Table of Contents

Permissions

you are here (click to zoom) - discover the stack

2sxc / EAV permissions help you configure who may edit/create data - optionally with "may only save as draft" (new in 9.30). Note that if something doesn't have custom permissions, you'll still have default permissions that apply (see below):

Introduction to Permissions

Permissions are usually a list of zero or more permissions - like this:

When you edit a permission, it looks like this:

To access the permissions, you'll usually find a person-button in the actions of an item:

Permission Overview

Items which can accept permissions are:

  1. Content Types - permissions regulate who can create / edit items of that type
  2. Views / Templates - permissions regulate, who can see this view if accessed through url-parameter
  3. Apps - permissions regulate across all content types, who may edit/create etc. new in 9.30
  4. Fields - permissions regulate, who may upload files new in 9.30

Permissions consist of the following parts:

  1. Requirements - what the current user must fulfill, for it to apply
  2. Grants - what is allowed with this permission

Understanding Requirements

For a permission to apply, you must specify for whom this is. To do this, you can choose various requirements:

  1. Dnn Permissions: in this case, you can specify if the user has view permissions, this applies
  2. User Identity: in this case you can specifiy a user GUID new in 9.30, requires the feature to be enabled
  3. Group ID(s): if a user is in any of these Dnn groups, the rule applies new in 9.30, requires the feature to be enabled

Understanding Grants

If a permission applies, it will grant the current user some rights - like creating or editing data. Grants are internally coded as a letter of the alphabet, like:

  1. c for create
  2. d for delete
  3. č for create drafts only
  4. f for full (all) permissions

A grant can contain multiple rights - like crud for create, read, update, delete. Many grants like f will automatically grant other things (obviously).

Default Permissions

It's important to understand that for many scenarios, default permissions already apply. Super-users may always do everything, and admins may read/write all data. These default permissions cannot be reduced with new permissions at the moment, so an admin always has read/write and cannot be degraded to lower permissions.

Using Permissions in Code

As of now, the permissions API isn't final, so if you want to use it in code, you can immitate code you can find in the source. But these commands will change when the API is final, so you'll end up making adjustments.

History

  1. Basic permissions (ContentType / View) added ca. 2sxc 7
  2. Permissions for draft-save-only added in 2sxc 9.30
  3. Permissions for user IDs and groups added in 2sxc 9.30
Edit this page