Have a webpart hide its self, if the user doesn't have proper permission

Question

If the user creates a web part page in SharePoint and then adds one of my custom web parts to it, I would like to completely hide a web part depending on a particular users permissions.

For example, I have a reporting web part some users have access to reports and some don't, I don't even want some users to know that reports exist.

I have a custom security API that use to determine if security is allowed or denied, I would love to say:

    protected override void OnInit(EventArgs e) {
        bool allowed = PermissionServices.IsAllowed("Reports");
        if (!allowed) {
             this.Hide(); 
             // Where 'this' is the web part
        }
        base.OnInit(e);
    }

I don't control the page code so it has to be in the web part.

Answer 1

You are going to want to look into Audience Targeting.

Basically audience targeting allows you to customize a page based on the group of the person viewing it, so that a manager will go to "home.aspx" and see a top-sheet results WebPart that includes some statistics, but if a regular developer logs on to the same page, the WebPart won't appear.

You should be careful about confusing Audiences and Permissions. Audience targeting does NOT change the permissions of the users involved.

EDIT

Thanks to Kirk for pointing out that audience targeting only works in MOSS and not WSS.

Answer 2

You could definitely do your permissions check within your custom WebPart's Render() method. If the user doesn't have the permissions, just don't render anything.