+1-888-365-2779
Try Now
More in this section

Forums / General Discussions / Module Permissions

Module Permissions

19 posts, 0 answered
  1. Nelson
    Nelson avatar
    14 posts
    Registered:
    29 Dec 2010
    29 Dec 2010
    Link to this post
    Hi,

    I'm new to Sitefinity...

    I'm trying to develop a simple Sitefinity 4.0 module. One of the first things I noticed while using the administrative portion of the built-in modules is that they all have a list of actions that can be performed and who can perform them. For example, the events module has: "View event", "Create event", and so on. These restrictions can usually be defined by navigating to Settings > Permissions. My questions are:

    -When and how should a module register the "actions" that it supports as well as the roles that are allowed by default?

    -How should a module display these settings? (When the user clicks Settings > Permissions).

    Hopefully my questions are very simple.

    Thank you
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    31 Dec 2010
    Link to this post
    Hello Nelson,

    I sent a reply to you in this post. Let me know if there are any further questions.

    Best wishes,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  3. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    15 Feb 2011
    Link to this post
    Hi,

    I don't see how I may restrict access to the Settings > Files module in 4.0?

    Thanks
    Andrei
  4. Radoslav Georgiev
    Radoslav Georgiev avatar
    3370 posts
    Registered:
    01 Feb 2016
    16 Feb 2011
    Link to this post
    Hello Andrei,

    You have to go to Administration -> Permissions. There in the global permissions you have settings which define who can manage files.

    Greetings,
    Radoslav Georgiev
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  5. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    16 Feb 2011
    Link to this post
    Ok, I see.
    Cheers Radoslav
    Andrei
  6. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    02 Mar 2011
    Link to this post
    Hi,

    The next problem I have is trying to access the Documents & Files with an account which was denied access to the module.

    I keep getting the attached message box over and over again. There is nothing I can do but kill the page from the Task Manager. In Chrome it at least asks me to stop all the further message boxes. It is teh same for the Videos but have not checked all the others.

    Is it going through every document and telling me that I can not see it?

    Many thanks,
    Andrei
  7. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    07 Mar 2011
    Link to this post
    Guys, any takes on this?
    Thanks
  8. Sonya
    Sonya avatar
    205 posts
    Registered:
    29 Sep 2016
    07 Mar 2011
    Link to this post
    Hello Andrei,


    We will need more information to investigate the issue you describe. Could you please send  us the steps you follow and screen with the set permissions?

    Kind regards,
    Sonya
    the Telerik team
  9. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    07 Mar 2011
    Link to this post
    Sonya,

    I have created a new project with the latest release SP1 and did the following:

    1 - I have created a new Role called 'CRO'
    All I want this role to be able to do is edit the content of one single page in the site.

    2 - I have explicitly denied all the permissions that I could find  everywhere for this role. 

    3 - Then I went to the page that it will be editing and clicked on Permissions and explicitly 
    denied it everything apart from 'View a page' and 'Edit page content' sections.

    Given the above, I expect to log in as that role and see the Pages module with all the pages
    greyed out apart from the single page it is allowed to edit. At the moment all I see is the Dashboard module.

    Where am I going wrong?

    Thanks,
    Andrei
  10. Sonya
    Sonya avatar
    205 posts
    Registered:
    29 Sep 2016
    07 Mar 2011
    Link to this post
    Hello Andrei,

    Let's try this

    1. Create a new Role called Test
    Note: By default this role has not assigned permissions.
    2. To make Pages menu visible go to Administration » Backend Pages.
    3. Click OK, Continue! - The structure of the backend opens in Pages page.
    4. Select Pages>Actions>Permissions - add Test role to View a page section
    5. Go to Pages and select the page for which Test role will be able to edit /view
    6.Click Actions>Permissions and set the following rights: View a page, Modify a page, Edit page content
    7. Log out and then Log in as a user of role Test


    All the best,
    Sonya
    the Telerik team
  11. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    08 Mar 2011
    Link to this post
    Sonya,

    We are looking good. After following your steps, it seems to be working fine now.

    Many thanks,
    Andrei
  12. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    22 Mar 2011
    Link to this post
    Sonya,

    One more question on this issue.

    I have attempted to revert to a previous revision of the page using
    the restricted account. It allows me to do it, but the page never changes.
    It stays the same.

    It allows me to go through the entire process of reverting to a previous page
    but the page stays the same. The revision increases too but no change.

    When I try to revert with an administrator account, then it works fine.

    Why???

    Thanks,
    Andrei

    ---------------------
    I just went back to test again with an administrator and when trying to edit the page I get

    Server Error in '/' Application.

    More than one item in the sequence.

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.InvalidOperationException: More than one item in the sequence.

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

    Stack Trace:

    [InvalidOperationException: More than one item in the sequence.]
       Telerik.Sitefinity.Data.Linq.Oql.OqlQueryProvider`2.ExecuteKnownType(IObjectScope scope, String queryText, Boolean isEnumerable, Int32 skip, Int32 take, IList parameters, ElementOperator op) +1990
       Telerik.Sitefinity.Data.Linq.Oql.OqlQueryProvider`2.Execute(Expression expression) +937
       Telerik.Sitefinity.Data.Linq.QueryProvider`2.System.Linq.IQueryProvider.Execute(Expression expression) +130
       System.Linq.Queryable.SingleOrDefault(IQueryable`1 source) +265
       Telerik.Sitefinity.Modules.Pages.PageManager.EditPage(Guid id, Boolean lockIt) +1427
       Telerik.Sitefinity.Web.PageEditorRouteHandler.GetPageData(SiteMapNode node) +1792
       Telerik.Sitefinity.Web.RouteHandler.GetHttpHandler(RequestContext requestContext) +241
       Telerik.Sitefinity.Web.PageEditorRouteHandler.GetHttpHandler(RequestContext requestContext) +68
       System.Web.Routing.UrlRoutingModule.PostResolveRequestCache(HttpContextBase context) +8890312
       System.Web.Routing.UrlRoutingModule.OnApplicationPostResolveRequestCache(Object sender, EventArgs e) +86
       System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +148
       System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75
    


    Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1 

    ------
    And now it completely died. I can't even access the page in edit mode. I get the following and not sure what to do now.

    Server Error in '/' Application.

    The route handler 'Telerik.Sitefinity.Web.VersioningRouteHandler' did not return an IHttpHandler from its GetHttpHandler() method.

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.InvalidOperationException: The route handler 'Telerik.Sitefinity.Web.VersioningRouteHandler' did not return an IHttpHandler from its GetHttpHandler() method.

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

    Stack Trace:

    [InvalidOperationException: The route handler 'Telerik.Sitefinity.Web.VersioningRouteHandler' did not return an IHttpHandler from its GetHttpHandler() method.]
       System.Web.Routing.UrlRoutingModule.PostResolveRequestCache(HttpContextBase context) +8890435
       System.Web.Routing.UrlRoutingModule.OnApplicationPostResolveRequestCache(Object sender, EventArgs e) +86
       System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +148
       System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75
    


    Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1 

    How do I get my page back? 
    Help!!!
  13. Sonya
    Sonya avatar
    205 posts
    Registered:
    29 Sep 2016
    23 Mar 2011
    Link to this post
    Hello Andrei,

    The case you described is reproducible only if you try to restore previous version created by a user different than the restricted one. You should not have a problem to restore to a version which is created by the restricted user.

    I didn’t manage to reproduce the error you received. As a workaround i suggest you to:

    1. Select the problematic page
    2. Point to Action Menu and select Duplicate option
    3. Enter a new page Name and click Create and go to add content
    Check if the error still exists.

    Note: All permissions should be set manually after duplicate page is created.



    Regards,
    Sonya
    the Telerik team
  14. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    23 Mar 2011
    Link to this post
    Sonya,

    I did that already this morning.
    But why would the restricted user be allowed to go through the entire
    reverting process and the page stays the same???

    Thanks,
    Andrei
  15. Sonya
    Sonya avatar
    205 posts
    Registered:
    29 Sep 2016
    23 Mar 2011
    Link to this post
    Hi Andrei,

    There is indeed an issue with the current behavior and I logged a bug with ID=111318 in our system and forwarded for fixing. I updated your Telerik points.

    Best wishes,
    Sonya
    the Telerik team
  16. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    23 Mar 2011
    Link to this post
    Sonya,

    Would you recommend that I use the Administrator only to revert to previous versions then?

    Thanks for the points, although there is no change. It did not go up.

    Thanks,
    Andrei
  17. Sonya
    Sonya avatar
    205 posts
    Registered:
    29 Sep 2016
    24 Mar 2011
    Link to this post
    Hi Andrei, 

    Q: Would you recommend that I use the Administrator only to revert to previous versions then?
    A: Unfortunately at the moment there is no other workaround.  Yes, I recommend to use Administrator.


    Regards,
    Sonya
    the Telerik team
  18. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    07 Apr 2011
    Link to this post
    Sonya,

    After I have demonstrated the functionality to the customer. They liked it
    and now I am thinking is the a way to hide revisionning from the restricted user for that page.

    I am thinking if the customer will be told in the future that by the way the restricted user can
    revert a page back too, they may say - "Actually no, we want only administrators to revert a page".

    So really, I was asking for trouble when requesting that a restricted user revert a page. Now, I am asking
    how can I hide the revision reverting functionality from the restricted user.

    Many thanks,
    Andrei
  19. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    13 Apr 2011
    Link to this post
    Sonya,

    Not sure if you've seen my last post.

    Any thoughts or news at all?

    Many thanks,
    Andrei
19 posts, 0 answered