This discussion is archived
4 Replies Latest reply: Jul 26, 2012 9:10 PM by Sheng Qu RSS

Navigation Extensibility

Chris1 Newbie
Currently Being Moderated
Does the security configuration related to this extensibility secure pages against independent requests or just hide the menu items? I'm trying to figure out if I can use this to integrate security for a custom page with UGM groups.
  • 1. Re: Navigation Extensibility
    941206 Newbie
    Currently Being Moderated
    Chris

    In general, if you add your own site to the left hand navigation (in 6.0.0.x and before), the only thing that is protected is the visibility of that item. However, once you punch out to your custom application, you need to double check security yourself.
  • 2. Re: Navigation Extensibility
    Sheng Qu Newbie
    Currently Being Moderated
    Hi, Chris,

    Currently, the security profile are role based check for the navigation items.
    As in your custom modules or pages, You can simply use the public API in UserService to do the same thing.

    Thanks,
    Sheng
  • 3. Re: Navigation Extensibility
    Chris1 Newbie
    Currently Being Moderated
    How does the application do this or what is the best way to do it? Does the application use a custom role provider or is authorization checking rolled into each page?
  • 4. Re: Navigation Extensibility
    Sheng Qu Newbie
    Currently Being Moderated
    Basically, we check the role by the entry of loading object. If you would like to check user's role privilege in your custom classes, please try the flowing APIs.
    //Load user service
    private IUserService UserService
    {
      get{ return (IUserService)LookupService( typeof(IUserService).FullName ); }
    }
    
    //Call API
    UserService.UserContext.IsUserInRole( "[NPD_GLOBAL_DATA_MANAGER]" )   //checking role for current user
    UserService.DoesUserHaveRole( <PKID_OF_USER>, "[NPD_ADMIN]" )     //checking role for a specify user

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points