• State Verified Answer
  • +1 person also asked this people also asked this
  • Replies 21 replies
  • Subscribers 11 subscribers
  • Views 9168 views
  • Users 0 members are here
Answers here are provided by the community and are subject to our support policy.
Related

implementation of permissions - default permission at the application management panel?

Harley Parks

I have implemented the IPermissions and IPermissionRegistrar, and I on the UI management panels for groups, the default settings are shown correctly. see below


However, at my custom application's management panel, the defaults are not shown. 
The idea here is I should be able to override the default for the group permissions, but the group permissions' checkboxes are all unchecked.
Maybe the custom application is missing an interface? or how can I get the default permissions displayed at the application level?

Parents Reply Children
  • +1 in reply to Harley Parks

    No you aren't doing this in an event.  Every time you create an instance of your application, it needs to be registered in the security system.  So somewhere you have logic I assume that creates the application in the group and you get the applicationId, thats where you need to get the plugin instance and call it

  • 0 in reply to Patrick M.

    Cool.. very exciting! here is the Owner role

    and now members role:

    so the roles are coming across nicely for the application... so, now what about the content permissions for the application?

    Below in the IApplicationType is where I put the plugin manager get... does that sound about right? I  test the create, but I placed the PluginManger.Get there too. no errors... so this is good

      public IApplication Get(Guid applicationId) { 
            IApplication mapApp = PublicApi.MapApps.Get(applicationId);
            PluginManager.Get<UI.Permissions.MapAppPermissionRegistrar>().FirstOrDefault().RegisterApplicationSecurableId(applicationId, mapApp.Container.ContainerId);
            return mapApp;
        }

  • 0 in reply to Harley Parks

    here is the code for the permission on the content.. I experimented with using the content id, but then the checkboxes disappeared.. 

      permissionController.Register(
               new MapAppPermission(
                 CreateMaps,
                 _translation.GetLanguageResourceValue("Permission_MapApp_CreateMaps_Name"),
                 _translation.GetLanguageResourceValue("Permission_MapApp_CreateMaps_Description"), 
                 Applications.MapAppType._applicationTypeId, 
                 //Contents.MapContentType._contentTypeId,
                 new PermissionConfiguration()
                 {
                     Joinless = new JoinlessGroupPermissionConfiguration { Administrators = true, Moderators = false, RegisteredUsers = false, Owners = true, Everyone = false },
                     PublicOpen = new MembershipGroupPermissionConfiguration { Owners = true, Managers = false, Members = false, Everyone = false },
                     PublicClosed = new MembershipGroupPermissionConfiguration { Owners = true, Managers = false, Members = false, Everyone = false },
                     PrivateListed = new MembershipGroupPermissionConfiguration { Owners = true, Managers = false, Members = false },
                     PrivateUnlisted = new MembershipGroupPermissionConfiguration { Owners = true, Managers = false, Members = false }
                 }
               )
             );


    oh wait these actually should have shown up. I must have an error, since there's not anything different from these other than the guid. checking my code..

  • 0 in reply to Harley Parks

    I replaced the GUIDS and rebuilt. then the rest came in..  I must have used the guids on something else.. oops! okay.. I'm going to work with the canEdit canCreate

    thank you so much!

    one more question, when I'm checking permissions on the content or the application, what's the best way to check this, and keeping in line with what roles have been set thus far?
    below is my example of Permissions.Get, but I have also used NodePermissions.Get and then there are a few overrides.. what's enough to keep access secure?

    TEApi = Telligent.Evolution.Extensibility.Api.Version1

    TEApi.Permissions.Get(UI.Permissions.MapAppPermissionRegistrar.CreateMapApps, userId).IsAllowed;

    on the matter for setting group level permissions.. is it just a matter of pointing to the group instead of the application? 

    using TEApi = Telligent.Evolution.Extensibility.Api.Version1.PublicApi;

    TEApi.Groups.ApplicationTypeId 


  • 0 in reply to Harley Parks

    I'd recommend looking at the v2 Permission API, it incorporates specifying permission checks against specific application or content.

  • 0 in reply to Steven Heffner

    so there are options for application id, application type, content it, and content type. if the site and the application, the content is null.. yes. I was making a mistake and using the container id and types for the content.. oops.
    this helps with my understanding of the scope.. thanks

  • 0 in reply to Steven Heffner

    for a custom application, where should I be adding checks for permissions? at each i/o point like widget api, rest api, public api, and data services, or can I apply checks to one place and pretty much cover all of it. maybe as part of each entity created in the content model?   

  • 0 in reply to Harley Parks

    There are content type related plugin types like ILikeableContentType, ICommentableContentType that provide hookup methods for you to implement your own permission logic for platform defined actions. For anything specific to your app, you would want to implement the checks traditionally, i.e. in your business logic before the permission-governed action would take place, and if desired, in the UI to hide that action for ineligible users. (e.g. for Create Maps, put a check in your backend code before creation, and a check in your widget/ui to hide the button/option)

  • 0 in reply to Steven Heffner

    Great advice..  I've got buttons to no where in some cases.. Thanks.. that helps put me in the right perspective.

  • 0 in reply to Steven Heffner

    oh too bad for me., I am still on 9.x but I did look for it

About
Privacy Policy
Terms of use
Copyright 2024 Verint, Inc.
Powered by Verint Community