Prev Next |
1. Access Permissions
The most noticeable change to security is that often you don’t need to think about it – all security checks are handled implicitly by Sitecore API.
When rendering a page, you don’t have to check whether a user can access the current item – the user will not be allowed to see the page in the first place.
When retrieving an item or item collection you don’t need to remember to check the security: Sitecore will only return items that the current user is allowed to see.
It is possible to temporary switch the security off to regain Sitecore V4 semantics:
using (new SecurityDisabler())
{
Item secure = database.Items[“/sitecore/content/home/secure”];
}
To explicitly check the security assignments there’s a helper method for each operation:
item.Access.CanRead()
item.Access.CanWrite()
...
Note that a list of possible assignments was changed in Sitecore V5. In particular, ‘Admin’, ‘Approve’, ‘Publish’ and ‘None’ were removed. ‘Administer’ assignment controls whether a user can modify security assignments.
Sitecore V4 |
Sitecore V5 |
Sitecore.Security, Sitecore.ExtranetSecurity |
Sitecore.Context.Security |
2. Domains, Users and Roles
Sitecore V5 introduces the domain concept – roles, users and security assignments are bound to a specific security domain, similar to the Windows security.
The credentials are also validated against specific domain:
// login a user
DomainAccessResult result = Sitecore.Context.Domain.Login(login, password);
if (result.Success)
{
Response.Write(“Welcome”);
}
else
{
Response.Write(“Cannot log in: “ + result.Message);
}
Instead of using generic database access to retrieve the users or roles (groups in Sitecore V4) you should use methods exposed by Domain:
RoleItem[] roles = domain.GetRoles();
RoleItem developers = domain.GetRole(“developers”);
UserItem user = domain.GetUser(“user name”);
Sitecore V4 |
Sitecore V5 |
Sitecore.User, Sitecore.ExtranetUser |
Sitecore.SecurityModel.UserItem |
- |
Sitecore.SecurityModel.RoleItem |
- |
Sitecore.SecurityModel.Domain |
Supplementary reading:
Prev Next