Securing each Content Item

Topics: Customizing Orchard, Writing modules
Apr 14, 2014 at 6:15 AM
Edited Apr 14, 2014 at 6:16 AM

I understand that you can lock/secure Content Types via User Roles, but I'd like to provide an option to secure each Content Item instead.

My approach is to create a custom part (let's call it SecureContentPart) which has a boolean value (ideally a checkbox in Editor/Admin). I'll attach the part to types which I want to provide the option to scure. In the part's driver, I check the value of the boolean and if the user is authenticated. If the user is unauthenticated (anonymous) and the boolean is true (item is locked), I will throw an OrchardSecurityException which basically routes it to the login/unathenticated page.

A few questions:

1) Firstly, is this the appropriate approach?
2) Is RequestContext.HttpContext.User.Identity.IsAuthenticated the best way to verify is the current user is authenticated?
3) If I define the custom part in an auth module, while attaching the part is executed in the content type's respective modules (event CT in the events module), how do I know which one runs first? (i.e. attaching the part may occur before the part is defined if they are on separate modules) Is it more appropriate to define part attachments to Content Types all in the auth module? (wanna make these as decoupled as possible)

Apr 14, 2014 at 4:33 PM
There is an existing module for that: Content Item Permissions.
Apr 22, 2014 at 6:36 PM
That module--Content Item Permissions--has no current release and is not available for download currently. Any other suggestions?
Apr 22, 2014 at 6:53 PM
It's a feature, included in all releases.