IMPORTANT: This version of Sitefinity CMS is out of support and the respective product documentation is no longer maintained and can be outdated. Use the version selector to view a supported product version.
Checking permission is checking whether an action is granted.
Demanding permission is verifying that an action can be executed. If the user is not allowed to perform the action, an exception of type Telerik.Sitefinity.Security.SecurityDemandFailException is thrown.
To check whether a permission set is supported for secured object, you use the IsPermissionSetSupported method of the secured object.
The following example checks whether the blog permissions set is supported. First, you initialize the blogs manager. Then, you get the security root using GetSecurityRoot. Finally, you call IsPermissionSetSupported passing BlogsPermissions.Sets.Blog.SetName.
The Permissions property of the secured item contains permissions that are part of the permissions inheritance. When the inheritance is broken and then restored, Permissions is used.
Sitefinity CMS allows you to get the permissions that are relevant to the current state of the secured object by using the GetActivePermissions extension method of ISecuredObject.
The following example checks whether the current user can delete blogs. First, you initialize the blogs manager. Then, you get the security root using GetSecurityRoot. Finally, you call IsGranted passing the permissions set and action names.
Check whether current user can delete blogs
Sitefinity CMS allows you to check whether permissions are granted for specific user. The following example checks whether the specified user can create and delete blogs. First, you initialize the blogs and user managers. Then, you get the security configuration and the blog permissions set. For more information, see For developers: Permissions configuration. Then, you create the bit mask by performing bitwise OR between the values of create and delete blog actions. For more information, see For developers: Permissions API. You get the blogs data provider security root. Finally, to check whether the specified user is granted the permissions, you use the IsGranted passing the permissions set name, the ID of the user and the actions mask.
Check whether permissions are denied to a specific user
The same code can be used for checking whether permissions are denied and demanding by using IsDenied and Demand.
Sitefinity CMS also allows you to check whether permissions are granted for dynamic content.
Check whether permissions are granted for dynamic types
Back To Top
To submit feedback, please update your cookie settings and allow the usage of Functional cookies.
Your feedback about this content is important