In my applications some role require custom permissions like - "customer moderator" should only be allowed to only view customers
I am able to insert a record in ACL ( Access Control List ) using a plugin - with a custom permission provider ( instead of StandardPermissionProvider)
I am planning to check permissions in view file and if the permission is readonly then i would hide the edit delete buttons.
but to load the view only I need to change code of CustomerController. because there code for
List()method is written like this :
if (!_permissionService.Authorize(StandardPermissionProvider.ManageCustomers))
return AccessDeniedView();
I changed that to this :
if ((_permissionService.Authorize(PermissionProvider.ReadOnlyCustomers))
|| (_permissionService.Authorize(StandardPermissionProvider.ManageCustomers))){
// no change here
}else{
return AccessDeniedView();
}
is there any way I can achieve the same using a plugin? ( and not changing code of CustomerController )