Announcing Distributed Role-based Sueetie Administration

This post is the one I referred to previously on the end of AjaxControlToolkit in Sueetie, as the last toolkit Control requiring a redesign was the Administration Menu. The menu was an AjaxControlToolkit Accordion Control, but it’s now pure jQuery and CSS. I based the new menu’s logic on the Sueetie Global Site Menu Control, which supports individual item and group theming, and display properties based on user role.

With an intelligent Sueetie Administration Menu it was time to add something I’ve been wanted to support in Sueetie for a while now: Distributed Role-based Administration Area Access.  Here’s more from the Sueetie How-To on Supporting Multiple Roles in Sueetie Administration.

___________________

Sueetie Administration is a Shared Experience

Sueetie originally supported either full Administrative Access or none at all. Users in the SueetieAdministrator role had full access, while others in, say, the MembershipAdministrator role had no access whatsoever. Sueetie gives you the ability to share administrative tasks among several roles, with the SueetieAdministrator having full access while other roles can access their own administrative functions only. This guide explains how multi-role Sueetie Administration access works and how you can control who can access what.

Administration Views by Function and Role

In Version 3.3 (planned release in September 2011), Sueetie supports three primary functions to supplement SueetieAdministrator role access: Membership, Marketplace and Content. Access is based on user role. Let’s take a look at the administrative views each of the roles would see.

First the SueetieAdministrator who has full access.

Image

Next we’ll look at what the ContentAdministrator sees. It should be noted that the ContentAdministrator has a prominent role in managing a Sueetie site’s content. That is reflected in the various areas of access the ContentAdministrator has in Sueetie Administration. While it’s difficult to see in the screenshot, the three areas the ContentAdministrator can access by default are "Content Management," "Addon Pack," and "Reports."

Image

Now we’ll look at the MembershipAdministrator’s view of Sueetie Administration. Like the MarketplaceAdministrator who can only access the Marketplace Administration functions, the MembershipAdministrator has full access to the Membership area but cannot access or view any other areas.

Image

Function Access and Nothing More

It is important to note that members of administrative roles other than SueetieAdministrator have access to their assigned areas only. Neither do they see the functions they cannot access. One caveat to keep in mind, however, is that the display of certain navigation elements is by area, not by specific function. For example, you can remove the ContentAdministrator Role from accessing "Slideshows" in the Addon Pack area. The role will not be able to use any slideshow support page, and while "Slideshows" will be hidden on the Administrative Sidebar menu, it will be displayed on the Addon Pack menu. For more granular control of views you can use the SUEETIE:UserRoles Control to display or hide page elements by role.

The Smart Administration Sidebar Menu

The sidebar administration menu is granular by function, not just by area. Let’s look at the Sidebar Menu’s construction. The menu’s HTML is located in /util/config/admin.config. Here’s an excerpt.

Image

The design of the Smart Administration Menu is very similar to the Sueetie SiteMenu Control. As you can see, each of the menu elements has a unique ID, which, through comparison with the AdminMenu area of the sueetie.config will either display or be hidden depending on the user’s role. Here is the excerpt of the definition area in /util/config/sueetie.config. This is where you would add or remove roles for viewing Administration Menu items.

Image

The Web.Config Has the Final Say

The /admin/web.confiig has the final say in determining whether a role has access to administration pages. Use the Sueetie /admin/web.config as a guide for adding access to pages and areas by role.

Don’t Forget to Add Role Access to the Site Menu

Before users in your new AnalyticsAdministrator Role can access the Analytics area in Sueetie Administration they’ll need to see the “Administration” link in the site menu. As we said, Administration Menu logic is similar to the Site Menu, so you can add any roles to the "AdminTab" element in the Sueetie.config to give other roles access to Sueetie Administration.

Image

Article written by

A long time developer, I was an early adopter of Linux in the mid-90's for a few years until I entered corporate environments and worked with Microsoft technologies like ASP, then .NET. In 2008 I released Sueetie, an Online Community Platform built in .NET. In late 2012 I returned to my Linux roots and locked in on Java development. Much of my work is available on GitHub.