Page security


List of examples:

Page-level permissions (ACLs)

Making a page accessible only for authenticated users




// Prepares a TreeProvider instance
TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser);

// Gets the "en-us" culture version of the "/Example" page on the current site
TreeNode page = tree.SelectNodes()
    .Path("/Example")
    .OnCurrentSite()
    .Culture("en-us")
    .FirstObject;

if (page != null)
{
    // Enables the "Requires authentication" property for the page
    // Note: Setting the property to null makes the page inherit the "Requires authentication" value from its parent
    page.IsSecuredNode = true;

    // Saves the updated page to the database
    page.Update();
}


> Back to list of examples

Setting page permissions for a user




// Prepares a TreeProvider instance
TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser);

// Gets the "en-us" culture version of the "/Example" page on the current site
TreeNode page = tree.SelectNodes()
    .Path("/Example")
    .OnCurrentSite()
    .Culture("en-us")
    .FirstObject;

if (page != null)
{
    // Gets the user
    UserInfo user = UserInfoProvider.GetUserInfo("Andy");

    if (user != null)
    {
        // Prepares a value indicating that the 'Modify' permission is allowed
        int allowed = DocumentSecurityHelper.GetNodePermissionFlags(NodePermissionsEnum.ModifyPermissions);

        // Prepares a value indicating that no page permissions are denied
        int denied = 0;

        // Sets the page's permission for the user (allows the 'Modify' permission)
        AclItemInfoProvider.SetUserPermissions(page, allowed, denied, user);
    }
}


> Back to list of examples

Setting page permissions for a role




// Prepares a TreeProvider instance
TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser);

// Gets the "en-us" culture version of the "/Example" page on the current site
TreeNode page = tree.SelectNodes()
    .Path("/Example")
    .OnCurrentSite()
    .Culture("en-us")
    .FirstObject;

if (page != null)
{
    // Gets the role
    RoleInfo role = RoleInfoProvider.GetRoleInfo("Admin", SiteContext.CurrentSiteName);

    if (role != null)
    {
        // Prepares a value indicating that the 'Modify' permission is allowed
        int allowed = DocumentSecurityHelper.GetNodePermissionFlags(NodePermissionsEnum.Modify);

        // Prepares a value indicating that no page permissions are denied
        int denied = 0;

        // Sets the page's permission for the role (allows the 'Modify' permission)
        AclItemInfoProvider.SetRolePermissions(page, allowed, denied, role);
    }
}


> Back to list of examples

Breaking permission inheritance for a page




// Prepares a TreeProvider instance
TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser);

// Gets the "en-us" culture version of the "/Example" page on the current site
TreeNode page = tree.SelectNodes()
    .Path("/Example")
    .OnCurrentSite()
    .Culture("en-us")
    .FirstObject;

if (page != null)
{
    // Breaks permission inheritance for the page without copying parent permissions
    bool copyParentPermissions = false;
    AclInfoProvider.BreakInheritance(page, copyParentPermissions);
}


> Back to list of examples

Restoring permission inheritance for a page




// Prepares a TreeProvider instance
TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser);

// Gets the "en-us" culture version of the "/Example" page on the current site
TreeNode page = tree.SelectNodes()
    .Path("/Example")
    .OnCurrentSite()
    .Culture("en-us")
    .FirstObject;

if (page != null)
{
    // Restores permission inheritance for the page
    AclInfoProvider.RestoreInheritance(page);
}


> Back to list of examples

Clearing the permission settings for a page




// Prepares a TreeProvider instance
TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser);

// Gets the "en-us" culture version of the "/Example" page on the current site
TreeNode page = tree.SelectNodes()
    .Path("/Example")
    .OnCurrentSite()
    .Culture("en-us")
    .FirstObject;

if (page != null)
{
    // Gets the ID of the ACL item that stores the page's permission settings
    int nodeACLID = ValidationHelper.GetInteger(page.GetValue("NodeACLID"), 0);

    // Deletes the page's ACL item
    // Removes the page's permission settings for all users and roles
    AclItemInfoProvider.DeleteAclItems(nodeACLID);
}


> Back to list of examples

Page permission checks

Checking permissions for the content module




// Gets the user
UserInfo user = UserInfoProvider.GetUserInfo("Andy");

if (user != null)
{
    // Checks whether the user has the Read permission for the Content module
    if (UserInfoProvider.IsAuthorizedPerResource("CMS.Content", "Read", SiteContext.CurrentSiteName, user))
    {
        // Perform an action (the user has the read permission for content)
    }
}


> Back to list of examples

Checking permissions for a page type




// Gets the user
UserInfo user = UserInfoProvider.GetUserInfo("Andy");

if (user != null)
{
    // Checks whether the user has the Read permission for the CMS.MenuItem page type
    if (UserInfoProvider.IsAuthorizedPerClass(SystemDocumentTypes.MenuItem, "Read", SiteContext.CurrentSiteName, user))
    {
        // Perform an action (the user is authorized to read CMS.MenuItem page types)
    }
}


> Back to list of examples

Checking permissions for specific pages (ACLs)




// Prepares a TreeProvider instance
TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser);

// Gets the "en-us" culture version of the "/Example" page on the current site
TreeNode page = tree.SelectNodes()
    .Path("/Example")
    .OnCurrentSite()
    .Culture("en-us")
    .FirstObject;

if (page != null)
{
    // Gets the user
    UserInfo user = UserInfoProvider.GetUserInfo("Andy");

    if (user != null)
    {
        // Checks whether the user is authorized to modify the page
        if (TreeSecurityProvider.IsAuthorizedPerNode(page, NodePermissionsEnum.Modify, user) == AuthorizationResultEnum.Allowed)
        {
            // Perform an action (the user is allowed to modify the page)
        }
    }
}


> Back to list of examples

Filtering loaded pages according to permissions




// Prepares a TreeProvider instance
TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser);

// Gets the user
UserInfo user = UserInfoProvider.GetUserInfo("Andy");

// Sets the action context to the specified user
using (new CMSActionContext(user))
{
    // Gets all news pages under the current site's "/News" section for which the user has Read permissions
    var newsPages = tree.SelectNodes("CMS.News")
                            .OnSite(SiteContext.CurrentSiteName)
                            .Path("/News", PathTypeEnum.Children)
                            .CheckPermissions();
}


> Back to list of examples