November Happy Hour will be moved to Thursday December 5th.
AI OnAI Off
Allowing only administrators to edit property
Hi Alex,
One way to solve this is to create a custom attribute like this: http://world.episerver.com/blogs/Linus-Ekstrom/Dates/2014/5/Restricting-access-to-who-is-allowed-to-edit-a-certain-property/
Mar 06, 2016 0:40
The easiest way is to gather some properties under a special tab and then require administer access rights on tab (and avoid giving that access right to common editors).
Check administrators guide on tabs for how to restrict tabs. This works well if it's ok for you to gather these properties under a tab. Normally this works well...
Edited,
Mar 06, 2016 10:31
@Daniel, restricting tabs seems to be ok
@Dejan, I tried the approach described in the article. At the end I get the message that I don't have access but I still can publish the changes. Have you faced with this issue before?
Thanks
Mar 06, 2016 12:04
Hi Alex,
I've been using a slightly modified version w/o validation. If you really need to implement validation (who is allowed to modify the property), then you have to do it for both solutions (readonly properties and hidden tabs).
But is that really necessary for edit mode?
Here's the code:
[AttributeUsage(AttributeTargets.Property)]
public class PropertyEditRestrictionAttribute : Attribute, IMetadataAware
{
private readonly string[] _allowedRoles;
public PropertyEditRestrictionAttribute(string allowedRoles)
{
_allowedRoles = SplitString(allowedRoles);
}
public void OnMetadataCreated(ModelMetadata metadata)
{
if (_allowedRoles.Any(role => PrincipalInfo.CurrentPrincipal.IsInRole(role)))
{
return;
}
metadata.IsReadOnly = true;
}
internal string[] SplitString(string original)
{
if (string.IsNullOrEmpty(original))
{
return new string[0];
}
var split = from piece in original.Split(',')
let trimmed = piece.Trim()
where !string.IsNullOrEmpty(trimmed)
select trimmed;
return split.ToArray();
}
}
Usage:
[PropertyEditRestriction("Role1, Role2")]
public virtual XhtmlString MyProperty { get; set; }
My vote goes to hidden tabs - less clutter. But readonly properties have some benefits here and there :)
Mar 07, 2016 10:54
Thank you both for the help. Hidden tabs seem to be a simpler solution for me as you don't need to add the specific attribute to each property which are placed on the same settings tab.
Mar 07, 2016 14:21
I think the final version will be similar to the code below
[EditorDescriptorRegistration(TargetType = typeof(ContentData))]
public class SiteMetadataExtender : EditorDescriptor
{
private readonly string[] _adminTabs = {MyGroupNames.Settings};
public override void ModifyMetadata(ExtendedMetadata metadata, IEnumerable<Attribute> attributes)
{
if (EPiServer.Security.PrincipalInfo.HasAdminAccess)
return;
foreach (var modelMetadata in metadata.Properties)
{
var property = (ExtendedMetadata) modelMetadata;
if (property.GroupSettings != null && IsAdminTab(property.GroupSettings.Name))
{
property.GroupSettings.DisplayUI = false;
return;
}
}
}
private bool IsAdminTab(string tabName)
{
return _adminTabs.Any(a => String.Equals(a, tabName, StringComparison.OrdinalIgnoreCase));
}
}
Mar 07, 2016 14:25
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
Hi all
I'm pretty new to EPiServer
I need to implement something similar to Simple adapter for showing hidden EPiServer properties in edit mode for administrators
Unfortunately I didn't find EditPageControl in EPiServer 9.
So I need some properties to be editable via CMS only by administrators. It seems that I also cannot use [Editable(false)] attribute as it disables a property for all users.
How is it possible to solve that?
Thanks