Role Based Web Part Personalization

I felt compelled to blog on this topic since I had a heck of a time finding any decent documentation on it. What finally pointed me in the right direction after hours of hunting was this random info nugget.

Here's what I had: A dashboard/portal page with operable web part per-user personalization. However, I have multiple roles within my site (not using Asp.net built-in roles, but my own custom provider). When users hit my dashboard page, their role was variable depending on the query string parameters present. Sometimes users should see certain web parts and other times be limited to other web parts. So what I needed was a way to dynamically evaluate within the code-behind whether to actually display a web part contained within that user's aspnet_PersonalizationPerUser record entry.

Thank-you, WebPartManager.AuthorizeWebPart event:

protected void MyWebPartManager1_AuthorizeWebPart(object sender, WebPartAuthorizationEventArgs e)
{
if (!String.IsNullOrEmpty(e.AuthorizationFilter))
{
if (e.AuthorizationFilter.ToString().Equals("Admin"))
{
if (UserIsAdmin())
e.IsAuthorized = false;
}
else if (e.AuthorizationFilter.ToString().Equals("Student"))
{
if (UserIsStudent())
e.IsAuthorized = false;
}
}
}


Now to populate the web part AuthorizationFilter attribute appropriately. This is fairly straight-forward if you're declaratively adding web parts to your CatalogZone and/or WebPartZone, simply add the AuthorizationFilter attribute into the declarative web part statement. However, if like me you're dynamically populating a DeclarativeCatalogPart using the WebPartsListUserControlPath property - you'll need to add the attribute to your user control declaration within the WebPartsListUserControlPath file:

<%@ Control Language="C#" AutoEventWireup="true" CodeFile="AdminWebParts.ascx.cs" Inherits="AdminWebParts" %>
<%@ Register TagPrefix="uc" TagName="adminuc" Src="~\AdministrationUC.ascx" %>


Once the attribute is added to the user control declaration, you should be able to access its value (if any) within the WebPartManager.AuthorizeWebPart event. One little gotcha to keep in mind when working with personalization and web parts. If you've already added web parts to the profile of an existing user prior to making the changes described here, the attribute won't exist. You need to delete all existing web parts within that user's profile, and add new ones after you've added the relevant AuthorizationFilter attribute.

Posted on 7/6/2009 11:22:00 AM by sterlingt

Permalink | Comments (1) | Post RSSRSS comment feed |

Categories: asp.NET 2.0 | MOSS 2007 | SharePoint 2007 | WSS 3.0

Tags:

Related posts

Comments

March 15. 2010 10:07

Thank you!!!

Silvia es