Publishing from Template Code Using an Impersonated User

This topic touches on hot Tridion practices, both of them debatable:

• Publishing from Template code;
• Impersonating a user in Template code;

I won't go into the debate (maybe I'll write about it at a later stage). I will just say that I don't find it bad practice to impersonate in templates, hence the code and topic below.

The use case for "publishing from template code" comes mainly when dealing with Multimedia Components that need to be published also as Dynamic Component Presentations (DCPs). If they weren't publish from template code, you would either have to publish them manually or from some event system. I think both alternatives are clumsy and less suitable than the publish from template code.

So, my requirement is to issue a Publish on a given Tridion item from template code. The publish should have the same properties as the original item (the one currently being rendered by templates). So, the same target, user, and priority.

First, we need to retrieve the "Current Publish Transaction". As I mentioned in my earlier post, this is not possible in Tridion 2011SP1 using the API. Rather, you can use the little hack I presented in "Get Current Publish Transaction". Once we have the PublishTransaction, we can use the properties .Creator and .PublishPriority to get the user and priority, respectively.

Additionally, in order to retrieve the current PublicationTarget, we can use engine.PublishingContext.PublicationTarget.

public void Publish(Engine engine, String tcmUri, User user, PublishPriority priority)

{

    Session session = new Session(user.Title);

    PublishInstruction publishInstruction = new PublishInstruction(session);

    RenderInstruction renderInstruction = new RenderInstruction(session);

    renderInstruction.RenderMode = RenderMode.Publish; // work around. needs to be specified for binaries.

    publishInstruction.RenderInstruction = renderInstruction;

    List<IdentifiableObject> items = new List<IdentifiableObject>() { session.GetObject(tcmUri) };

    List<PublicationTarget> targets = new List<PublicationTarget>() { engine.PublishingContext.PublicationTarget };

    PublishEngine.Publish(items, publishInstruction, targets, priority);

    session.Dispose();

}

Note: the code above is not production ready, rather it is just an example. It is not checking whether the render mode is Publish or Preview. Also, for performance reasons, it should check whether the binary has already been queued up for publishing, and if so, then don't queue it again.

Using the code-above is rather simple:

    PublishTransaction currentTransaction = TemplateUtils.GetPublishTransaction(engine);

    TemplateUtils.Publish(engine, itemUri, currentTransaction.Creator, currentTransaction.Priority);

The trick when publishing with an impersonated user is to create the PublishInstruction and RenderInstruction using the impersonated Session. Additionally, the item to publish has to be also retrieved with the impersonated Session.

Finally, in order for the impersonation to work from template code, the SYSTEM user has to be allowed to impersonate in Tridion. The reason for this is the user executing the template code is by default the SYSTEM user (i.e. the user running the Tridion Content Manager Publisher service).

Open the SDL Tridion Content Manager configuration MMC snap-in and expand nodes SDL Tridion Content Manager / Impersonation Users. Add impersonation user NT AUTHORITY\SYSTEM with user type Windows.

Shutdown COM+ application SDL Tridion Content Manager under Component Services / Computers / My Computer / COM+ Applications. Restart Transport and Publisher services.