Simple solution for Roles:

Topics: Developer Forum, User Forum
Mar 22, 2007 at 12:33 PM
Edited Mar 22, 2007 at 12:34 PM
A lot of people want an extra role defined, just to enable authenticated users access to the content of the controls, without being able to modify page structure and page sitemap.

Here's my easy solution for that:

1) Assume that authenticated users that are not in the Admin-role are just content editors. Currently they can't do anything but we'll change that.

2) Change the following in /Default.aspx.cs:
        foreach (ISection section in _page.Sections)
        {
            SectionControlBaseClass ctl = (SectionControlBaseClass)LoadControl(section.UserControl);
 
            if (User.Identity.IsAuthenticated && User.IsInRole(RoleNames.Administrators.ToString()))
Into:
        foreach (ISection section in _page.Sections)
        {
            SectionControlBaseClass ctl = (SectionControlBaseClass)LoadControl(section.UserControl);
 
            if ((User.Identity.IsAuthenticated))
This will enable the admin functions for sections on each page, whithout enabling the administration menu for administrators.

3) Change the following line in SectionControls/SectionAdmin.ascx:
<asp:Button runat="server" ID="btnDeleteSection" OnClick="btnDeleteSection_Click" Text="<%$ Resources:stringsRes, glb__DeleteSection%>" CausesValidation="false" UseSubmitBehavior="false" />
Into:
<% if (Context.User.IsInRole(MyWebPagesStarterKit.RoleNames.Administrators.ToString())) {%><asp:Button runat="server" ID="btnDeleteSection" OnClick="btnDeleteSection_Click" Text="<%$ Resources:stringsRes, glb__DeleteSection%>" CausesValidation="false" UseSubmitBehavior="false" /><% } %>
This will remove the ability to delete section controls.

The result will enable authenticated users to update the content of the website, withouth the ability to destroy it :-)

Hope this helps!
Jun 22, 2007 at 9:23 AM
I think that for the moment would be simpler to create another predefined role such as "ContentEditors" that is used in different pages and pieces of code.

For example the above code @ 2) would be checking if a user is in role "Administrators" or "ContentEditors".
Jun 23, 2007 at 8:25 PM
I developed a solution to implement real support for roles. This code includes a role editor, a role mapper to map users to different roles and modifications to Pages editor to define a role authorization mechanism to select which roles can access it. This works very well for me and I hope I will be able to post my code very soon. It requires minor modifications to MWPSK core files (AJAX only, as of now). I would also like to add role authorization for single sections. As soon as I will have more free time, I will post those modifications.
Aug 11, 2007 at 11:07 AM
Hello!

I have made a different solution, featuring an additional role "PowerUsers", which can edit pages, but do not have admin rights. The admin may determine which pages are allowed to edit by power users.

Already created an issue here:
http://www.codeplex.com/MyWebPagesStarterKit/WorkItem/View.aspx?WorkItemId=12140

As I wanted to contribute my solution to the community, I have created a private page where you can download the complete archive (featuring the changed source files)
http://members.liwest.at/neumueller/MWPSKextensions/

The source is based on MWPSK 1.1.2 final.
Coordinator
Oct 4, 2007 at 12:30 PM
The Power-User Management from Rayzor will be published with Release 1.2.0.

Best regards,
webeasy