Creating custom permissions in sitecore

In this post I describe the process for creating custom permissions on the Sitecore platform. Why? I hear you ask… Well this I have found particularly useful when you want something in between an end user being able to ‘Read’ an item and not being able to. Consider a situation where instead of redirecting your end user to the login page, you can instead present ‘teaser’ content about why they should be joining up, and what they would gain by doing so. Furthermore, you could extend this to use conditional renderings to allow certain areas to hide or replace their data source giving a snapshot of what the page would look like if they sign up to your premium service. There are no doubt hundreds more use cases, but this particular one I have had requirement for more than once and it seems to be an elegant way to solve the problem.

Adding permissions
At its core, Sitecore relies on the web.config to provide the necessary permissions for items. This allows extending this permissions set to create your new permission(s) to be little more than adding an additional element in the appropriate section within the web.config or config include.

  <sitecore>
    <accessRights defaultProvider="config">
      <rights defaultType="Sitecore.Security.AccessControl.AccessRight, Sitecore.Kernel">
        <!--My custom access right-->
        <add name="item:newpermission" comment="New permission for items." title="New Permission"/>
      </rights>
    </accessRights>
  </sitecore>

By doing this, you should now find that ‘New Permission’ now appears as a right in the security editor.

Checking Permissions
Checking permissions requires only a few lines of code, and passing in the permission name (from our example above ‘item:newpermission).

private bool IsAllowed(Item item, string accessRightName)
{
    AccessRight accessRight = AccessRight.FromName(accessRightName);
    return AuthorizationManager.IsAllowed(item, accessRight, Sitecore.Context.User);
}

Related Reading

Advertisements

One thought on “Creating custom permissions in sitecore

  1. Pingback: Custom Permissions Pt II – Using custom permissions with Conditional Renderings In Sitecore | CardinalCore

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s