Hi Alex,
One way to solve this is to create a custom attribute like this: http://world.episerver.com/blogs/Linus-Ekstrom/Dates/2014/5/Restricting-access-to-who-is-allowed-to-edit-a-certain-property/
The easiest way is to gather some properties under a special tab and then require administer access rights on tab (and avoid giving that access right to common editors).
Check administrators guide on tabs for how to restrict tabs. This works well if it's ok for you to gather these properties under a tab. Normally this works well...
@Daniel, restricting tabs seems to be ok
@Dejan, I tried the approach described in the article. At the end I get the message that I don't have access but I still can publish the changes. Have you faced with this issue before?
Thanks
Hi Alex,
I've been using a slightly modified version w/o validation. If you really need to implement validation (who is allowed to modify the property), then you have to do it for both solutions (readonly properties and hidden tabs).
But is that really necessary for edit mode?
Here's the code:
[AttributeUsage(AttributeTargets.Property)] public class PropertyEditRestrictionAttribute : Attribute, IMetadataAware { private readonly string[] _allowedRoles; public PropertyEditRestrictionAttribute(string allowedRoles) { _allowedRoles = SplitString(allowedRoles); } public void OnMetadataCreated(ModelMetadata metadata) { if (_allowedRoles.Any(role => PrincipalInfo.CurrentPrincipal.IsInRole(role))) { return; } metadata.IsReadOnly = true; } internal string[] SplitString(string original) { if (string.IsNullOrEmpty(original)) { return new string[0]; } var split = from piece in original.Split(',') let trimmed = piece.Trim() where !string.IsNullOrEmpty(trimmed) select trimmed; return split.ToArray(); } }
Usage:
[PropertyEditRestriction("Role1, Role2")] public virtual XhtmlString MyProperty { get; set; }
My vote goes to hidden tabs - less clutter. But readonly properties have some benefits here and there :)
Thank you both for the help. Hidden tabs seem to be a simpler solution for me as you don't need to add the specific attribute to each property which are placed on the same settings tab.
I think the final version will be similar to the code below
[EditorDescriptorRegistration(TargetType = typeof(ContentData))] public class SiteMetadataExtender : EditorDescriptor { private readonly string[] _adminTabs = {MyGroupNames.Settings}; public override void ModifyMetadata(ExtendedMetadata metadata, IEnumerable<Attribute> attributes) { if (EPiServer.Security.PrincipalInfo.HasAdminAccess) return; foreach (var modelMetadata in metadata.Properties) { var property = (ExtendedMetadata) modelMetadata; if (property.GroupSettings != null && IsAdminTab(property.GroupSettings.Name)) { property.GroupSettings.DisplayUI = false; return; } } } private bool IsAdminTab(string tabName) { return _adminTabs.Any(a => String.Equals(a, tabName, StringComparison.OrdinalIgnoreCase)); } }
Hi all
I'm pretty new to EPiServer
I need to implement something similar to Simple adapter for showing hidden EPiServer properties in edit mode for administrators
Unfortunately I didn't find EditPageControl in EPiServer 9.
So I need some properties to be editable via CMS only by administrators. It seems that I also cannot use [Editable(false)] attribute as it disables a property for all users.
How is it possible to solve that?
Thanks