Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Stephen 767 posts 2273 karma points c-trib
    May 13, 2011 @ 14:14
    Stephen
    0

    Set permissions programmatically

    I have the following requierement:

    User has permission to [action.browse] to node <parent> but not to do anything with that node, except [action.new] children. And, user should have permission to [action.update] those children. Which means we should _add_ a permission to <child> when it is created, in a Documen.New handler.

    Trouble is, using UserPermissions.SaveNewPermissions() can not work here, because it will check that the _current_ user has permission to change the permissions, which he has obviously not.

    One workaround is to set permission to [action.rights] on <parent> but I'd really avoid this. We're missing a [action.rightsOnChildren] permission, here...

    Is there another API to set permissions, that would _not_ check that the current user can do it?

    Ideas?

  • Stephen 767 posts 2273 karma points c-trib
    May 13, 2011 @ 14:40
    Stephen
    0

    Workaround: set [action.rights] on <parent> but then setup a handler to remove the option to manage permissions from the content tree context menu. So the user has _permission_ to manage rights, but it never shows in the context menu. Kind of dirty?

  • Stephen 767 posts 2273 karma points c-trib
    May 13, 2011 @ 17:06
    Stephen
    0

    Solved! There _is_ another API: umbraco.BusinessLogic.Permission.MakeNew(...) and it does not check perms before doing the job. Now, it won't refresh the user's cache so you'll want to do that (what's the nicest way?).

Please Sign in or register to post replies

Write your reply to:

Draft