Creating custom global settings for a module
This article provides an example of creating global access setting for a module. In this example, a module menu item is created, which is displayed or hidden depending on the access permissions. Even if a user receives a direct link to a page of your module, access will be denied and a respective notification will be shown.
Example
.png)
Fig. 1. Access to the module in the global access settings
IModuleAccessPermissionProvider interface methods
/// <summary>
/// Get a "Module ID->Module access permission" values dictionary
/// </summary>
/// <returns></returns>
Dictionary<string, Permission> GetModuleAccessPermissions();IPermissionProvider interface methods
/// <summary>
/// Get the list of permissions
/// </summary>
/// <returns></returns>
IEnumerable<Permission> GetPermissions();
/// <summary>
/// Get the information about assigning permissions to roles by default
/// </summary>
/// <returns></returns>
IEnumerable<PermissionStereotype> GetPermissionStereotypes();Interface implementation example
[Component]
public class ModuleAccessPermission : IModuleAccessPermissionProvider, IPermissionProvider
{
public const string Module = __ModuleInfo.ModuleId;
public static string ModuleName = SR.M("Your module");
/// <summary>
/// ID for "Access to your module"
/// </summary>
public const string ModuleAccessPermissionId = "{DC849F17-681F-45d9-8C06-C017283BE766}";
/// <summary>
/// Access to your module
/// </summary>
public static readonly Permission ModulePermissionAccess =
new Permission(ModuleAccessPermissionId,
SR.M("Access to your module"),
SR.M("Access to working with the module"),
ModuleName,
moduleUid: Module
//You can add ,readOnly: true - then this permission will include only the specified group.
);
/// <summary>
/// Get a "Module ID->Module access permission" values dictionary
/// </summary>
/// <returns></returns>
public Dictionary<string, Permission> GetModuleAccessPermissions()
{
return new Dictionary<string, Permission> { { Module, ModulePermissionAccess } };
}
/// <summary>
/// Get the list of permissions
/// </summary>
/// <returns></returns>
public IEnumerable<Permission> GetPermissions()
{
return new[]
{
ModulePermissionAccess
};
}
/// <summary>
/// Get the information about assigning permissions to roles by default
/// </summary>
/// <returns></returns>
public IEnumerable<PermissionStereotype> GetPermissionStereotypes()
{
return new[]
{
new PermissionStereotype(
new[]
{
ModulePermissionAccess
},
SecurityConstants.AdminGroupDescriptor)
};
}
public List<string> LocalizedItemsNames
{
get { return null; }
}
public List<string> LocalizedItemsDescriptions
{
get { return null; }
}
public List<string> LocalizedItemsCategories
{
get { return null; }
}
}In this example, access to a module is implemented (a menu item is displayed or hidden depending on access permissions). To learn how to create a menu item, read this article.
After activating the module, a unit with your permissions will appear in the global access settings. You can use two methods to apply the permissions:
- Add an attribute with a permission to the controller or controller method.
- Check permissions in separate methods/views.
Controller with attribute example:
public class HomeController : BPMController
{
[ContentItem]
[Permission(ModuleAccessPermission.ModuleAccessPermissionId)]
public ActionResult ViewItem()
{
return View("View");
}
}Permissions in methods/views example:
if (SecurityService.HasPermission(UserManager.Instance.GetCurrentUser(),
ModuleAccessPermission.ModulePermissionAccess))
{
//Your code
}