Prev Next |
The Sitecore Security Model defines which Users have access rights to content and infrastructure Items managed by Sitecore. The Sitecore.SecurityModel namespace includes a number of classes that simplify using the model.
Use the ItemAccess class, available via the Item.Access member, to check whether the current User has specific access rights for a specific Item. Use the SecuritySwitcher class to impersonate another User and assume their access rights. The UserItem and RoleItem classes encapsulate the User and Role Items in a Sitecore Domain.
4.1. Sitecore.SecurityModel.ItemAccess
The ItemAccess class, available via the Item.Access member, includes a number of member functions which calculate whether the current user has been assigned a specific access right for a specific Item. The methods check all appropriate settings, including the roles the User has been assigned, access right inheritance, Workflow settings, and Item Locking.
The commonly used class members include:
CanAdd |
Returns true if the current User has appropriate access rights to create a new Item based on the provided Master or Template ID. |
CanAdmin |
Returns true if the current User has the appropriate access rights to change the access rights of the current Item. |
CanCopyTo |
Returns true if the current User has the appropriate access rights to copy the current Item to the given destination (the User must have Read access rights for the current Item and Create access rights for the destination Item). |
CanCreate |
Returns true if the current User has the appropriate access rights to create children under the current Item. |
CanDelete |
Returns true if the current User has the appropriate access rights to delete the current Item. |
CanDuplicate |
Returns true if the current User has the appropriate access rights to create a duplicate copy of the current Item (the User must have Read access rights for the current Item and Create access rights on the Item’s parent). |
CanMoveTo |
Returns true if the current User has the appropriate access rights to move the Item to the provided destination Item (the User must have Read and Delete access rights on the current Item and Create access rights on the destination Item). |
CanRead |
Returns true if the current User has the appropriate access rights to read the Item. |
CanRename |
Returns true if the current User has the appropriate access rights to rename the Item. |
CanWrite |
Returns true if the current User has the appropriate access rights to modify the contents of the Item. |
4.2. Sitecore.SecurityModel.RoleItem
The RoleItem represents a Role.
4.3. Sitecore.SecurityModel.SecuritySwitcher
Temporarily impersonates the User provided as a parameter to the constructor.
4.4. Sitecore.SecurityModel.UserItem
The UserItem class represents a User. The class contains a number of members which describe the User.
The commonly used class members include:
ClientLanguage |
The default Sitecore Client language for this User as an ISO code string. |
ContentLanguage |
The default language to display in the Content Editor for this User as an ISO code string. |
|
The User’s Email address. |
Fullname |
The User’s full name. |
IsAdministrator |
True if this user is an Administrator. |
LoginName |
The name the User must provide to access the system. |
Roles |
The Roles associated with this User as a Sitecore.SecurityModel.RolesField. |
Prev Next