Filter TreeNodeCollection based on backend user permissions
I have created a custom section that I would like display only the nodes that are available to the backend user who is currently logged in.
(Basically, what I want is the nodes shown to a given backend user in the content section.)
I have implemented GetTreeNodes of my TreeController like this:
protected override TreeNodeCollection GetTreeNodes(string id, FormDataCollection queryStrings)
{
var nodes = new TreeNodeCollection();
var rootNodeId = Constants.System.Root.ToInvariantString();
//check if we’re rendering the root node’s children
if (id == rootNodeId)
{
foreach (var node in Umbraco.ContentAtRoot().ToList())
{
var permissions = helper.GetCurrentUmbracoUser().GetPermissions(node.Path);
if (permissions == "-") continue;
var treeNode = CreateTreeNode(node.Id.ToString(), rootNodeId, queryStrings, node.Name, "icon-home", false);
nodes.Add(treeNode);
}
}
return nodes;
}
The method works as expected but I was hoping for more robust way to do this.
The "HasAccess" you are referring to is for Members, and these methods are available on the UmbracoHelper.MemberHasAccess which actually calls in to Application.Services.PublicAccessService.
You can always find answers to things like this in the source since we already do permissions checks on the trees in the Core:
Thanks. I am building a custom analytics section for Umbraco Forms. The idea is that a very restricted user can access aggregated form statistics and visualisations without editor permissions a given node.
You can do anything you want ;) BUT... the tree is created using the EntityService for performance reasons. If you start going to lookup up full content items or content type's you could run into some performance issues especially if you get into N+1 lookups which is a very common mistake for tree developers. This will happen if you start performing lookups for each tree node.
Filter TreeNodeCollection based on backend user permissions
I have created a custom section that I would like display only the nodes that are available to the backend user who is currently logged in.
(Basically, what I want is the nodes shown to a given backend user in the content section.)
I have implemented GetTreeNodes of my TreeController like this:
The method works as expected but I was hoping for more robust way to do this.
Pre-v7 code samples show code similar to this:
However, they do not appear to work in current versions.
Does someone know of a better way to do the above in V7?
The "HasAccess" you are referring to is for Members, and these methods are available on the UmbracoHelper.MemberHasAccess which actually calls in to Application.Services.PublicAccessService.
You can always find answers to things like this in the source since we already do permissions checks on the trees in the Core:
https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/src/Umbraco.Web/Trees/ContentTreeController.cs#L80
I'm not sure what your custom tree is doing but it is only showing published content BTW.
Thanks. I am building a custom analytics section for Umbraco Forms. The idea is that a very restricted user can access aggregated form statistics and visualisations without editor permissions a given node.
I did look at core but if I understand correctly I cannot modify/restrict node actions on a ContentTreeController as GetMenuForNode is sealed?: https://github.com/umbraco/Umbraco-CMS/blob/7c4a189aa3cf583954defd9c43a3e55e325f2c3f/src/Umbraco.Web/Trees/ContentTreeControllerBase.cs#L232
I would love to use the default content tree but need a solution without the overhead / risks of permission management.
Do you think that is possible?
It's only sealed because the protected method that needs to be implemented is
PerformGetMenuForNodehttps://github.com/umbraco/Umbraco-CMS/blob/7c4a189aa3cf583954defd9c43a3e55e325f2c3f/src/Umbraco.Web/Trees/ContentTreeControllerBase.cs#L241
https://github.com/umbraco/Umbraco-CMS/blob/7c4a189aa3cf583954defd9c43a3e55e325f2c3f/src/Umbraco.Web/Trees/ContentTreeControllerBase.cs#L119
Thanks, I missed that the first time around!
That was quite a lot easier. :) Is it possible to filter the tree nodes further based on properties or docoment type as well?
You can do anything you want ;) BUT... the tree is created using the EntityService for performance reasons. If you start going to lookup up full content items or content type's you could run into some performance issues especially if you get into N+1 lookups which is a very common mistake for tree developers. This will happen if you start performing lookups for each tree node.
:) Thanks, I will dig a bit further in core and attempt to not shoot off my feet. Keep getting amazed of the nuggets you guys hide around there. :)
is working on a reply...