Checking Posting User Rights
| It is typically desirable to verify that the current user is allowed to perform an action rather than handling the access denied exception that occurs if we allow them to try to do something when they don't have sufficient rights (see the Sufficient Rights sidebar in Chapter 25). Since navigation is frequently created at runtime, it can be desirable to proactively leave off functionality that the current user isn't allowed to perform or visually indicate areas where the user is allowed to perform certain functions. This can easily be accomplished using the Posting "user right" properties. The following code will display the Boolean values for each of these properties. The simple error handling in the code throughout these code samples isn't meant to be the model for how to handle CMS exceptions; there is an application code block from Microsoft on how to do exception handling in .NET. These functions also assume the presence of both a ListBox1 and a Label1 to provide visual feedback to the user, which certainly won't typically be normal, but it works for our purposes. Replace the Button1_Click function of our Scratchpad template (see the Scratchpad sidebar in Chapter 24 for details) with the following code: private void Button1_Click(object sender, System.EventArgs e) { try { //1. Grab the current CMS Context CmsHttpContext cmsContext = CmsHttpContext.Current; //2. Populate the label with the name of the Posting, // and the PublishingMode Label1.Text = "<b>Posting: </b>" + cmsContext.Posting.Name.ToString() + "<br><b>PublishingMode: </b>" + cmsContext.Mode.ToString(); //3. Populate the ListBox with values for various user rights ListBox1.Items.Add( "CanApprove: " + cmsContext.Posting.CanApprove.ToString() ); ListBox1.Items.Add( "CanDelete: " + cmsContext.Posting.CanDelete.ToString() ); ListBox1.Items.Add( "CanMove: " + cmsContext.Posting.CanMove.ToString() ); ListBox1.Items.Add( "CanSetProperties: " + cmsContext.Posting.CanSetProperties.ToString() ); ListBox1.Items.Add( "CanSubmit: " + cmsContext.Posting.CanSubmit.ToString() ); } catch(Exception eError) { //4. Provide error feedback to the developer Label1.Text = "<b>Error: </b>" + eError.Message.ToString(); } } Build the solution and then refresh the Scratchpad posting in Internet Explorer, or browse to it and click the Button. The page should reload and look similar to Figure 26-1. Figure 26-1. Posting user rights
We increased the height of the ListBox on the template for this example so that Figure 26-1 would show all five entries. You may need to scroll down to see the current value for CanSubmit. As you can probably surmise from the preceding example, CMS allows us to programmatically approve/decline, delete, move, alter, and submit Posting objects in a referencing Channel object. These Posting properties will help us determine if we should allow the current user to have access to this functionality. The Boolean result of each property is strictly an indicator of the user's rights rather than the proper Context PublishingMode to perform the function. This way, we can provide a visual indication in the dynamic navigation of the user's ability or lack thereof to perform these functions regardless of the mode of the current Context. Therefore, just because one of these properties returns true doesn't automatically mean that any attempt to modify an object will succeed. To that end, it is always wise to place the verification that a user has sufficient rights and the actual modification within a .NET try/catch block. Also, all the following Posting properties cannot be read for objects after they have been deleted and always return false for historical revisions of an object. A more representative code sample follows in the next main section of this chapter: Managing Postings. CanApproveThe CanApprove property indicates two things: that the authenticated user has sufficient rights to approve/decline the posting and that the posting requires approval. It will return true if both of these conditions are met and false if they are not met or if the user cannot implicitly acquire ownership. There are several complex scenarios that determine whether a user has sufficient rights. All of them revolve around the current state of the posting, the rights on the containing channel, and the group membership of the current user. This property is useful primarily for indicating to the user which postings they have the right to approve. CanDelete (Inherited from HierarchyItem)The CanDelete property indicates whether the authenticated user can delete the referencing Posting object. This property will return true if the authenticated user has sufficient rights to delete the posting from the channel. This property will return false if the authenticated user does not have sufficient rights or if the user cannot implicitly acquire ownership. CanMoveThe CanMove property indicates whether the authenticated user can move the referencing Posting object. This property will return true if the authenticated user has sufficient rights to move the posting from the channel. This property will return false if the authenticated user does not have sufficient rights or if the user cannot implicitly acquire ownership. CanSetProperties (Inherited from HierarchyItem)The CanSetProperties property indicates whether the authenticated user can indeed alter the properties of a posting. This requires the same sufficient rights as for managing postings. This property will return true if the authenticated user has sufficient rights and false if they do not have sufficient rights or if the user cannot implicitly acquire ownership. CanSubmitThe CanSubmit property indicates two things: that the authenticated user has sufficient rights to submit the posting and that the posting could be promoted to a Submitted state. It will return true if both of these conditions are met and false if they are not met or if the user cannot implicitly acquire ownership. This property is useful primarily for indicating to the user which postings they have the right to submit. |
EAN: 2147483647
Pages: 298