New to Telerik UI for ASP.NET AJAXStart a free 30-day trial

Enforce Roles

RadEditor for ASP.NET AJAX provides you with a flexible mechanism for enforcing user roles, which makes it suitable even for large enterprise-wide applications with multiple users and roles. By dynamically setting the ViewPaths, UploadPaths, DeletePaths or the respective properties for Flash, Media, Templates and Documents, you can strictly control user access to resources, in accordance with their roles or profiles.

The table below shows a sample scenario with 4 users and the respective property values that can facilitate those rights.

User (Role)InsertDeleteUploadProperties
Mike (Administrator)~//* the tilde ~ symbol represents the root of your web application */~/~/ViewPaths ="/" DeletePaths ="/" UploadPaths ="~/"
John (Marketing)/Common/Marketing~/Marketing/John~/Marketing/John/Marketing/Marketing/JohnViewPaths ="/Common,/Marketing" DeletePaths ="/Marketing/John" UploadPaths ="/Marketing"
Steve (Sales)/Common/Sales/Steve~/Sales/Steve~/Sales/SteveViewPaths ="/Common,/Sales/Steve" DeletePaths ="/Sales/Steve" UploadPaths ="/Sales/Steve"
Diana (HR)~/HRViewPaths ="~/HR" DeletePaths ="" UploadPaths =""

The example below demonstrates a basic user role scenario for setting the Image manager properties and folders access. For example in our scenario we have three users: Mike (Administrator) - he has full access to all files in all folders, John who has access to view, upload and delete files in the Common and Marketing folders and all other users have access to the resources subfolder only.

C#
string userRole = "Mike"; //Administrator
protected void Page_Load(object sender, EventArgs e)
{
	if (!IsPostBack)
	{
		switch (userRole)
		{
			case "Mike": /*Administrator*/
				RadEditor1.ImageManager.ViewPaths = new string[] { "~/" };
				RadEditor1.ImageManager.UploadPaths = new string[] { "~/" };
				RadEditor1.ImageManager.DeletePaths = new string[] { "~/" };
				break;
			case "John": /*John*/
				RadEditor1.ImageManager.ViewPaths = new string[] { "~/Common" };
				RadEditor1.ImageManager.UploadPaths = new string[] { "~/Common" };
				RadEditor1.ImageManager.DeletePaths = new string[] { "~/Common", "~/Marketing" };
				break;
			default: /*all users*/
				RadEditor1.ImageManager.ViewPaths = new string[] { "~/Common/Resources" };
				RadEditor1.ImageManager.UploadPaths = new string[] { "~/Common/Resources" };
				RadEditor1.ImageManager.DeletePaths = new string[] { "~/Common/Resources", "~/Marketing/Resources" };
				break;
		}
	}
} 

The ViewPaths, UploadPaths and DeletePaths properties should point to a folder that is:

  • a subdirectory of your web application
  • a directory placed in the root of IIS - you can set this folder by using the / forward slash symbol, e.g. ViewPaths = " /Files ";
  • a virtual directory of your web application that has a physical path pointing outside of your web application.

You should also grant full ASPNET (WinXP) / NETWORK SERVICE (Win 2003 and Vista) account permissions to the Files Folders.

See Also

In this article
See Also
Not finding the help you need?
Contact Support