Kentico Xperience 13 documentation and ASP.NET Core

Most documentation about running Xperience applications under ASP.NET Core can be found in a dedicated section: Developing Xperience applications using ASP.NET Core. The rest of the documentation still applies, but some code samples and scenarios might need slight modifications for Core projects.

Certain pages allow you to switch between Core and MVC 5 content using a selector located under the page heading.

All major differences between the MVC 5 and Core platforms are summarized in Migrating to ASP.NET Core.

×

Configuring permissions for forms

The Forms application enables content editors to create on-line forms. The forms can then be used to gather structured data from website users.

Access to forms functionality can be managed through permissions in the Permissions application, after you select the Module -> Forms permission matrix.

The Forms module has the following permissions:

  • Read form – members of the roles are allowed to view form configuration, fields and layout (not the actual records).
  • Create form – members of the roles are allowed to create new forms.
  • Edit form – members of the roles are allowed to edit form configuration, fields and layout (not the actual records).
  • Delete form including data – members of the roles are allowed to delete forms, including stored records.
  • Read data – members of the roles are allowed to view form records.
  • Edit data – members of the roles are allowed to create and edit form records
  • Delete data – members of the roles are allowed to delete existing form records
  • Destroy form – members of the roles are allowed to delete the version history of forms.

Modifying forms permissions

Security for individual forms

The roles which are authorized to read and modify a form and its data can also be specified for individual forms. To do this, edit () a particular form in the Forms application and switch to its Security tab. The following two options are available:

  • All form users – all users with access to the Forms application will be allowed to manage the form.
  • Only authorized roles – only members of the roles added to the box will be allowed to manage the form.

General module permissions for the Forms module (described above) must be granted to the role first. Then, you can further customize access to particular forms using the form-level settings. The fact that a role has permissions to access a particular form is not sufficient – the form-level settings only define if the particular form will be listed in the Forms application. 

Securing individual forms


Was this page helpful?