concurrent cms user and custom control

Posted by Community Admin on 04-Aug-2018 14:30

concurrent cms user and custom control

Sitefinity - Front- & Back-End Development

All Replies

Posted by Community Admin on 10-Jan-2012 00:00

Hello,

i did read this thread : Clarification on Concurrent CMS Users

and i did not see the response at this question:

Is it possible to use the Sitefinity API (in a custom web control) to add/modify content if the logged user lack the Backend or administrator role?
For exemple, in a front-end control which manage the news module

Posted by Community Admin on 12-Jan-2012 00:00

Hi Kenny,

If your custom control is created with our fluent API, only users that have permissions will be able to manipulate with content from the News module.

All the best,
Jen Peleva
the Telerik team

Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 16-Jan-2012 00:00

Hi,

When you say "only users that have permissions",
you are referring to the permissions i implemented for the module? (business roles) or you mean the backend/administrator role?

Thanks for your precisions

Posted by Community Admin on 19-Jan-2012 00:00

Hello Kenny,

In Sitefinity you are able to set permissions to content modules, as well as on page and widget level. Our built-in widgets have those permissions implemented by default, but in a custom control you would have to specify which users can view/modify your control, by setting permissions programmatically. Depending on which users should be able to work with your control, you can allow Everyone to view/modify/delete etc the widget (for front-end users) or set these permissions only to certain backend users.

Greetings,
Jen Peleva
the Telerik team

Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 19-Jan-2012 00:00

Hello,
I'm aware of that...
My question was unclear, sorry for that, i'll try to reformulate.
My custom control manage news in the front end (list items, modify, add, delete).

A user U log in. this user is a news contributor, but lack the backend/administrator role.
however, as a contributor, he can add/delete news content.
Will the user U be able to manage news content through the custom control in the front end ?
I did it already with Sitefinity 3.6,
but there is some change in v4 regarding the concurrent users. I don't want user U to take a token

Posted by Community Admin on 21-Jan-2012 00:00

Hi Kenny,

If your user is not a backend user by default he won't be able to manage news. However, this behavior can be modified by suppressing security checks (ignore permissions). This way all front-end users will be able to manipulate with news content, using your control. If this is not convenient for you, you can set permissions to your custom control, so that it would be visible only for specific users who should be able to do so (user U). To suppress security checks you need to set SuppressSecurityChecks property of the NewsManager to True as in the sample below:

NewsManager newsManager = NewsManager.GetManager();
newsManager.Provider.SuppressSecurityChecks = true;
//now front-end users will be able to delete news items (for example)
NewsItem master = newsManager.GetNewsItems().Where(n => n.Title == "test").First();
newsManager.Delete(master);
newsManager.SaveChanges();

Regards,
Jen Peleva
the Telerik team
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

This thread is closed