New Orchard developer

Topics: Writing modules
Jan 27, 2014 at 11:00 PM
I'm a new Orchard developer, trying to see if the Orchard system would be a good fit for our Extranet. We have a lot of existing functionality we will need to replicate on it though.

Most of those systems are using EF and their own database. I was able to get data access working, and the controllers and views ported pretty easily, but I am having some problems working with the authorization rules for the controllers. On the regular MVC projects I would use
        //[Authorize(Roles = "Administrator, CustomManuals, GL_Custom_manuals")]
        [Authorize(Roles = "Administrator")]
        public ActionResult NoPrintDelete(int id = 0)
I was hoping to be able to use the Roles within Orchard, but obviously I do not know the correct methods within the Orchard infrastructure. Any thoughts?
Jan 27, 2014 at 11:40 PM
This should work but with Orchard role set or I am missing something, look in Orchard code for Admin controllers.
Jan 27, 2014 at 11:51 PM
I was able to get it to work by adding in the Permissions.cs structure (which I just found :) )
public ActionResult NoPrintDelete(int id = 0)
            if (!Services.Authorizer.Authorize(Permissions.ManageManuals, T("Custom Manuals Access Denied")))
                return RedirectToAction("NoPrintIndex");
Is there a better way to do this within the Orchard structure?
Marked as answer by pmillsaps on 1/28/2014 at 6:54 AM
Jan 28, 2014 at 1:08 PM
This is the standard way of doing authorization inside Orchard. However an attribute-based permission check could come handy; I also implemented it.