This project is read-only.

Conditionally unextended content types?

Topics: Customizing Orchard
Jul 12, 2012 at 1:12 PM
Edited Jul 16, 2012 at 1:53 PM

Hi guys,

In my system I need to create 3 types of GUI: user UI (with no ability to change types), user admin UI (with limited ability to change types and parts) and admin UI.

So my question if anybody knows a  way how to conditionally allow/disallow extending of content types(parts) in Orchard? I probably could modify the template in order not to show "Edit" links but I would like to achieve it by more dynamic way, i.e. to have an ability to configure it per content type/part.

Any thoughts please...

Jul 16, 2012 at 1:53 PM


Jul 16, 2012 at 2:19 PM

Well, we did something like that but not per content type/part, just added the 'permission' to control the ability to make any changes (if you do not have the permission)

Not sure if you can do such a thing per content type/part without some good amount of work.

Also, just removing the 'edit' link isn't secure at all, people could still access the url directly if they know how. We actually check the permissions for allowing any actions.

- my 2 cents

Jul 16, 2012 at 5:05 PM

Yeah, your best bet is to take a look at the existing permissions. If I understand correctly you want to allow your simple users to only edit content items, while you want admins to have the ability to also edit content types. I don't think the built-in structure of permissions makes this possible. My first idea would be to create a module with result filters that would modify the response to an 403 depending on the url, but that's hackish.

Jul 17, 2012 at 12:28 PM

Thanks guys for your answers.  It seems that I need to modify permissions for content types. I could do it in my own module for my created in code
content types but the problem is that I want to control permissions not only for my types but for all (and created in the future) types.
What is the best way to archieve it? I probably could modify (or replace) ContentTypes module but I understand it is a last resort.
Is it possible at all to extend existing permissions or create them in a module and promote to all types?

Jul 17, 2012 at 12:47 PM

It should be done as a last resort, but we modified the ContentTypes module to add our additional permissions.

Jul 17, 2012 at 7:38 PM

OK, I will do the same if I find no way to avoid it.

But I would like to hear about other ways to extend permissions. Any ideas please...