• RedDot CMS Blog
• 05.04.2017
• EN

rdb: RQL Check if connected editor is in a user group

Motivation

Within a plugin I want to check, if the normal editor running the plugin is within a specific RD user group. Because the editor did not have the ServerManager module assigned, the usual RQL request didn’t work:

 RQL 
<IODATA loginguid="[!guid_login!]">  
  <ADMINISTRATION>  
    <GROUP guid="[!guid_group!]">  
      <USERS action="list"/>  
    </GROUP>  
  </ADMINISTRATION>  
</IODATA>  

All RQL requests with <ADMINISTRATION> needs ServerManager module assigned to the user running the request.

What I’m looking for was a similar check which works under the limited rights of a normal editor/author and uses the usual group assignment possibilities of RD within ServerManager.
 

Solution

I found out, that the RQL request to list all content classes within a folder checks for the user’s right on the content classes. So I created a content class with same name as user group name with a content class authorization package with that properties:

Everyone:  Use content class = deny
< user group name>: Use content class = allow

At the end I can check if the folder contains a template named equal to the <user group name> based on following RQL:

 RQL 
<IODATA loginguid="2A51E6531D1A4D02935BBCF4CD05A3EA" sessionkey="421138853e8oC524a665">  
    <TEMPLATELIST action="load" folderguid="6A6740BC44F7459081BFD1F25B1BF8F6"/>  
</IODATA> 

The following will allow a user who does not have ServerManager permission to list the groups that a user is assigned to in the current logged on project:

 RQL 
<IODATA loginguid="[!login_guid!]" sessionkey="[!key!]">
  <PROJECT>
    <USER guid="[1user_guid!]">
      <GROUPS action="list" />
    </USER>
  </PROJECT>
</IODATA>