Architecture Orchard CMS. Security and Development Concepts
This is a continuation of the second part of the guide “ How to create your website from scratch using Orchard CMS ”. You can get acquainted with the first part of the guide here: the beginning and the continuation . Home “ Orchard CMS Architecture. Basic concepts can be found and read here and here .
In order to start working with Orchard CMS, you need to learn the basic concepts that are used in this CMS for working with content. In this part of the guide, we will introduce the concepts of security and rights delineation in Orchard CMS and the concepts used in the development of modules for the content management system.
I remind you that the automatic download of Orchard is available from the application gallery using the Web Platform Installer's quick access tool (click on this link to start the installation ).
')
An important part of each content management system is the security, separation and management of user rights. In this part of the tutorial, we will look at Orchard CMS security related concepts.
In Orchard CMS, users can be assigned roles that have a set of specific permissions and access rights. Any user can have from one to several roles.
Website developers and administrators can create their own roles for users, however, a set of basic roles already exists in Orchard CMS by default:
Fig. 2.14. Managing users and roles in the Orchard CMS admin panel
In Orchard CMS, roles and users are managed using the administration panel and the corresponding sections (Figure 2.14).
In the Orchard content management system, all users may have different privileges and permissions on the site. The rights and privileges to perform any actions on the site are described in Orchard by the permissions mechanism (permissions).
In Orchard CMS, the permissions granted to roles are inherited by users assigned to these roles. That is, if the user is assigned the Administrator role, this user receives all the permissions that are inherent in the Administrator role (Figure 2.15).
Fig. 2.15. Editing user settings and roles in the administration panel
In order to revoke a permission from a user, you must either take a role from the user or edit this role and remove the permission.
Some permissions may be obtained implicitly. For example, if you give the user a “site owner” permission, then that user will implicitly obtain all other permissions.
Since Orchard CMS is based on a modular approach, rights management and the creation of a set of permissions rests with the modules and their developers. The module must define a set of permissions, which can then be installed in the Orchard CMS administration panel for different roles (Figure 2.16).
Fig. 2.16. Editing permissions for different modules for a specific role in the Orchard CMS administration panel
In the Orchard CMS system there is a special concept “Site Owner” (Site Owner), which describes the superuser. This user is set during the initial configuration of the CMS (by default, it is given the name admin, which can be changed).
The site owner is granted permissions by default for all possible actions with the site and its contents. This permission set can be changed through the control panel.
In addition, in Orchard CMS there is a permission “Site Owners Permission” (permission from the Site Owner), which allows you to issue superuser rights of an entire role. This permission is granted by default to the administrator role (Figure 2.16).
Developers of Orchard CMS modules need to know a number of concepts with which this content management tool operates. Most concepts relate to software development and the ASP.NET MVC framework.
We will learn more about these concepts when studying the development of modules for CMS.
The handler is an Orchard concept that is similar to ASP.NET MVC action filters. Handlers in Orchard are code that runs in response to an event during the execution of a request.
To create a handler, use the
Events to which the handler can respond are handled by the following methods:
A driver is an Orchard concept that is similar to ASP.NET MVC controllers. Unlike controllers, drivers operate at the content level, not the query level. Drivers are engaged in the preparation of forms for display and process requests from the control panel.
Driver classes are inherited from the ContentPartDriver <> class .
Record is a class that represents a database in terms of content. Records are POCO objects in which each property must be virtual.
Record classes are inherited from the ContentPartRecord class.
The content part model is the content part class itself. Some parts also define representation models for defining strongly typed representations or for creating more flexible dynamic forms.
Migration is a description of the operations that must be performed during the first installation of the function or when updating it from the old version to the new version. This concept allows for a smooth update of the functions without data loss. Orchard CMS provides a special tool for data migration.
Code injections are widely used in Orchard CMS. When a dependency code is required, this code will require the injection of one or more instances of a specific interface. The Orchard CMS framework will automatically take care of fetching, instantiating, and injecting the correct code during execution.
In the second part of the Orchard CMS manual, we looked at the most important concepts with which this content management system operates.
We got acquainted with the concepts and terms that are used in Orchard CMS when working with content. We learned the basic concepts of the system layout mechanism. Considered a system of security and delineation of rights. Finally, they got acquainted with the concepts of Orchard CMS, which are used in the development of modules for this system.
In the next part of the tutorial, we’ll take a closer look at widgets and the Orchard CMS functional expansion mechanism.
Introduction
In order to start working with Orchard CMS, you need to learn the basic concepts that are used in this CMS for working with content. In this part of the guide, we will introduce the concepts of security and rights delineation in Orchard CMS and the concepts used in the development of modules for the content management system.
I remind you that the automatic download of Orchard is available from the application gallery using the Web Platform Installer's quick access tool (click on this link to start the installation ).
')
Orchard CMS Security Concepts
An important part of each content management system is the security, separation and management of user rights. In this part of the tutorial, we will look at Orchard CMS security related concepts.
Users and Roles
In Orchard CMS, users can be assigned roles that have a set of specific permissions and access rights. Any user can have from one to several roles.
Website developers and administrators can create their own roles for users, however, a set of basic roles already exists in Orchard CMS by default:
- Administrator (Administrator) - users have full access to all settings and content of the website;
- Editor (Editor) - users can edit and publish content created by other authors, but can not create their content;
- Moderator (Moderator) - users monitor user content, such as comments and check it for compliance with the rules of the site;
- Author (Author) - users can write and publish content on the site;
- Contributor - users create content, but may not have permission to publish it;
- Anonymous - An unknown user for the system, who did not log in to the system;
- Authenticated - any user who is logged in.
Fig. 2.14. Managing users and roles in the Orchard CMS admin panel
In Orchard CMS, roles and users are managed using the administration panel and the corresponding sections (Figure 2.14).
Privileges and Permissions
In the Orchard content management system, all users may have different privileges and permissions on the site. The rights and privileges to perform any actions on the site are described in Orchard by the permissions mechanism (permissions).
In Orchard CMS, the permissions granted to roles are inherited by users assigned to these roles. That is, if the user is assigned the Administrator role, this user receives all the permissions that are inherent in the Administrator role (Figure 2.15).
Fig. 2.15. Editing user settings and roles in the administration panel
In order to revoke a permission from a user, you must either take a role from the user or edit this role and remove the permission.
Some permissions may be obtained implicitly. For example, if you give the user a “site owner” permission, then that user will implicitly obtain all other permissions.
Since Orchard CMS is based on a modular approach, rights management and the creation of a set of permissions rests with the modules and their developers. The module must define a set of permissions, which can then be installed in the Orchard CMS administration panel for different roles (Figure 2.16).
Fig. 2.16. Editing permissions for different modules for a specific role in the Orchard CMS administration panel
Site owner
In the Orchard CMS system there is a special concept “Site Owner” (Site Owner), which describes the superuser. This user is set during the initial configuration of the CMS (by default, it is given the name admin, which can be changed).
The site owner is granted permissions by default for all possible actions with the site and its contents. This permission set can be changed through the control panel.
In addition, in Orchard CMS there is a permission “Site Owners Permission” (permission from the Site Owner), which allows you to issue superuser rights of an entire role. This permission is granted by default to the administrator role (Figure 2.16).
Orchard CMS Development Concepts
Developers of Orchard CMS modules need to know a number of concepts with which this content management tool operates. Most concepts relate to software development and the ASP.NET MVC framework.
We will learn more about these concepts when studying the development of modules for CMS.
Handler
The handler is an Orchard concept that is similar to ASP.NET MVC action filters. Handlers in Orchard are code that runs in response to an event during the execution of a request.
To create a handler, use the
ContentHandler class, from which you must inherit the handler class.Events to which the handler can respond are handled by the following methods:
- OnActivated
- OnCreated
- OnCreating
- OnIndexed
- OnIndexing
- OnInitializing
- OnLoaded
- OnLoading
- Onpublished
- Onpublishing
- OnRemoved
- OnRemoving
- OnUnpublished
- OnUnpublishing
- Onversioned
- Onversioning
Driver
A driver is an Orchard concept that is similar to ASP.NET MVC controllers. Unlike controllers, drivers operate at the content level, not the query level. Drivers are engaged in the preparation of forms for display and process requests from the control panel.
Driver classes are inherited from the ContentPartDriver <> class .
Record
Record is a class that represents a database in terms of content. Records are POCO objects in which each property must be virtual.
Record classes are inherited from the ContentPartRecord class.
Model
The content part model is the content part class itself. Some parts also define representation models for defining strongly typed representations or for creating more flexible dynamic forms.
Migration
Migration is a description of the operations that must be performed during the first installation of the function or when updating it from the old version to the new version. This concept allows for a smooth update of the functions without data loss. Orchard CMS provides a special tool for data migration.
Injection
Code injections are widely used in Orchard CMS. When a dependency code is required, this code will require the injection of one or more instances of a specific interface. The Orchard CMS framework will automatically take care of fetching, instantiating, and injecting the correct code during execution.
Conclusion
In the second part of the Orchard CMS manual, we looked at the most important concepts with which this content management system operates.
We got acquainted with the concepts and terms that are used in Orchard CMS when working with content. We learned the basic concepts of the system layout mechanism. Considered a system of security and delineation of rights. Finally, they got acquainted with the concepts of Orchard CMS, which are used in the development of modules for this system.
In the next part of the tutorial, we’ll take a closer look at widgets and the Orchard CMS functional expansion mechanism.
Source: https://habr.com/ru/post/116858/
All Articles