4 Replies Latest reply: Jul 26, 2012 11:10 PM by Sheng Qu RSS

    Navigation Extensibility

    Chris1
      Does the security configuration related to this extensibility secure pages against independent requests or just hide the menu items? I'm trying to figure out if I can use this to integrate security for a custom page with UGM groups.
        • 1. Re: Navigation Extensibility
          941206
          Chris

          In general, if you add your own site to the left hand navigation (in 6.0.0.x and before), the only thing that is protected is the visibility of that item. However, once you punch out to your custom application, you need to double check security yourself.
          • 2. Re: Navigation Extensibility
            Sheng Qu
            Hi, Chris,

            Currently, the security profile are role based check for the navigation items.
            As in your custom modules or pages, You can simply use the public API in UserService to do the same thing.

            Thanks,
            Sheng
            • 3. Re: Navigation Extensibility
              Chris1
              How does the application do this or what is the best way to do it? Does the application use a custom role provider or is authorization checking rolled into each page?
              • 4. Re: Navigation Extensibility
                Sheng Qu
                Basically, we check the role by the entry of loading object. If you would like to check user's role privilege in your custom classes, please try the flowing APIs.
                //Load user service
                private IUserService UserService
                {
                  get{ return (IUserService)LookupService( typeof(IUserService).FullName ); }
                }
                
                //Call API
                UserService.UserContext.IsUserInRole( "[NPD_GLOBAL_DATA_MANAGER]" )   //checking role for current user
                UserService.DoesUserHaveRole( <PKID_OF_USER>, "[NPD_ADMIN]" )     //checking role for a specify user