f129-4f18-9b6b-aa144f5c7692
    [8]: Role "Users", Id=10cd1139-4154-458b-b140-b7f0ec1f7432
    [9]: Role "Designers", Id=ce349fe5-29c0-4bf3-98d7-f2511cd56e4c

Then you need to Build the project and add toolboxes item parameter DisallowedRoles under the widget you do not want to be visible by specific role. Please review the screenshot:

screencast.com/.../cPoPDLi6

I have added the parameter for ImageControl widget.

Regards,
Stefani Tacheva
Telerik

Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items

Posted by Community Admin on 31-Jul-2014 00:00

Can you show how the global.asax file should look with the PageEditorRouteHandler.cs registered?

Where would one place the PageEditorRouteHandler?

Posted by Community Admin on 31-Jul-2014 00:00

Hi Richard,

I found this page that does it for me using 6.3.5000. Works good :) Has an example of the global.asax as well.

www.sitefinity.com/.../restrict-usage-of-widgets-based-on-roles

Posted by Community Admin on 31-Jul-2014 00:00

Hello,

Thank you for sharing the article with the community.

The article is connected to the blog post we created regarding this functionality.

I am glad to hear that it was useful.

Regards,
Stefani Tacheva
Telerik

Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items

This thread is closed

All Replies