Friday, June 10, 2005

How to determine if a Microsoft CMS user has administrator rights

Excellent posting from Stefan about how to determine if a Microsoft CMS user has administrator rights (Update : it seems that the idea originally came from Chester)

The CmsHttpContext has a UserCacheKey property which is used by ASP.NET output caching with MCMS in combination with the VaryByCustom="cmsrole" method to ensure that content can be varied for different user roles.

The MCMS help gives the following statement for this property:

UserCacheKey is guaranteed to be the same for two users, of those two users are both members of all the same MCMS rights groups. UserCacheKey will also be the same for two users if both users are MCMS administrators. In contrast, UserCacheKey is different for two users if those two users do not meet either of the above two requirements.

Looking at the value returned for this property for MCMS administrators shows that always "A" is returned!

So a simple check for this property for the string "A" is sufficient to identify if the current user is a MCMS administrator or not!

Actually there is no guarantee that this property value will be the same with the next service pack. But the chance that this gets changed is very low.

The way I always did it was creating a CMS channel where only an administrator had rights on, next you just tried to read in this channel. Off course non-admins would have no access. I guess the way of working described above is a lot cleaner...

No comments: