Reputation: 42635
Orchard Permissions in a custom module
So I've created my first Orchard module, which is essentially just a CRUD in the admin panel, with a front-end form available to the public. Now I need to give different levels of access to different user roles in the admin panel. I've created the "admin" users fine, but now I have trouble with the less privlidged users, who can only see a subset of the records.
The problem is I have NO IDEA where to start. I would be happy to just say on my List screen: if (UserRole == "SomeRestrictedRole") Select.Where("however we restrict"); - but I don't know how to access the UserRole (I'm also fairly new to .NET MVC).
I think the PROPER solution would be to extend IPermissions or something like that? But again, I can't find any tutorials or docs to point me in the right direction.
Here are the docs I have read so far:
http://docs.orchardproject.net/Documentation/Creating-a-module-with-a-simple-text-editor
http://docs.orchardproject.net/Documentation/Understanding-data-access
http://docs.orchardproject.net/Documentation/Managing-users-and-roles
http://docs.orchardproject.net/Documentation/Understanding-permissions
Any advice would be much appreciated!
Upvotes: 2
Views: 3337
Answers (1)
Reputation: 17814
Right, don't restrict access based on roles, but rather on permissions. Look at any Permissions.cs for examples of implementation. Then search for the permissions declared in there to see examples of enforcing them. It's really easy, you'll see :)
Upvotes: 6
Related Questions
- How can an Orchard Core module add new roles and permissions?
- Orchard v.1.10 blog view permissions
- Permission defaults ignored in Orchard
- Orchard Custom Module Shared Directory
- Is it possible to attach permissions to content parts in Orchard CMS?
- Manually setting folder permissions for Orchard CMS
- Orchard: Restricted access pages
- Orchard CMS and app_data folder in modules
- Roles and Permissions Issue
- Orchard CMS Module Install with IISExpress Fails because of permissions