Class CatalogSecurityDescriptor

Handles access rights for catalog content.

Inheritance
System.Object
CatalogSecurityDescriptor
Implements
EPiServer.Security.ISecurityDescriptor
Inherited Members
System.Object.ToString()
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
Namespace: EPiServer.Commerce.Catalog
Assembly: EPiServer.Business.Commerce.dll
Version: 10.8.0
Syntax
public class CatalogSecurityDescriptor : ISecurityDescriptor
Remarks

The logic is as follows:

  • All users has read access to all content.
  • Users allowed access to the catalog management UI, ie they are in the role CatalogManagers or CommerceAdmins, have full access to all content.
  • Users allowed acesss to the Commerce Settings UI, ie they are in the role CommerceSettingsAdmins, have full access to all Settings.

Constructors

CatalogSecurityDescriptor()

Declaration
public CatalogSecurityDescriptor()

Fields

CatalogManagersRoleName

The name of the role that is allowed to manage catalogs.

Declaration
[Obsolete("Use EPiServer.Commerce.Security.RoleNames.CatalogManagers. Will remain at least until November 2016.")]
public const string CatalogManagersRoleName = "CatalogManagers"
Field Value
Type Description
System.String

CommerceAdminsRoleName

The name of the role that is allowed to administer commerce content and settings.

Declaration
[Obsolete("Use EPiServer.Commerce.Security.RoleNames.CommerceAdmins. Will remain at least until November 2016.")]
public const string CommerceAdminsRoleName = "CommerceAdmins"
Field Value
Type Description
System.String

CommerceSettingsAdminsRoleName

The name of the role that is allowed to administer commerce settings.

Declaration
[Obsolete("Use EPiServer.Commerce.Security.RoleNames.CommerceSettingsAdmins. Will remain at least until November 2016.")]
public const string CommerceSettingsAdminsRoleName = "CommerceSettingsAdmins"
Field Value
Type Description
System.String

Methods

GetAccessLevel(IPrincipal)

Returns the access level for the specified principal.

Declaration
public AccessLevel GetAccessLevel(IPrincipal principal)
Parameters
Type Name Description
System.Security.Principal.IPrincipal principal

The principal to check access against.

Returns
Type Description
EPiServer.Security.AccessLevel

The access level.

HasAccess(IPrincipal, AccessLevel)

Determines whether the specified principal has the requested access.

Declaration
public bool HasAccess(IPrincipal principal, AccessLevel access)
Parameters
Type Name Description
System.Security.Principal.IPrincipal principal

The principal to authorize.

EPiServer.Security.AccessLevel access

The requested access level.

Returns
Type Description
System.Boolean

true if the specified principal has access; otherwise, false.

Implements

EPiServer.Security.ISecurityDescriptor