Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • André Lange 108 posts 410 karma points
    Dec 14, 2018 @ 18:32
    André Lange
    0

    Show only navigation for allowed member group

    I have two types of member groups. One which gives access to a member area. And another which gives acccess to further pages within the member area.

    Right now if you are not in the member group, you cannot access them. But you can still see them.

    Is there a way for me to show only the pages in navigation, of which you are a member of.

    The two groups are "Member", and "Board Member", to be a board member, you also has to be a member.

    So i need some way of checking if you are both.

    Have not been able to find a way so far.

    Using umbraco 7.12.

  • Marc Goodson 2157 posts 14431 karma points MVP 9x c-trib
    Dec 14, 2018 @ 19:34
    Marc Goodson
    0

    Hi André

    There is a 'MemberHasAccess' helper you could use when writing out your navigation:

    https://our.umbraco.com/documentation/reference/querying/umbracohelper/#member-helpers

    So as you loop through each navigation item, call Umbraco.MemberHasAccess( on each item, if and this will return true if the current member is in a member group that has access to the page.

    There is an overhead to performing this kind of lookup to the db, and you'd have to make sure the Member 'Member Group' doesn't have access to the pages in the navigation, as membership of that group would then grant access to anything anyway...

    What I tend to do in this scenario, is add a 'MemberGroupPicker' property to the pages within the Member area, and pick which groups have access to the particular subpages, and then compare these picked values with the current logged in User's assigned roles which you can find via:

    string[] currentUserRoles = System.Web.Security.Roles.GetRolesForUser();

    regards

    Marc

  • André Lange 108 posts 410 karma points
    Dec 14, 2018 @ 19:37
    André Lange
    0

    So far i made this, it is a bit ... hacky ?

    But works fine so far, although i do not know what kind of performance impact it will have, since it is called in the master controller..

    var memberService = ApplicationContext.Current.Services.MemberService;
                bool isBoardMember = false;
    
                var membersInBoardMemberRole = memberService.GetMembersInRole("Board Members");
    
                foreach (var m in membersInBoardMemberRole)
                {
                    if (m.Name == memberModel.Name)
                    {
                        isBoardMember = true;
                    }
                }
    

    Would this be better, than "has access" ?

  • Marc Goodson 2157 posts 14431 karma points MVP 9x c-trib
    Dec 14, 2018 @ 21:05
    Marc Goodson
    100

    Hi André

    I think you could shorten that to:

    var isBoardMember = System.Web.Security.Roles.IsUserInRole("Board Members");

    https://docs.microsoft.com/en-us/dotnet/api/system.web.security.roles?view=netframework-4.7.2

    Which will check if the current logged in user is in the Board Members role...

    regards

    Marc

Please Sign in or register to post replies

Write your reply to:

Draft