Set_client_permissions

Set_client_permissions

{% set_client_permission %}

Defines whether the client has granted or deined permission for a particular feature (eg: sessions). The only permission defined by default is the session permission (configurable in the site properties). However, the template developer may use this mechanism for their own purposes as well.

The permissions defined by this method will be stored in the permissions cookie, which may be read and/or modified by client-side javascript.

{% set_client_permission [allow|deny|1|0]? permission_name renew? [with:value]? [always|for duration|until date]? %}

{% set_client_permission
mode
 
Must be one of allow, deny, 1 (alias for allow), or 0 (alias for deny). Defaults to allow
permission_name
 
The name of the permission to allow or deny. Defaults to the session permission
renew
 
If this permission has already been allowed or denied, the original permission expiration date will only be updated if "renew" is specified
with:
value
 
The value to store along with the specified permission
always
 
Specifies that the permission should not expire, which is a shortcut for a 50-year expiration date
for
 
Specify in combination with the duration. If specified, the always and until clauses are not allowed
duration
 
How long until the permission should expire, specified as "num [minutes|hours|days|weeks|months|years]" where num is a positive integer. May either be specified directly in the method or read from a variable
until
 
Specify in combination with the date. If specified, the always and for clauses are not allowed
date
 
The date that the permission will expire. If it is in the past, the permission will automatically be denied as expired
%}

If none of the expiration clauses are specified, the permission expiration date will default to 1 year in the future.

Remember that the expiration date specified here is for the permission, not for the effects of the permission. In the case of sessions, the expiration date defines how long the user has granted permission to have a session, regardless of the number or duration of sessions during that timeframe.

If the permission has a value, the value will be stored along with the permission regardless of whether the permission has been allowed or denied.

Permissions will never expire in the middle of a session - if a permission would be set to expire in the middle of a session, it will automatically be extended until the end of the session to prevent odd mid-session permission change bugs.

Examples

set_client_permission deny

Copy
{% if request.query_params.allow_session == "true" %}
{% var allow_length = "1 year" %}
{% if request.query_params.allow_months %}
{% set allow_length = request.query_params.allow_months | append: " months" %}
{% endif %}
{% set_client_permission allow session renew for allow_length %}
{% elsif request.query_params.deny_session == "true" %}
{% set_client_permission deny renew %}
--equivalent to {% set_client_permission deny session renew for 1 year %}
{% endif %}

set_client_permission by reference

Copy
{% if request.query_params.allow_networks %}
{% var networks = request.query_params.allow_networks | split: ',' %}
{% for network in networks %}
{% set_client_permission allow &network %}
{% endfor %}
{% endif %}

{% if request.query_params.deny_networks %}
{% var networks = request.query_params.allow_networks | split: ',' %}
{% for network in networks %}
{% set_client_permission deny &network %}
{% endfor %}
{% endif %}

set_client_permission third_party_login

Copy
{% if request.query_params.third_party_login %}
{% if request.query_params.third_party_login == "false" %}
{% set_client_permission deny ThirdPartyLogin %}
{% else %}
{% set_client_permission allow ThirdPartyLogin with:request.query_params.third_party_login %}
{% endif %}
{% endif %}