I need to create a few more permission records to lock down certain parts of the subnavs in the Customer dropdown list. Meaning, I don't want some people to not have permission to Customer Roles, BUT I do want them to have access to the customer list to search customers.
How do I add new permission records? I though going through the StandaPermissoinProvider.cs woudl work AND adding the new lines in the sitemap.config, but I don't see my new permissions in the ACL list.
Can I do it without touching the table directly?
Is there a way to do this?
How do you create a new permission record in ACL?
MVP
Сертифицированный разработчик
- 558
- 6401
- 29.07.2011
- United Kingdom
cmosqueda wrote:
I don't think there's any way to do it throught the admin panel. I've not tried it but the PermissionService has an InsertPermissionRecord method so I'd guess it's possible.
There's also a method called InstallPermissions that takes an IPermissionProvider parameter so I'd guess the 'proper' way to do it in a plugin would be to create a new permission provider that implements the IPermissionProvider interface and pass it to the InstallPermissions method during the plugin's installation.
How do I add new permission records? I though going through the StandaPermissoinProvider.cs woudl work AND adding the new lines in the sitemap.config, but I don't see my new permissions in the ACL list.
Can I do it without touching the table directly?
Can I do it without touching the table directly?
I don't think there's any way to do it throught the admin panel. I've not tried it but the PermissionService has an InsertPermissionRecord method so I'd guess it's possible.
There's also a method called InstallPermissions that takes an IPermissionProvider parameter so I'd guess the 'proper' way to do it in a plugin would be to create a new permission provider that implements the IPermissionProvider interface and pass it to the InstallPermissions method during the plugin's installation.
- 62
- 410
- 19.01.2010
- United States
Oraclegirl, et al,
Yes, I did this just yesterday.
1. Open the Sitemap.config file.
2. Copy a line similar to what you want to use.
For instance, let's say you want to add a new permission to so you can block off the editing of Customer Roles to certain admins. My example is below:
The main parts you want to pay attention to are the SystemName, PermissionsNames, and Controller.
3. Go into 'StandardPermissionsProvider.cs' in 'Libraries > Nop.Services > Security'
4. In StandardPermissionsProvider.cs' you will see a bunch of "public static readonly PermissionRecord" declarations. Copy one of the last lines of the 'Admin area' ones and just paste it below that line and in our case you will see a similar set up as we did for our newly created property in our sitemap.config.
So name the PermissionRecord accordingly, in this case it is CUSTOMManageCustomerRoles.
In the '= new PermissionRecord' portion after the 'Name =' add a custom string (this will show up in the list in ACL) and set the 'SystemName' the same as we did for the 'PermissionsName' in the sitemap.config
6. Open your DB and go to the table dbo.PermissionRecord and create a new line the same as the one before. NOW for the 'Name' column put the 'Name' that we created in the PermissionRecord line above (in this case it is 'Admin area. Manage Customers Roles'), in the 'SystemName' column put the SystemName in the PermissionRecord line above (in this case it is 'ManageCustomerRoles'), in the 'Category' column put the same 'Category' as the PermissionRecord line above (in this case it is 'Customer')
Now build. Does that make sense?
Yes, I did this just yesterday.
1. Open the Sitemap.config file.
2. Copy a line similar to what you want to use.
For instance, let's say you want to add a new permission to so you can block off the editing of Customer Roles to certain admins. My example is below:
<siteMapNode SystemName="Customer roles" nopResource="Admin.Customers.CustomerRoles" PermissionNames="ManageCustomerRoles" controller="CustomerRole" action="List" />
The main parts you want to pay attention to are the SystemName, PermissionsNames, and Controller.
3. Go into 'StandardPermissionsProvider.cs' in 'Libraries > Nop.Services > Security'
4. In StandardPermissionsProvider.cs' you will see a bunch of "public static readonly PermissionRecord" declarations. Copy one of the last lines of the 'Admin area' ones and just paste it below that line and in our case you will see a similar set up as we did for our newly created property in our sitemap.config.
So name the PermissionRecord accordingly, in this case it is CUSTOMManageCustomerRoles.
In the '= new PermissionRecord' portion after the 'Name =' add a custom string (this will show up in the list in ACL) and set the 'SystemName' the same as we did for the 'PermissionsName' in the sitemap.config
public static readonly PermissionRecord CUSTOMManageCustomerRoles = new PermissionRecord { Name = "Admin area. Manage Customers Roles", SystemName = "ManageCustomerRoles", Category = "Customers" };
6. Open your DB and go to the table dbo.PermissionRecord and create a new line the same as the one before. NOW for the 'Name' column put the 'Name' that we created in the PermissionRecord line above (in this case it is 'Admin area. Manage Customers Roles'), in the 'SystemName' column put the SystemName in the PermissionRecord line above (in this case it is 'ManageCustomerRoles'), in the 'Category' column put the same 'Category' as the PermissionRecord line above (in this case it is 'Customer')
Now build. Does that make sense?
- 123
- 796
- 02.02.2015
- Italy
Hi. I'm interested too in having more functioanlity on ACL: does anyone realize a plugin that enhance NOP ACL functionalities?
Ther are a lot NOP plugins that realize some interesting features for topics, catalog, widget and so on: if you want to give to an EDITOR permissions to use these plugins pratically you give it the access to plugin payment settings and other dangerous features of NOP.
This must be a must. I put these posts in NOP enhacements sections.
If there is i would buy it.
Ther are a lot NOP plugins that realize some interesting features for topics, catalog, widget and so on: if you want to give to an EDITOR permissions to use these plugins pratically you give it the access to plugin payment settings and other dangerous features of NOP.
This must be a must. I put these posts in NOP enhacements sections.
If there is i would buy it.
- 62
- 410
- 19.01.2010
- United States
@mystones,
I don't think there is a way to make a plugin in this instance. Because of the way the 'sitemap.config' file needs updated, there are special properties that need filled in. Not saying it is not possible, but plugins are extensions of the core NopCommerce. Touching the sitemap.config involves any plugin code to actually make changes to a core NopCommerce file. But from my understanding that is the point of plugins is to not have to modify the core Nop files but to extend NopCommerce.
I agree, there should be a better way to add permissions.
However, if you, or anyone else would like, I can provide my services to make the updates and changes to the ACL for you if you don't want to make the changes yourself. You can PM me if you would like.
mystones wrote:
I don't think there is a way to make a plugin in this instance. Because of the way the 'sitemap.config' file needs updated, there are special properties that need filled in. Not saying it is not possible, but plugins are extensions of the core NopCommerce. Touching the sitemap.config involves any plugin code to actually make changes to a core NopCommerce file. But from my understanding that is the point of plugins is to not have to modify the core Nop files but to extend NopCommerce.
I agree, there should be a better way to add permissions.
However, if you, or anyone else would like, I can provide my services to make the updates and changes to the ACL for you if you don't want to make the changes yourself. You can PM me if you would like.
mystones wrote:
Hi. I'm interested too in having more functioanlity on ACL: does anyone realize a plugin that enhance NOP ACL functionalities?
Ther are a lot NOP plugins that realize some interesting features for topics, catalog, widget and so on: if you want to give to an EDITOR permissions to use these plugins pratically you give it the access to plugin payment settings and other dangerous features of NOP.
This must be a must. I put these posts in NOP enhacements sections.
If there is i would buy it.
Ther are a lot NOP plugins that realize some interesting features for topics, catalog, widget and so on: if you want to give to an EDITOR permissions to use these plugins pratically you give it the access to plugin payment settings and other dangerous features of NOP.
This must be a must. I put these posts in NOP enhacements sections.
If there is i would buy it.
- 39
- 205
- 03.09.2021
- India
//ACL
private void AddPermissionRecord()
{
if (!_dataProvider.GetTable<PermissionRecord>().Any(pr => string.Compare(pr.SystemName,
PluginDefaults.FAQ_PERMISSION_SYSTEM_NAME, true) == 0))
{
var Permission = _dataProvider.InsertEntity(
new PermissionRecord
{
Name = PluginDefaults.FAQ_PERMISSION_NAME,
SystemName = PluginDefaults.FAQ_PERMISSION_SYSTEM_NAME,
Category = PluginDefaults.FAQ_PERMISSION_CATEGORY
}
);
//add it to the Admin role by default
var adminRole = _dataProvider
.GetTable<CustomerRole>()
.FirstOrDefault(x => x.IsSystemRole && x.SystemName == NopCustomerDefaults.AdministratorsRoleName);
_dataProvider.InsertEntity(
new PermissionRecordCustomerRoleMapping
{
CustomerRoleId = adminRole.Id,
PermissionRecordId = Permission.Id
}
);
}
}
private void AddPermissionRecord()
{
if (!_dataProvider.GetTable<PermissionRecord>().Any(pr => string.Compare(pr.SystemName,
PluginDefaults.FAQ_PERMISSION_SYSTEM_NAME, true) == 0))
{
var Permission = _dataProvider.InsertEntity(
new PermissionRecord
{
Name = PluginDefaults.FAQ_PERMISSION_NAME,
SystemName = PluginDefaults.FAQ_PERMISSION_SYSTEM_NAME,
Category = PluginDefaults.FAQ_PERMISSION_CATEGORY
}
);
//add it to the Admin role by default
var adminRole = _dataProvider
.GetTable<CustomerRole>()
.FirstOrDefault(x => x.IsSystemRole && x.SystemName == NopCustomerDefaults.AdministratorsRoleName);
_dataProvider.InsertEntity(
new PermissionRecordCustomerRoleMapping
{
CustomerRoleId = adminRole.Id,
PermissionRecordId = Permission.Id
}
);
}
}
MVP
Сертифицированный разработчик
- 3946
- 35227
- 08.02.2010
- Australia
PermissionRecord manageSystem = new PermissionRecord
{
Name = "Admin area. Manage Access",
SystemName = "ManageAccess",
Category = "Access"
};
var permissionRecord = (await _permissionService.GetAllPermissionRecordsAsync()).Where(x => x.Name == manageSystem.Name);
if (permissionRecord == null || permissionRecord.Count() == 0)
{
await _permissionRecordRepository.InsertAsync(manageSystem);
permissions.Add(manageSystem);
}
var customerRole = (await _customerService.GetAllCustomerRolesAsync()).Where(cr => cr.Name == "Administrators").FirstOrDefault();
if (customerRole != null)
{
var mapping = await _permissionService.GetMappingByPermissionRecordIdAsync(manageSystem.Id);
if (mapping != null && mapping.Count() == 0)
{
var prcrm = new PermissionRecordCustomerRoleMapping { CustomerRoleId = customerRole.Id, PermissionRecordId = manageSystem.Id };
await _permissionService.InsertPermissionRecordCustomerRoleMappingAsync(prcrm);
}
}
//Later in your menu routine - checking access
var permissionRecord = (await _permissionService.GetAllPermissionRecordsAsync()).Where(x => x.Name == "ManageAccess");
if (permissionRecord != null && permissionRecord.Count() != 0)
{
if (await _permissionService.AuthorizeAsync(manageSystem))
{
// You have access
}
}