Why are the results different on Permission Check for my Custom Application?


the permission check is not what I expected.. so for an owner, both of these checks are true. but for say Manager, given the Can Create Map App permission is changed from the default, check1 returns false, check2 returns true.
Should the results both be true?

 public boolCanCreate(int userId, Guid containerTypeId, Guid containerId){
              PermissionCheck check1 = TEApi.Permissions.Get(UI.Permissions.MapAppPermissionRegistrar.CreateGroupMapApps, userId );
              PermissionCheck check2 = TEApi.Permissions.Get(UI.Permissions.MapAppPermissionRegistrar.CreateGroupMapApps, userId,containerId,containerTypeId, _entityPermissionType );
 
            return check1.IsAllowed || check2.IsAllowed;  
            
        }


a related post is here

heads up to     

Parents Reply Children
  • so this is the permission check that I tried, and it still has the "the entity type is not secure" error. 
    PermissionCheck check2 = TEApi.Permissions.Get(group_permissionId, userId, applicationId, mapApp.ApplicationTypeId, _entityPermissionType);

    is there anything I can do to fix this? override this? if so, what would that look like?

  • Ok digging deeper this is going to be another scenario where this method really does not support the extended permission model  and another reason why upgrading is going to be important.

    You can try using the content Id, so this would be an item in your application not the application and see if that will work(it should based on what I see).  If not it seems you are running into limitations that are alleviated in later product versions.

  • yes, I believe at version 9.x, adding our own applications was considered a new capability, and many things were to be improved in 10.x 
    Actually, developed my first iteration of this project on version 10.. but we didn't upgrade to allow us to migrate to Amazon, so had to build the project in 9.x. 

    I will try using content id's and post results on this thread.

    For the most part, at least I have the permissions laid out nicely and the defaults are shown for each role for both group and application.

    I will include the group level permission settings for the content, that way, I can at least have group level permissions checks. Then when we can, add the application level permission checks when available, and also try using the content Id.

    if you think of anything, I'll be happy to work thru this too.

    Thank you so much for your help.