implementation of permissions - default permission at the application management panel?

I have implemented the IPermissions and IPermissionRegistrar, and I on the UI management panels for groups, the default settings are shown correctly. see below


However, at my custom application's management panel, the defaults are not shown. 
The idea here is I should be able to override the default for the group permissions, but the group permissions' checkboxes are all unchecked.
Maybe the custom application is missing an interface? or how can I get the default permissions displayed at the application level?

Parents
  • IN the permission definition did you define all the role defaults for all group types?

  • I believe so... at the group level.. all the right permissions are set by default as expected.. let me know if you need more, but the permissions implementation looks similar to below:

     permissionController.Register(
                  new MapAppPermission(
                    CreateMapApps,
                    _translation.GetLanguageResourceValue("Permission_MapApp_CreateMapApps_Name"),
                    _translation.GetLanguageResourceValue("Permission_MapApp_CreateMapApps_Description"),
                    Applications.MapAppType._applicationTypeId,  
                    new PermissionConfiguration()
                    {
                        Joinless = new JoinlessGroupPermissionConfiguration { Administrators = true, Moderators = false, RegisteredUsers = false, Owners = true, Everyone = false },
                        PublicOpen = new MembershipGroupPermissionConfiguration { Owners = true, Managers = false, Members = false, Everyone = false },
                        PublicClosed = new MembershipGroupPermissionConfiguration { Owners = true, Managers = false, Members = false, Everyone = false },
                        PrivateListed = new MembershipGroupPermissionConfiguration { Owners = true, Managers = false, Members = false },
                        PrivateUnlisted = new MembershipGroupPermissionConfiguration { Owners = true, Managers = false, Members = false }
                    }
                  )
                );

  • No, the class you are defining them in already has it, you are using it to register the permissions (see your example)

    However when you create an application you need to call it but its hidden in that plugin, so you need to expose that method somehow publicly, get the plugin and call it after your application is created

  • So.. if this is right.. for 9.x now I am looking for an example on how to implement this

     public void Register(IPermission permission)
            {
                throw new NotImplementedException();
            }
    
            public void RegisterSecurableApplication(Guid applicationId, Guid applicationTypeId, Guid containerId)
            {
                throw new NotImplementedException();
            }

  • This is an example method to add to your current permissionregistrar plugin

    public  void RegisterApplicationSecurableId(Guid applicationId, Guid containerId)
    {
    	permissionController.RegisterSecurableApplication(applicationId, [Yoor Application Type Id], containerId);
    }

    Then your create process needs to call

    PluginManager.Get<YourRegistrarType>().FirstOrDefault().RegisterApplicationSecurableId(applicationId,containerId);

  • OH!! okay... I didn't realize the RegisterSecurable  was right infront of me,

    I'll work on this for a bit.. for the plugin manager, "AfterInitialization" event should do it? 

  • No you aren't doing this in an event.  Every time you create an instance of your application, it needs to be registered in the security system.  So somewhere you have logic I assume that creates the application in the group and you get the applicationId, thats where you need to get the plugin instance and call it

  • Cool.. very exciting! here is the Owner role

    and now members role:

    so the roles are coming across nicely for the application... so, now what about the content permissions for the application?

    Below in the IApplicationType is where I put the plugin manager get... does that sound about right? I  test the create, but I placed the PluginManger.Get there too. no errors... so this is good

      public IApplication Get(Guid applicationId) { 
                IApplication mapApp = PublicApi.MapApps.Get(applicationId);
                PluginManager.Get<UI.Permissions.MapAppPermissionRegistrar>().FirstOrDefault().RegisterApplicationSecurableId(applicationId, mapApp.Container.ContainerId);
                return mapApp;
            } 

  • here is the code for the permission on the content.. I experimented with using the content id, but then the checkboxes disappeared.. 

      permissionController.Register(
                   new MapAppPermission(
                     CreateMaps,
                     _translation.GetLanguageResourceValue("Permission_MapApp_CreateMaps_Name"),
                     _translation.GetLanguageResourceValue("Permission_MapApp_CreateMaps_Description"), 
                     Applications.MapAppType._applicationTypeId, 
                     //Contents.MapContentType._contentTypeId,
                     new PermissionConfiguration()
                     {
                         Joinless = new JoinlessGroupPermissionConfiguration { Administrators = true, Moderators = false, RegisteredUsers = false, Owners = true, Everyone = false },
                         PublicOpen = new MembershipGroupPermissionConfiguration { Owners = true, Managers = false, Members = false, Everyone = false },
                         PublicClosed = new MembershipGroupPermissionConfiguration { Owners = true, Managers = false, Members = false, Everyone = false },
                         PrivateListed = new MembershipGroupPermissionConfiguration { Owners = true, Managers = false, Members = false },
                         PrivateUnlisted = new MembershipGroupPermissionConfiguration { Owners = true, Managers = false, Members = false }
                     }
                   )
                 );


    oh wait these actually should have shown up. I must have an error, since there's not anything different from these other than the guid. checking my code..

  • I replaced the GUIDS and rebuilt. then the rest came in..  I must have used the guids on something else.. oops! okay.. I'm going to work with the canEdit canCreate

    thank you so much!

    one more question, when I'm checking permissions on the content or the application, what's the best way to check this, and keeping in line with what roles have been set thus far?
    below is my example of Permissions.Get, but I have also used NodePermissions.Get and then there are a few overrides.. what's enough to keep access secure?

    TEApi = Telligent.Evolution.Extensibility.Api.Version1

    TEApi.Permissions.Get(UI.Permissions.MapAppPermissionRegistrar.CreateMapApps, userId).IsAllowed;
    

    on the matter for setting group level permissions.. is it just a matter of pointing to the group instead of the application? 

    using TEApi = Telligent.Evolution.Extensibility.Api.Version1.PublicApi;

    TEApi.Groups.ApplicationTypeId 


  • I'd recommend looking at the v2 Permission API, it incorporates specifying permission checks against specific application or content.

  • so there are options for application id, application type, content it, and content type. if the site and the application, the content is null.. yes. I was making a mistake and using the container id and types for the content.. oops.
    this helps with my understanding of the scope.. thanks

Reply Children
No Data