logo

Permissions to view/edit a field in an object's user interface

This article describes how to implement access permissions to fields of system objects on a web form.

To make an object field available only for some user groups, you need to check if the current user belongs to the required group when displaying a field on the form. In the markup below, the Notes field will be visible only to the users who belong to the Administrators group:
@using EleWise.ELMA.Security.Managers;
@using EleWise.ELMA.Security.Services;
@using EleWise.ELMA.Security.Models;
<table>
@{
    var admins = UserGroupManager.Instance.Load("Administrators");
    var inAdmins = UserGroupManager.Instance.GetUsersByGroup(admins.Id).Any(a => a == AuthenticationService.GetCurrentUser<IUser>().Id);
    if(inAdmins)
    {
        @Html.EditableProperty("Notes")
    }
}
</table>
If you need to display the field as read-only for certain groups, then instead of the EditableProperty method use the Property method.