Permission Controls
This topic describes the various ways of controlling user access to the Content Delivery user interface.
Because any user visiting the application needs to be able to see certain parts of the UI (for example, a login page or a 401 Unauthorized page), the UI API does not include permissions checking.
To prevent users from loading HTML templates that they do not have access to (for example, admin_home.html), the tag library provides a permission control attribute. There is no equivalent named template for this attribute, as it is only used in HTML templates. The <lcui:perm> tag can also be used to check if a specific section of a page should be displayed, based on a permission.
The following snippet shows the tag in use:
<!-- An HTML tag, including the lcui namespace. The lcui:permission attribute prevents this HTML template for being loaded unless the user has this permission. -->
<html xmlns:lcui=http://www.sdlxysoft.com/LiveContent/UITags
lcui:permission="Manage application">
<head>
<title>
</head>
<body>
<lcui:perm key="Manage application">
<div>Content for application managers</div>
</lcui:perm>
...
| Tag | Description | Parameters |
|---|---|---|
Permission Control |
Place the | |
Permission Tests |
Unlike most other tags in the tag library, named perm tag is meant to have content within it. If you wanted to place a link on the page only if a user has certain permissions, you should wrap it in When using the named template, you should store the value of the template call into a variable. The variable will contain See the use of |
|