Binding to SiteMap with Security Trimming on Roles

9 posts, 0 answers
  1. King Wilder
    King Wilder avatar
    240 posts
    Member since:
    Oct 2007

    Posted 26 Jun 2012 Link to this post

    Is this functionality supported in the present version?  Is Security Trimming available for site maps?

    Thanks,

    King Wilder
  2. Atanas Korchev
    Admin
    Atanas Korchev avatar
    8462 posts

    Posted 27 Jun 2012 Link to this post

    Hi King,

     Kendo UI is client-side library and does not do security trimming which is a server-side feature. You can however use the MVC wrapper of the Menu which supports security trimming.

    Regards,
    Atanas Korchev
    the Telerik team
    Join us on our journey to create the world's most complete HTML 5 UI Framework - download Kendo UI now!
  3. Kendo UI is VS 2017 Ready
  4. Xebra
    Xebra avatar
    5 posts
    Member since:
    Sep 2012

    Posted 06 Feb 2013 Link to this post

    Any examples?
  5. Atanas Korchev
    Admin
    Atanas Korchev avatar
    8462 posts

    Posted 07 Feb 2013 Link to this post

    Hi Gregg,

    Could you elaborate? What examples do you need? The MVC menu performs security trimming by default .

    Regards,
    Atanas Korchev
    the Telerik team
    Join us on our journey to create the world's most complete HTML 5 UI Framework - download Kendo UI now!
  6. Xebra
    Xebra avatar
    5 posts
    Member since:
    Sep 2012

    Posted 07 Feb 2013 Link to this post

    Hi Atanas,

    I must be doing something wrong as I am unable to get it to work. The menu correctly binds to the sitemap, but instead of not showing the "Dinners" menu because I do not have myself set up an an Admin it displays all of it. Here is what I have. Maybe you'll see where I went astray.

    Web.sitemap (in the root of the MVC application)

    <?xml version="1.0" encoding="utf-8" ?>
    <siteMap>
    <siteMapNode title="" description="" roles="*">
        <siteMapNode title="Home" controller="Home" action="Index">
            <siteMapNode title="Contact" controller="Home" action="Contact" />
            <siteMapNode title="Abount" controller="Home" action="About" />
        </siteMapNode>
        <siteMapNode title="Dinners" controller="Dinners" action="Index" roles="Admin">
    </siteMapNode>
    </siteMap>

    WebApiConfig.cs (Called from Global.asax)

    using Kendo.Mvc;
    public static void RegisterSiteMap()
    {
        if(!SiteMapManager.SiteMaps.ContainsKey("WebSiteMap"))
        {
            SiteMapManager.SiteMaps.Register<XmlSiteMap>("WebSiteMap", sitemap => sitemap.LoadFrom("~/Web.sitemap"));
        }
    }

    _Layout.cshtml

    <nav>
    @if(Request.IsAuthenticated)
    {
        @Html.Kendo().Menu()
        .Name("SiteNav")
        .Direction(MenuDirection.Bottom)
        .SecurityTrimming(true)
        .BindTo("WebSiteMap", (item, siteMapNode) => {})
    }
    </nav>

    Thanks for your help!
  7. Atanas Korchev
    Admin
    Atanas Korchev avatar
    8462 posts

    Posted 07 Feb 2013 Link to this post

    Hi Gregg,

     The menu relies on the AuthorizeAttribute. You can try decorating your action methods with it. Probably this is what is missing.

    Regards,
    Atanas Korchev
    the Telerik team
    Join us on our journey to create the world's most complete HTML 5 UI Framework - download Kendo UI now!
  8. Xebra
    Xebra avatar
    5 posts
    Member since:
    Sep 2012

    Posted 07 Feb 2013 Link to this post

    Awesome, that worked! I appreciate it!!!

    I had the [Authorize] attribute on the controller, but no roles specified [Authorize(Roles="Admin")]

    Also, I did not need to configure the sitemap with roles, so that cleaned up nicely as well:

    <?xml version="1.0" encoding="utf-8" ?>
    <siteMap>
    <siteMapNode title="" description="">
        <siteMapNode title="Home" controller="Home" action="Index">
            <siteMapNode title="Contact" controller="Home" action="Contact" />
            <siteMapNode title="Abount" controller="Home" action="About" />
        </siteMapNode>
        <siteMapNode title="Dinners" controller="Dinners" action="Index">
    </siteMapNode>
    </siteMap>

  9. Indramani
    Indramani avatar
    2 posts
    Member since:
    Apr 2014

    Posted 05 Jun 2014 in reply to Xebra Link to this post

    Can I get the code how you render menu without mentioning any role property to sitemap and also in your controller
  10. Atanas Korchev
    Admin
    Atanas Korchev avatar
    8462 posts

    Posted 10 Jun 2014 Link to this post

    Hi,

    You need to decorate your action method with the authorize attribute and specify the roles there:

    [Authorize(Roles="Admin")]
    public ActionResult Admin()
    {
    }

    The menu will use it at runtime to show or hide any links to this action method.

    Regards,
    Atanas Korchev
    Telerik
     
    Join us on our journey to create the world's most complete HTML 5 UI Framework - download Kendo UI now!
     
Back to Top
Kendo UI is VS 2017 Ready