How to implement Role Base security for K2 SmartForms
Usually, we will implement the security on each and every form to check user authorization. In this article we will see how we can implement group level security trimming for all forms in one place.
K2 Automated Testing Software
BenchQA allows full test automation of K2, including fully automated K2 SmartForms and K2 Workflow testing. It promotes test driven development for K2 and ensures continued quality assurance for K2 solutions. Easily apply changes to test cases to accommodate changes to K2 apps and ensure all apps are regression tested to avoid defects and assure continuous quality.
Step 1: Create Class Library
a) Create a classlibrary project with a class inheriting from IHttpModule
b) Add event handlers – in our case we added three events – BeginRequest, PreRequestHandlerExecute, EndRequest
c) Implement your logic in PreRequestHandlerExecute Event, in this event we can get access to read the Logged-In user details and requested pagename.
d) Check the logged-in user groupname /Rolename using smartobjects
e) Check if the group has authorization to access the requested page by passing page name and group name.
f) If the group doesn’t have permission to access the requested page, then page will get redirected to the default page.
Step 2: Add ClassLibrary DLL to SmartForms Config File
a) Build the class library and do signing with strong naming key
b) Install DLL to GAC
c) Register ClassLibrary DLL in SmartForms runtime web.config file
Now, the users from Contribute/ Visitors group can access only their allowed forms.
Also we can make the list of page URL’s as dynamic by defining in the database table or some other appropriate places that can be modified by administrator.
How to implement Role Base security for K2 SmartForms