+1-888-365-2779
Try Now
More in this section

Forums / Bugs & Issues / [Quite urgent] Redirect to an authenticated document and getting authenticated documents via API

[Quite urgent] Redirect to an authenticated document and getting authenticated documents via API

2 posts, 0 answered
  1. Paolo
    Paolo avatar
    147 posts
    Registered:
    11 Jun 2009
    05 Aug 2015
    Link to this post

    Hello,

    please excuse me but I've 2 problems I need to solve ASAP.I've protected all my documents having set the Access to only authenticated users. When a user directly past a link I intercept the UnauthorizedAccessException in the Global.asax as

     

    [code]

      protected void Application_Error(object sender, EventArgs e)
            {

                var error = this.Context.Error as UnauthorizedAccessException;

                if (error != null)
                {
                    string param = string.Format("{0}?return={1}", ConfigurationManager.AppSettings.Get("redirect"), this.Context.Request.Path);
                    Response.Redirect(param, true);
                }
            }

    [/code]

     

    I've a custom LoginControl defined as

    [code] 

    using System;
    using System.Web;
    using System.Web.SessionState;
    using System.Web.UI;
    using IFSitefinity.Repositories;
    using NLog;
    using Telerik.Sitefinity.Web.UI.PublicControls;

    namespace IFSitefinity
    {
        public class IFLoginControl : LoginControl
        {
            private readonly ILogger logger = LogManager.GetCurrentClassLogger();
            private readonly IDataAccessRepository dataAccessRepository;
            private string returnURL;

            public IFLoginControl()
            {
                dataAccessRepository = new DataAccessRepository();

                this.Load += IFLoginControl_Load;
            }

            void IFLoginControl_Load(object sender, EventArgs e)
            {
                var parameters = HttpContext.Current.Request.Params["return"];
                if (parameters != null)
                {
                    returnURL = parameters;
                }
            }


            public override string UserName
            {
                get
                {
                    return base.UserName.ToLower();
                }
                set
                {
                    base.UserName = value;
                }
            }



            protected override void OnLoggedIn(EventArgs e)
            {
                logger.Trace("User {0} logged in ", UserName);

                if (HttpContext.Current != null && HttpContext.Current.Session != null && HttpContext.Current.Session.Mode != SessionStateMode.Off)
                {
                    //I need to add NDG as well
                    string ndg = string.Empty;

                    try
                    {
                        ndg = dataAccessRepository.GetNdgFromUsername(UserName);
                    }
                    catch (Exception ex)
                    {
                        string error = string.Format("Unable to find NDG for UserName : {0}", UserName, ex.Message);

                        logger.Error(error, ex);
                    }

                    if (!string.IsNullOrEmpty(ndg))
                    {
                        HttpContext.Current.Session["NDG"] = ndg;
                    }
                    else
                    {
                        string error = string.Format("Unable to find NDG for UserName : {0}", UserName);
                        logger.Error(error);
                    }

                    HttpContext.Current.Session["UserName"] = UserName;
                }

                base.OnLoggedIn(e);
            }
        }
    }

    [/code]

    But I don't know how to set the redirect to the page, should I only set 

     

    Response.Redirect(returnURL) or there's a better way?

     

    Another question is related to the content visibility.

    Before when a user logged in I was pointing to /Content and each ascx was loading it's data. Now that I've protected the documents I see no documents for each ascx I was loading

     

    For example

     

     public List<Document> GetMoreReads(int numItems, int giorniPrecedenti, bool showOperativita)
            {
                List<Document> res = new List<Document>();

                try
                {
                    int value = Math.Abs(giorniPrecedenti);
                    DateTime dataMinima = DateTime.Now.AddDays(-value);

                    var res1 = App.WorkWith().Documents().Where(o1 => o1.Status == ContentLifecycleStatus.Live && o1.ViewsCount > 0
                             && o1.PublicationDate >= dataMinima && o1.PublicationDate <= DateTime.Now).OrderByDescending(o2 => o2.ViewsCount);

                    var docs = res1.Get();

                    int count = 0;

                    if (showOperativita)
                    {
                        var docsToTake = docs.Take(numItems);
                        res.AddRange(docsToTake);
                    }
                    else
                    {
                        var lstCategories = repository.GetCategoriesForStatistics();

                        Stopwatch sw = Stopwatch.StartNew();

                        foreach (var document in docs)
                        {
                            var taxon = TaxonomyHelper.GetTaxonForDocument(document, "Category");

                            if (lstCategories.Contains(taxon) && count < numItems)
                            {
                                res.Add(document);
                                count++;
                            }
                        }
                        sw.Stop();

                        int t = 0;
                    }
                }
                catch (Exception ex)
                {
                    logger.Error(ex);
                
                }

                return res;
            }
        }​

     

    What should I put the permission?

    Thanks

  2. Svetoslav Manchev
    Svetoslav Manchev avatar
    735 posts
    Registered:
    29 Sep 2016
    07 Aug 2015
    Link to this post
    Hello Paolo,

    Yes, you can use "Response.Redirect()".  Alternatively I would recommend you to set a frontend login page:
    - Single site project 
    - Multisite project
    Thus the unauthorized users should be automatically redirected when Authorization is needed.


    Regarding the second question about Content visibility - More information about permissions API and how to check the permissions is available here:
    http://docs.sitefinity.com/for-developers-permissions-api
    http://docs.sitefinity.com/for-developers-check-and-demand-permissions
    http://docs.sitefinity.com/for-developers-get-the-current-user 

    Regards,
    Svetoslav Manchev
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
     
2 posts, 0 answered