Sitecore: Security best practices

From time to time developer faces with the need to perform some action with the item in the scope of administrative user. In such case there are two possibilities:
SecurityDisabler and UserSwitcher.

Both of them allows developer to solve the task.  So, let’s what is the difference between them and which of them is most preferable to use.

SecurityDisabler

The SecurityDisabler elevates the users permission (temporarily) to administrator rights and so context user will be able to do anything on the system. Such ability could have the potential to be very dangerous to use and errors to potentially be very costly. An interesting side effect is that anything done with the SecurityDisabler will show up as being done by the sitecore\Anonymous role, messing up the audit trail.

private void SecurityDisablerExample(Sitecore.Data.Items.Item itemToEdit, Sitecore.Data.Items.Item itemToDelete)
{
   using (new Sitecore.SecurityModel.SecurityDisabler())
   {
      itemToEdit.Editing.BeginEdit();
      try
      {
         itemToEdit["Title"] = "Title from Code";
         //Commit the changes
         itemToEdit.Editing.EndEdit();
      }
      catch (Exception)
      {
         //Revert the Changes
         itemToEdit.Editing.CancelEdit();
      }

       //Using sitecore\testuser to delete an Item
       itemToDelete.Delete();
   }
}

UserSwitcher

UserSwitcher allows a segment of code to run under a specific user instead of current context user.

private void SecurityUserSwitcherExample(Sitecore.Data.Items.Item itemToEdit, Sitecore.Data.Items.Item itemToDelete)
{
   //User which is already created in Sitecore User Manager
   string testUser = @"sitecore\testuser";

   //User existing or not
   if (Sitecore.Security.Accounts.User.Exists(testUser))
   {

      //Getting Sitecore User Object with UserName
      Sitecore.Security.Accounts.User scUser =
      Sitecore.Security.Accounts.User.FromName(testUser, false);
      //Switching Context User
      using (new Sitecore.Security.Accounts.UserSwitcher(scUser))
      {
         //Using EditContext to edit an Item
        using (new Sitecore.Data.Items.EditContext(itemToEdit))
        {
           itemToEdit["Text"] = "Modified Text from Code";
        }

        //Using sitecore\testuser to delete an Item
        itemToDelete.Delete();
      }
    }
}

Conclusion

Assuming we have set up the access for the TestUser account correctly and pass some content item to modify and home item to delete. In case of SecurityDisabler all actions will be done. In case of UserSwitcher content item will be updated but on execution of delete action AccessDeniedException will be thrown because TestUser  doesn’t have appropriate rights.
Although this is a trivial example, it does point out the dangers of the SecurityDisabler.

Base on the information above I would recommend to configure special user with the appropriate rights (such approach could save us from dangerous in the future) and use UserSwitcher instead of using SecurityDisabler.

Enjoy!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s