[Quite urgent] Redirect to an authenticated document and getting authenticated documents via API - Bugs & Issues - Bugs & Issues - Progress Community

[Quite urgent] Redirect to an authenticated document and getting authenticated documents via API

 Bugs & Issues

[Quite urgent] Redirect to an authenticated document and getting authenticated documents via API

  • [Quite urgent] Redirect to an authenticated document and getting authenticated documents via API
  • Hello,

    please excuse me but I've 2 problems I need to solve ASAP.I've protected all my documents having set the Access to only authenticated users. When a user directly past a link I intercept the UnauthorizedAccessException in the Global.asax as

     

    [code]

      protected void Application_Error(object sender, EventArgs e)
           

                var error = this.Context.Error as UnauthorizedAccessException;

                if (error != null)
               
                    string param = string.Format("0?return=1", ConfigurationManager.AppSettings.Get("redirect"), this.Context.Request.Path);
                    Response.Redirect(param, true);
               
           

    [/code]

     

    I've a custom LoginControl defined as

    [code] 

    using System;
    using System.Web;
    using System.Web.SessionState;
    using System.Web.UI;
    using IFSitefinity.Repositories;
    using NLog;
    using Telerik.Sitefinity.Web.UI.PublicControls;

    namespace IFSitefinity

        public class IFLoginControl : LoginControl
       
            private readonly ILogger logger = LogManager.GetCurrentClassLogger();
            private readonly IDataAccessRepository dataAccessRepository;
            private string returnURL;

            public IFLoginControl()
           
                dataAccessRepository = new DataAccessRepository();

                this.Load += IFLoginControl_Load;
           

            void IFLoginControl_Load(object sender, EventArgs e)
           
                var parameters = HttpContext.Current.Request.Params["return"];
                if (parameters != null)
               
                    returnURL = parameters;
               
           


            public override string UserName
           
                get
               
                    return base.UserName.ToLower();
               
                set
               
                    base.UserName = value;
               
           



            protected override void OnLoggedIn(EventArgs e)
           
                logger.Trace("User 0 logged in ", UserName);

                if (HttpContext.Current != null && HttpContext.Current.Session != null && HttpContext.Current.Session.Mode != SessionStateMode.Off)
               
                    //I need to add NDG as well
                    string ndg = string.Empty;

                    try
                   
                        ndg = dataAccessRepository.GetNdgFromUsername(UserName);
                   
                    catch (Exception ex)
                   
                        string error = string.Format("Unable to find NDG for UserName : 0", UserName, ex.Message);

                        logger.Error(error, ex);
                   

                    if (!string.IsNullOrEmpty(ndg))
                   
                        HttpContext.Current.Session["NDG"] = ndg;
                   
                    else
                   
                        string error = string.Format("Unable to find NDG for UserName : 0", UserName);
                        logger.Error(error);
                   

                    HttpContext.Current.Session["UserName"] = UserName;
               

                base.OnLoggedIn(e);
           
       

    [/code]

    But I don't know how to set the redirect to the page, should I only set 

     

    Response.Redirect(returnURL) or there's a better way?

     

    Another question is related to the content visibility.

    Before when a user logged in I was pointing to /Content and each ascx was loading it's data. Now that I've protected the documents I see no documents for each ascx I was loading

     

    For example

     

     public List<Document> GetMoreReads(int numItems, int giorniPrecedenti, bool showOperativita)
           
                List<Document> res = new List<Document>();

                try
               
                    int value = Math.Abs(giorniPrecedenti);
                    DateTime dataMinima = DateTime.Now.AddDays(-value);

                    var res1 = App.WorkWith().Documents().Where(o1 => o1.Status == ContentLifecycleStatus.Live && o1.ViewsCount > 0
                             && o1.PublicationDate >= dataMinima && o1.PublicationDate <= DateTime.Now).OrderByDescending(o2 => o2.ViewsCount);

                    var docs = res1.Get();

                    int count = 0;

                    if (showOperativita)
                   
                        var docsToTake = docs.Take(numItems);
                        res.AddRange(docsToTake);
                   
                    else
                   
                        var lstCategories = repository.GetCategoriesForStatistics();

                        Stopwatch sw = Stopwatch.StartNew();

                        foreach (var document in docs)
                       
                            var taxon = TaxonomyHelper.GetTaxonForDocument(document, "Category");

                            if (lstCategories.Contains(taxon) && count < numItems)
                           
                                res.Add(document);
                                count++;
                           
                       
                        sw.Stop();

                        int t = 0;
                   
               
                catch (Exception ex)
               
                    logger.Error(ex);
                
               

                return res;
           
        ​

     

    What should I put the permission?

    Thanks

  • Hello Paolo,

    Yes, you can use "Response.Redirect()".  Alternatively I would recommend you to set a frontend login page:
    - Single site project 
    - Multisite project
    Thus the unauthorized users should be automatically redirected when Authorization is needed.


    Regarding the second question about Content visibility - More information about permissions API and how to check the permissions is available here:
    http://docs.sitefinity.com/for-developers-permissions-api
    http://docs.sitefinity.com/for-developers-check-and-demand-permissions
    http://docs.sitefinity.com/for-developers-get-the-current-user 

    Regards,
    Svetoslav Manchev
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items