Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit, sed quia non numquam eius modi tempora incidunt ut labore et dolore magnam aliquam quaerat voluptatem. Ut enim ad minima veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam, nisi ut aliquid ex ea commodi consequatur? Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla pariatur?
Experience Sitecore! | Implementing Sitecore security domain role multi-selector field

Experience Sitecore!

Martin Miles on Sitecore

Implementing Sitecore security domain role multi-selector field

I was working on implementing a subscription model system, where authenticated users visit website with a specific role coming from Identity Server (or, unauthenticated - anonymous, of course), so that I can apply personalization of content, as we normally do.

The difference was, however, that subscription level were logical units, more complicated and not matching IDS roles. They also should be adjustable from Sitecore by business users. That made using personalization by these users type quite complicated, due to complex rules creation, especially those with inverted logic except when. But even with that in mind, I could not simply use personalization for preventing unauthorised users (for example, those registered and logged, but still having insufficient permissions) from accessing specific types of content. The business requirement demands all the pages to be accessible by anyone, but when users don't have required access level - most of content apart from few teasing paragraphs in the beginning, needs to be greyed out by a components encouraging them to increase their subscription level in order to get full access.

So, in order to address these requirements, I decided to implemented a simple role-mapping Subscription Model, something as could be described by this template:

But wait! There is no possibility to use Sitecore security roles in an item!

So I decided to implement the one. After quick googling I came across Mike Reynold's experiments with fields and templates and went similar way on implementing Role Multilist Selector field. 

The ready-to-use code, along with required core database serialization I have published to GitHub repository: Sitecore.Foundation.Fields

Once done, core database needs to get a new field type registered - Roles, which is implemented in a way of traditional multi-select field:

So now, I can use it as an ordinary Sitecore item field. Please note, that Source column at first screenshot above contains Domain=ids - that is a set of parameters passed in a format of URL string (UrlString is .NET class that accepts these parameters in the code). I've implemented that as a Sitecore domain filtering parameter, where ids is the domain name.

Now we can select roles - they will be stored in pipe-separated format in given field:

Finally, after implementing a logical layer of Subscription Model, I also had to create custom rules conditions to apply personalization operating these logical subscriptions, but that made business users' life way easier.

Hope this helps!

blog comments powered by Disqus