Restrict Content publishing for user have read only access to content

-

We have a multisite Sitecore instance, and we have created different roles for each site for content authoring, we have not used workflow. 

The user from one site can view the read-only content from another site but is he able to edit only their site alone. 

Recently one of the content author published the Sitecore/Content with Publish subitems selected this results in publishing all the content from another site as well which are not supposed to be published. 

So we thought of restricting this behavior. 

we have an option to restrict the user from publishing the content who does not have rights.

   <setting name="Publishing.CheckSecurity" value="true" /> 

unfortunately, the above option won’t work for us, as the above setting will still publish the content if the user has read access to the content.

So, I have created a custom pipeline to hide the publish button from the ribbon for the user content that has read-only access.

 

using Sitecore.Shell.Framework.Commands;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web; 
namespace Assembly.Pipeline
{
    /// <summary>
    /// Resticting publishing of the sitecore item only to user and 
    /// item has write access byremoving publish button from the ribbon
    /// but enabling that button to write access provided user and item with 
    /// the combination of <setting name="Publishing.CheckSecurity" value="true" />
    /// </summary>
    public class PublishingRestrictionForReadOnlyUser : PublishItem
    {
        public override CommandState QueryState(CommandContext context)
        {
            var item = context.Items[0];
            var baseState = base.QueryState(context);
            return baseState == CommandState.Enabled && item != null && 
                !item.Security.CanWrite(Sitecore.Context.User)
                ? CommandState.Hidden
                : baseState;
        }
    }
 
}

Patch config:

 

<sitecore>
   <commands>
     <command name="item:publishnow">
       <patch:attribute name="type"> 
            Assembly.Pipeline, AssemblyName
        </patch:attribute>
      </command>
    </commands>
</sitecore>
 

After deploying the above code and config, now the user can publish only their dedicated site content alone, as the Publish button will be hidden for the user who has read-only access to the content. 

Output:

 

For Readonly content

Write access Content:



Once done, we need to remove the Publish Site option from the Desktop menu and from Publish button in the ribbon.

Go to the core database and deny the Publish site item for Sitecore Client Publishing role.



That's it :)

 

Comments

Post a Comment

Popular posts from this blog

Sitecore Upgrade from 8.1 XP to 10.4 XM Scaled - Part 1

-
Image
 I have seen many questions about upgrading Sitecore from 8.1 to 10.4. I will share my experience upgrading Sitecore with tips and tricks that will help the upgrade process go smoothly. This contains multiple parts to get started with the upgrade activity. Steps for Sitecore and Solution Upgrade Checklist Sitecore 8.1 Local instance setup with Solr and verification Sitecore 10.4 Code upgrade issues and resolution Steps for Sitecore and Solution Upgrade Checklist: Solution Upgrade Checklist:   Task Comments / Findings Comments 1 .Net 4.8 upgrade to all the projects in the solution   2 Install SQL Server 2022   3 .NET Core 6.0 Windows Hosting Bundle   4 Install Compatible Solr version for 8.1 and 10.4   5 Update the Nuget package of Sitecore from 8.1 to 10.4 ...
Read more

Custom Item Url and resolving the item in Sitecore - Buckets

-
Image
I have a situation to update the Item URL to be SEO friendly as my items in content tree looks like below. In the above image in order to resolve the item, Sitecore will find the item from the below URL http://domainname/en/dine/nv/chicken but I need to form a URL that is more SEO friendly like http://domainname/en/chicken In Sitecore by Out of box, we can achieve this by using Aliases , we can create an Aliases under System à Aliases and in the Linked Item field select the target item. But this is very tedious as we need to go to every item in the content tree and create Aliases, instead of that we will be going to do it programmatically using custom pipelines. ·          Link Provider (Provides the custom URL for the item based on the templates) ·          Item Resolver (Resolves the item based on the custom URL generated by CustomLinkProvider , that we going to create later...
Read more

Fixing Sitecore Buckets folder path - Items created after 12 AM server time zone

-
Image
We are working on a 24/7 content publishing site, so it is important to have articles published on the correct date and time.  We are using Sitecore buckets to manage article items. In the Sitecore content tree, when the content author tries to look at the items created after 12 AM server time, the items are created under the previous day folder only,  but it is supposed to be created in the current day folder( ie. new bucket day folder to be created and the items to be added in this new day folder ). We have hosted the site in Azure VM in the UAE region. UAE is 4 hours ahead of GMT/UTC (UTC+04:00) so items created between 12 AM to 4 AM are always created under the previous day's folder, but when the item created after 4 AM is properly created under the current day folder in the content tree. Example: If the item was created on 2024 à 09 à 24 between 12 AM to 4 AM then still the item is made under the bucket folder of 2024 à 09 à 23 The created date and the updated ...
Read more