Return to doc.sitecore.com

  Security
Prev Next

1.  Access Permissions

The most noticeable change to security is that often you don’t need to think about it – all security checks are handled implicitly by Sitecore API.   

When rendering a page, you don’t have to check whether a user can access the current item – the user will not be allowed to see the page in the first place.  

When retrieving an item or item collection you don’t need to remember to check the security: Sitecore will only return items that the current user is allowed to see.  

It is possible to temporary switch the security off to regain Sitecore V4 semantics:

using (new SecurityDisabler())
{

   Item secure = database.Items[“/sitecore/content/home/secure”];
}
 

To explicitly check the security assignments there’s a helper method for each operation:

item.Access.CanRead()

item.Access.CanWrite()

...  

Note that a list of possible assignments was changed in Sitecore V5. In particular, ‘Admin’, ‘Approve’, ‘Publish’ and ‘None’ were removed. ‘Administer’ assignment controls whether a user can modify security assignments. 

Sitecore V4

Sitecore V5

Sitecore.Security, Sitecore.ExtranetSecurity

Sitecore.Context.Security

2.  Domains, Users and Roles

Sitecore V5 introduces the domain concept – roles, users and security assignments are bound to a specific security domain, similar to the Windows security.   

The credentials are also validated against specific domain:  

// login a user

DomainAccessResult result = Sitecore.Context.Domain.Login(login, password);

if (result.Success)

{

   Response.Write(“Welcome”);
}

else

{

  Response.Write(“Cannot log in: “ + result.Message);
}
 

Instead of using generic database access to retrieve the users or roles (groups in Sitecore V4) you should use methods exposed by Domain:  

RoleItem[] roles = domain.GetRoles();

RoleItem developers = domain.GetRole(“developers”);

UserItem user = domain.GetUser(“user name”);

Sitecore V4

Sitecore V5

Sitecore.User, Sitecore.ExtranetUser

Sitecore.SecurityModel.UserItem

-

Sitecore.SecurityModel.RoleItem

-

Sitecore.SecurityModel.Domain

Supplementary reading:


Prev Next