User Permission Feature by warrenbuckley...
# package-developmentw
Warren Buckley
11/28/2024, 4:15 PM@Sven Geusens my approach a lot simpler/dumb as it just protecting the API controller by checking the root node -1 as the path/node to get permissions for
https://github.com/warrenbuckley/Examine-Peek/pull/11
Unless you know of another service & method I should use/call for this ?
Copy code
csharp
var permissions = umbracoUser.GetPermissions(Constants.System.RootString, _userService);s
Sven Geusens
11/28/2024, 5:25 PMYeah, that works out fine.
Alternative to the extension method is using the actual call underneath that uses the userservice you pass in.
w
Warren Buckley
11/28/2024, 5:25 PMuserService.GetPermissionsForPath(user, path).GetAllPermissions();Warren Buckley
11/28/2024, 5:28 PMYeh may do that and I assume .GetAllPermissions here is combining the group permissions with any explict permissions from the document?!
s
Sven Geusens
11/29/2024, 8:19 AMindeed
w
Warren Buckley
11/29/2024, 8:27 AMDo you know how I could use the GUID from the request to the API as it part of a path as I could use that instead of -1 / root
s
Sven Geusens
11/29/2024, 10:52 AMThat is one of the things I need to figure out too for the granular version of my attribute. It is available on the request object in its raw unparsed form. The trick is to pick it up in your authorization handler. We should be able to inject a RequestAccesor in there and go from there.
w
Warren Buckley
11/29/2024, 1:52 PMHmm OK I will play around and investifate
2 Views