+1-888-365-2779
Try Now
More in this section

Forums / Security / Page Group Security Issue

Page Group Security Issue

4 posts, 0 answered
  1. Scott McNeany
    Scott McNeany avatar
    44 posts
    Registered:
    09 Mar 2010
    29 Sep 2010
    Link to this post
    Hello, I've got some odd behavior occurring with two separate pages in a page group, and was hoping you could provide me with some more information so I can debug the behavior.

    I'm using the multiple provider model, and the permission is restricted at the page group level to a single role (in ASP.NET Membership tables). 

    Here is my issue:

    One of my pages is not taking the permission at all - I can get to it without logging in.

    The other page gives me an error saying "This Type of Page is Not Served", whether I'm logged in or not.

    Like I said, I've compared permissions on these pages many times and they are EXACTLY the same. I even have other pages with the same permissions that are functioning correctly (user must be logged in to see the page).

    So what I'm looking for is a database table or something that I can see the permissions, or some other way of debugging this behavior. I'm really confused on this.

    Thank you,

    Scott
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    19 Sep 2016
    29 Sep 2010
    Link to this post
    Hello Scott McNeany,

    There are three  general reasons for this behavior

    1. This user belongs to two or more roles and for one of these roles there is View - Deny. In this case Deny has higher priority than allow and exception is thrown

    2. There is some page inheritance - parent -> child and the permissions are not the same

    3. There are some permissions for everyone role - which is built-in role and all other custom roles inherit permissions from it.

    I believe that the problem is somewhere in 1 or 2.

    Kind regards,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  3. Scott McNeany
    Scott McNeany avatar
    44 posts
    Registered:
    09 Mar 2010
    29 Sep 2010
    Link to this post
    Thanks for the quick reply Ivan.

    I don't believe #1 is the case, because none of my users have multiple roles.

    I just broke inheritance and found this behavior to be kind of interesting. 

    By default, the page that I could get to WITHOUT logging in had 'Allow' checked for 'Everyone'. However, it DID NOT have this before breaking inheritance.

    Also when breaking inheritance, the page that gave me the 'Page Not Served' error did not have any boxes checked.

    Could it be possible that these pages were moved from different page groups, and that somehow it carried permission with them? I'm just speculating on why these pages could show the same permission, yet default differently when inheritance was broken.

    Either way, i know that I can break inheritance to get around any issues that I find, so it's not high priority.

  4. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    19 Sep 2016
    29 Sep 2010
    Link to this post
    Hi Scott McNeany,

    [sf_SecPerms] table in the database keeps all rights over a given object. Your role should have at least View - 1 Granted.

    You can use the code provided in this post to see permissions for each role you want.

    Sincerely yours,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
Register for webinar
4 posts, 0 answered