Checking Permissions in the Control Panel

Table of Contents

How The Control Panel Handles Permissions
Defining Permissions
Checking Permissions
Checking a Single Permission
Checking Multiple Permissions
Using Permissions in Templates
Using the Recite Permissions Exception

In Recite CMS it is possible to restrict which actions each user is allowed to perform. Permissions are defined on a per-role basis. That is, each user belongs to a certain role, and each role has certain things they are and aren't allowed to do.

Users and roles can be managed either from within the Control Panel or from within the Recite administration section. This chapter does not deal with how to manage users and roles, but rather, shows you to create and check permissions.

How The Control Panel Handles Permissions

When you perform a (failed) permissions check in your PHP code, an Application_User_Permissions_Exception exception is thrown. Recite will automatically catch this exception and send an appropriate message to the Control Panel so the user knows a permissions error occurred. As a developer all you need to do is ensure the exception is thrown when you want permissions enforced.

Sometimes you simply want to check if a user has permission to do something (rather than telling them they don't have permission to do something). The Recite permissions API allows you to easily do this. This is covered later in this chapter.