ContentAuthorization ContentPart

Topics: Customizing Orchard, Writing modules
Nov 11, 2011 at 7:54 PM

First off, ContentAuthorization is a big help for me. I am already suppressing content from non-authenticated users without using an authenticated layer, the next step will be to introduce a redirect to log-in page on routes that designated for authenticated only.

My question is how do I determine if the shape used to render the contentPart is "Summary" or not?

    OnAuthorizing<ContentPart>((ctx, item) =>

            {

                if (ctx.Location == ProcessingLocation.BuildDisplay)

                {

          if (item.Is<ContainablePart>())

                    {                       

var user = ctx.User;

//if item.Shape().isSummary();

                    }

                }

            });

Nov 11, 2011 at 8:15 PM

It's the DisplayType you need, it's usually either Detail, Summary or SummaryAdmin (although you can render content with any DisplayType you please - I do this quite a lot). You can usually get it from Shape.Metadata.DisplayType, I think.

Coordinator
Nov 11, 2011 at 8:15 PM

Shapes have a Metadata property, and that has a bunch of useful stuff on it, like the shape name and the display type. The display type is what you want here, so that would be shape.Metadata.DisplayType.

Nov 12, 2011 at 2:43 PM

Thanks guys, appreciate it!

Has anyone had any luck getting pszmyd's ContentAuthorization working in 1.3 yet? 

Nov 12, 2011 at 2:43 PM

Thanks guys, appreciate it!

Has anyone had any luck getting pszmyd's ContentAuthorization working in 1.3 yet? 

Nov 12, 2011 at 5:58 PM

Got it working with 1.3 without much to do, but I still can't find the DisplayType using ctx or item...

thx

Nov 13, 2011 at 4:38 PM

Got access to the DisplayType via the BuildDisplay override,

so now I'm able to show the summary of secured content, and force a login by returning "new HttpUnauthorizedResult()" in the Display action of the ItemController for the body via the two ItemControllers.

dynamic model = _contentManager.BuildDisplay(contentItem);

if ((dynamic)model.ToString()=="xforceLogin")

return new HttpUnauthorizedResult();

But, the ItemControllers are CORE and I don't want to modify them at all, so I am asking for guidance on how to override the ShapeResult classs in order to return the HttpUnauthorizedResult() or something similar to avoid touching the CORE

Thanks

Nov 14, 2011 at 11:18 AM

You can instead throw an OrchardSecurityException from BuildDisplay, that should produce the redirect.

Nov 14, 2011 at 12:33 PM
Edited Nov 14, 2011 at 12:33 PM

Thanks, works like a charm.

Jan 15, 2012 at 9:16 AM

I'm also want to create custom authorization on a content item by pszmyd's ContentAuthorization module but the problem is that it's checking pure the content item and not the shape.

So i think you can't check the displaytype because the content item has nothing to do with the displaytype. So can anyone advice me on how i can check permissions by ContentItem and Displaytype. Is there something like a shape authorization?

Jan 15, 2012 at 10:24 AM
In a content handler you can capture both content item and display type and perform your own authorization.


Znowman <notifications@codeplex.com> wrote:


From: Znowman

I'm also want to create custom authorization on a content item by pszmyd's ContentAuthorization module but the problem is that it's checking pure the content item and not the shape.

So i think you can't check the displaytype because the content item has nothing to do with the displaytype. So can anyone advice me on how i can check permissions by ContentItem and Displaytype. Is there something like a shape authorization?