Orchard CMS - limiting pages to only a specific layer - how?

Question

Silly really - but I just can't seem to find my way around this just yet....

I installed the Orchard CMS in Azure - worked like a charm, added a few pages, played around, watched the Pluralsight "Orchard Fundamentals" course - seemed to make a lot of sense.

But now I'm stuck - I'm trying to create a public facing site, where some of the pages should be visible to any visitor including anonymous users, and some of course should be visible to only authenticated users.

OK, so I understand those are layers in play - default for everyone, authenticated for authenticated users - great. But how do I limit a given page which is present as Content in my dashboard so that it'll be displayed only on a given layer (e.g. only on the authenticated layer - not the default layer for everyone)

Seems like a simple task - but I just cannot seem to find the way to do it (nor does any of the docs or tutorial videos really help :-( )

Any takers?

Answer 1

Layers are only for widgets. In order to restrict access to a content item such as a page, what you need is content item permissions. That's a separate feature that is not enabled by default.

To enabled the Content Item Permissions module

1. In the admin panel go to Modules

2. Start typing permissions into the filter box at the top left hand corner of the tabs.

3. The Content Item Permissions should be shown in the list, click Enable in the top right hand corner of its box

This will reload the page and you should see a message at the top saying Content Item Permissions was enabled

Enabling this feature with your pages

Orchard CMS uses a concept where you can glue components together however you want them to be composed in order for them to support the features you want. The concept of a page is just a collection of parts like a page title, a url, text, setting a publish date and things like that.

By default simply enabling the module doesn't make any difference. You will need to add the feature to the Page content. To do this you just need to:

1. In the admin panel go to Content Definition

2. Find / filter the Page content type and click Edit on the right hand side

3. Scroll down to Parts and click Add Parts

4. Search for Content Permissions in the list, tick the checkbox and press Save at the bottom of the page

5. You will be taken back to the Page content definition screen. At the bottom of the Parts list you will now see a Content Permissions entry. If you want to set up defaults for new pages click the little > arrow to the left of the header and a panel will expand.

If you want to add it to other content types such as blog posts then you can repeat this process and add it to any content type you want to.

Making an individual page password protected

Now that the feature is enabled and attached to your Page content type you can create a new private page by following these steps:

1. In the admin panel click New > Page in the sidebar

2. Give the page some basic content

3. Scroll down close to the end of the page and tick the checkbox labelled Enable Content Item access control

4. Let's say you want to make it so anon uses cannot see the page. Under the View this item section just tick all of the roles except for Anonymous (the second one in the list)

5. Publish the page

6. Open up a new incognito / in-private browser tab (so the site thinks you aren't logged in) and visit the new page you just published.

   You will be redirected to an error screen similar to this page:

   

Answer 2

You will want to enable the Content Item Permissions feature in order to restrict individual content items to certain permissions. With layers you can only make widgets appear in different zones defined in your theme when the layer's rules are met.

To enable the Content Item Permissions feature, go to your admin dashboard and click on "Modules" on the left hand side. On the modules page enter "Content Item Permissions" in the filter text box to help find the feature. Click on the enable button of the feature in the top right corner. The feature will now be enabled.

Now that you have the feature enabled, you need to add the Content Permissions part to one of your content definitions. To do this click on "Content Definition" on the left hand side of the admin dashboard. Find the content type you want to add permissions to (for instance, Page) and click the edit button. Click the Add Parts button. You will see a list of parts you can add to the content type. Check the checkbox next to Content Permissions and click save.

Next, in the admin dashboard go to one of your content items that is of the content type that you just added the content permissions part to. You will see a new checkbox towards the bottom to enable content item access control. Click the checkbox and you will be able to set the different roles for that content item.

Edit: It looks like it took me too long to write my response. rtpHarry's editted answer is very similar but better formatted.