Logged in user can only access 1 page?

Question

Using Orchard 1.6 Iv created a new role 'FactoryWorker'. When this user logs in from the front end I want them to be navigated to one page only.

OrchardLocal/System/ManufacturedProducts

I have set this page to be a print screen of the order details so the factory worker will know what products to get ready for ship out & they wont be able to navigate as no menu appears, but also need the other pages blocked incase the user decides to enter the URL of a page they arnt allowed access to.

This is the only page I want this particular user to be able to access(after they login), and I have added a logout button, which logs out the user and returns them to the home page.

So iv been looking through editing a role, with permissions and content etc...but this all seems to be applying to forms and content in general. where the user can access any content type etc...

So can someone advise me on how to do this? thanks for any replies

UPDATE I forgot to mention that this is not a content type, item or part I am talking about. I have created my own controller & View & VM which is accessible from the dash board (using the AdminMenu, which brings the admin user to OrchardLocal/System/ManufacturedProducts)

I have looked at Orchard.ContentPermissions Feature but it only seems to allow me to 1)Grant permissions for others or 2)Grant permission for own content

any ideas?

Answer 1

You can use a Request Filter, (I do not know if it is the best way) :

FilterProvider – defines the filter applied to each request. Resembles the way default ASP.NET MVC action filters work with the difference that it’s not an attribute. All FilterProvider objects are injected into the request pipeline and are applied to all requests (so you need to check if the current request is suitable for your filter at the beginning of an appropriate method).

From : http://www.szmyd.com.pl/blog/most-useful-orchard-extension-points

So you could implement something like this

public class Filter : FilterProvider, IAuthorizationFilter {

    private readonly IAuthenticationService _authenticationService;

    public Filter(IAuthenticationService authenticationService) {
        _authenticationService = authenticationService;
    }


    public void OnAuthorization(AuthorizationContext filterContext) {

        //If route is the restricted one
        if (filterContext.HttpContext.Request.Url.AbsoluteUri.Contains("OrchardLocal/System/ManufacturedProducts")) {

            //Get the logged user
            IUser loggedUser = _authenticationService.GetAuthenticatedUser();

            if (loggedUser == null)
                return filterContext.Result = new HttpUnauthorizedResult();

            //Get the Roles
            var roles = loggedUser.As<IUserRoles>().Roles;

            if (!roles.Contains("FactoryUser")) {
                //User is not authorized
                return filterContext.Result = new HttpUnauthorizedResult();
            }
        }
    }
}

Note: Untested code!

EDIT: Also you could invert the logic and check if the logged user has the role 'FactoryUser' and restrict its access to every page except the one they should see.

Answer 2

Your module can create a new permission (look at one of the permissions.cs files for examples), then create a role that has only that permission. Have your controller action check that permission (again, many examples found by finding usage of the permissions defined in one of the permissions.cs).

Answer 3

You can use the Content Permissions module. Using this module you can attach a content item permission part to a content type. This part allows you to choose which roles can see the content when you create it.