Scott,

Have you given any thought to the fact that if a host is logged in and performing tasks in file manager, that a non-logged in user can not only see that the host is on file manager but can click the link to file manager? Granted, they will get a login prompt, but you really don't want this user to know that that page even exists.

Is it possible to have WAT show only reference links associated to the current user's security level?

I'll be adding functionality to Where Are They? and the Users Online sub-project so you can select which roles to show, e.g. typically you would not show administrators.

I will see if I can also have an option to not show pages a user cannot see, I'll need to check if there any lookups on that however and to see if it affects performance too much..

What about an XML document like SiteURLs.config which uses regular expressions to match pages to be seen (or contains exceptions to hide).  There may be pages in the same role that you may not want other users to see, like Private Messages, MyProfile or similar.  This file could map the page to any name.

Scott wouldn't this work if added to the OnItemBound?

Dim objTab As New DotNetNuke.Entities.Tabs.TabController

Dim objTabInfo As DotNetNuke.Entities.Tabs.TabInfo = objTab.GetTab(objUserLocationInfo.TabID)

If objTabInfo.IsAdminTab Or objTabInfo.IsSuperTab Or Not objTabInfo.IsVisible Then

e.Item.Visible = False

End If

I haven't stress tested it but in some quick testing it seemed to work okay on the Admin/Host items. I haven't worked out tabs set to admin only by the admin/host themselves though.

Even better:

If Not DotNetNuke.Security.PortalSecurity.IsInRoles(objTabInfo.AuthorizedRoles) Then

e.Item.Visible = False

End If