How to validate user permissions on custom components, commands, etc.?

[relizondobarrios]

We are working with Module Builder and creating a content type called Catalog. For Catalog, we hide the standard "Create" button and instead implement our "Create" button.

Our "Create" button opens a dialog and inserts a catalog item using the Sitefinity web services API. Now, we need to validate the user permissions in this creation process. For example: We only want to allow administrator users to create catalogs.

How can we integrate user permission validations into our custom components, commands, etc.?

[Novkirishki]

Hi @relizondobarrios, to achieve the desired behavior you can do the following:

• Create a custom OData endpoint that validates/checks user permissions using the Sitefinity API
• Call the endpoint to validate the permissions before opening the dialog/executing the operation

The client application (AdminApp) has no knowledge of user permissions. This logic takes place on the server.

Hope this helps.