The content you're reading is getting on in years
This post is on the older side and its content may be out of date.
Be sure to visit our blogs homepage for our latest news, updates and information.
This article is part of the documentation preview for the Programming Security section of the Developer manual. You can view the temporary TOC here
In Sitefinity, permission classes work this way:
You might wonder, how do we request a permission to do an operation? This is done by using rights. Rights in Sitefinity are bit fields. As a common practice, we define a class that has public static properties that emulate the behaviour of an enumeration (because in code you won't have to convert to an integer). Most modules use CrudRights.
When you implement a Permission class, you will have to implement Telerik.Security.Permissions.ApplicationPermission. This class provides the basic functionality and all you will need to do is provide a set of constructors and override its CheckDemand() method.
Since the most code will be in constructors, it makes sense to know what ApplicatonPermission's constructors are:
Here is how the Permission class is implemented in the sample pluggable Contacts module :
What determines whether a permission is granted or not is the CheckPermission override. In this sample, if the current user is part of the special administrators role, he/she is granted permission. Otherwise, the persisted value is returned. If you want to check again specific rights, check the Grant and Deny properties, which contain the bitwize OR'ed combination of requested rights.
View all posts from The Progress Team on the Progress blog. Connect with us about all things application development and deployment, data integration and digital business.
Subscribe to get all the news, info and tutorials you need to build better business apps and sites
Copyright © 2019 Progress Software Corporation and/or its subsidiaries or affiliates.
All Rights Reserved.
Progress, Telerik, and certain product names used herein are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries. See Trademarks for appropriate markings.