Skip to main content

How to use SecurityDisabler and UserSwitcher in Sitecore v6.5 – 6

If current context user doesn’t have permission to access this item, Sitecore will return null or throw exception. 
Note: It is recommended to provide context user with appropriate rights than using SecurityDisabler or UserSwitcher.
SecurityDisabler:  !
SecurityDisabler will elevate the context user to have administrative privilege and so context user will be able to do anything on the system.
new Sitecore.SecurityModel.SecurityDisabler();
UserSwitcher allows a segment of code to run under a specific user instead of current context user. 
new Sitecore.Security.Accounts.UserSwitcher(Sitecore.Security.Accounts.User.FromName("username",false));
Sample Code
        /// <summary>
        /// Code snippets explaining SecurityDisabler and UserSwitcher
        /// </summary>
        private void SecuritySample()
            //Getting Master Database
            Sitecore.Data.Database masterDB = Sitecore.Configuration.Factory.GetDatabase("master");
            //Getting a Sitecore Item
            Sitecore.Data.Items.Item home = masterDB.GetItem("/sitecore/content/Home"); 
            //Using Begin, End, Cancel Edit and Security Disabler
            //Using EditContext and Security User Switcher
        /// <summary>
        /// Using Begin, End, Cancel Edit and Security Disabler
        /// </summary>
        /// <param name="home"></param>
        private void BeginEditAndSecurityDisabler(Sitecore.Data.Items.Item home)
            using (new Sitecore.SecurityModel.SecurityDisabler())
                    home["Title"] = "Title from Code"; 
                    //Commit the changes
                catch (Exception)
                    //Revert the Changes
        /// <summary>
        /// Using EditContext and Security User Switcher
        /// </summary>
        /// <param name="home"></param>
        private void EditContextAndSecurityUserSwitcher(Sitecore.Data.Items.Item home)
            //User which is already created in Sitecore User Manager
            string testUser = @"sitecore\testuser"; 
            //User existing or not
            if (Sitecore.Security.Accounts.User.Exists(testUser))
                //Getting Sitecore User Object with UserName
                Sitecore.Security.Accounts.User scUser = Sitecore.Security.Accounts.User.FromName(testUser, false); 
                //Switching Context User
                using (new Sitecore.Security.Accounts.UserSwitcher(scUser))
                    //Using EditContext to edit an Item
                    using (new Sitecore.Data.Items.EditContext(home))
                        home["Text"] = "Modified Text from Code";
Before UserSwitcher:

After UserSwitcher:


Post a Comment

Popular posts from this blog

How to enable Single Sign On in Sitecore with Active Directory Users and Roles

(Assuming that reader has knowledge on Single Sign On)

Single sign on functionality needs the site not to be in anonymous authentication. In IIS, Basic or Windows authentication should be enabled.
How to enable windows authentication in IIS?
Single sign on functionality comes along with Active Directory Module from Sitecore. You can get the latest version from SDN. This module integrates AD to the Sitecore instance. This module needs the LDAP path and few provider configuration settings in web.config file.
SDN Link:
This module installs LDAP dll, configuration and few aspx pages. Once installed, we get the LDAP login page under /website/Sitecore/admin/ldaplogin.aspx. Along with that, we will be having few more roles in Sitecore.
sitecore\Sitecore Client Account Managing sitecore\Sitecore Client Authoring sitecore\Sitecore Client Configuring sitecore\Sitecore Client Designing sitecore\Sitecore Client Developing sitecore\Sitecore Client Forms Autho…

How to access Sitecore Items in Code Behind (Sitecore v6.5) – 4

To get a Sitecore Content Item, use Sitecore.Data.Database.GetItem(Path)
­Sitecore Content Item Class: Sitecore.Data.Items.Item(Get Sitecore Item from “/sitecore/content/Home/myItem”)Sitecore.Data.Database master = Sitecore.Configuration.Factory.GetDatabase("master");Sitecore.Data.Items.Item myItem = master.GetItem("/sitecore/content/Home/myItem");If item does not exist or current context user doesn’t have permission to access this item, Sitecore will return null or throw exception. Case is Insensitive while using path to get the items.To get a Sitecore Template Item, use Sitecore.Data.Database.GetTemplate(ID)­Sitecore Template Item Class: Sitecore.Data.Items.TemplateItem(Get Template Item: Folder Template)Sitecore.Data.Items.TemplateItem item = master.GetTemplate(Sitecore.TemplateIDs.Folder);To get a Sitecore Media Item, use Sitecore.Data.Database.GetItem(Path)­Sitecore Media Item Class: Sitecore.Data.Items.MediaItem(Get Media Item from “/sitecore/content/Media Lib…