More in this section
Forums / Bugs & Issues / [Quite urgent] Redirect to an authenticated document and getting authenticated documents via API

[Quite urgent] Redirect to an authenticated document and getting authenticated documents via API

The forums are in read-only mode. In case that you want to directly contact the Progress Sitefinity team use the support center. In our Google Plus group you can find more than one thousand Sitefinity developers discussing different topics. For the Stack Overflow threads don’t forget to use the “Sitefinity” tag.
2 posts, 0 answered
  1. Paolo
    Paolo avatar
    147 posts
    Registered:
    11 Jun 2009
    05 Aug 2015
    Link to this post

    Hello,

    please excuse me but I've 2 problems I need to solve ASAP.I've protected all my documents having set the Access to only authenticated users. When a user directly past a link I intercept the UnauthorizedAccessException in the Global.asax as

     

    [code]

      protected void Application_Error(object sender, EventArgs e)
            {

                var error = this.Context.Error as UnauthorizedAccessException;

                if (error != null)
                {
                    string param = string.Format("{0}?return={1}", ConfigurationManager.AppSettings.Get("redirect"), this.Context.Request.Path);
                    Response.Redirect(param, true);
                }
            }

    [/code]

     

    I've a custom LoginControl defined as

    [code] 

    using System;
    using System.Web;
    using System.Web.SessionState;
    using System.Web.UI;
    using IFSitefinity.Repositories;
    using NLog;
    using Telerik.Sitefinity.Web.UI.PublicControls;

    namespace IFSitefinity
    {
        public class IFLoginControl : LoginControl
        {
            private readonly ILogger logger = LogManager.GetCurrentClassLogger();
            private readonly IDataAccessRepository dataAccessRepository;
            private string returnURL;

            public IFLoginControl()
            {
                dataAccessRepository = new DataAccessRepository();

                this.Load += IFLoginControl_Load;
            }

            void IFLoginControl_Load(object sender, EventArgs e)
            {
                var parameters = HttpContext.Current.Request.Params["return"];
                if (parameters != null)
                {
                    returnURL = parameters;
                }
            }


            public override string UserName
            {
                get
                {
                    return base.UserName.ToLower();
                }
                set
                {
                    base.UserName = value;
                }
            }



            protected override void OnLoggedIn(EventArgs e)
            {
                logger.Trace("User {0} logged in ", UserName);

                if (HttpContext.Current != null && HttpContext.Current.Session != null && HttpContext.Current.Session.Mode != SessionStateMode.Off)
                {
                    //I need to add NDG as well
                    string ndg = string.Empty;

                    try
                    {
                        ndg = dataAccessRepository.GetNdgFromUsername(UserName);
                    }
                    catch (Exception ex)
                    {
                        string error = string.Format("Unable to find NDG for UserName : {0}", UserName, ex.Message);

                        logger.Error(error, ex);
                    }

                    if (!string.IsNullOrEmpty(ndg))
                    {
                        HttpContext.Current.Session["NDG"] = ndg;
                    }
                    else
                    {
                        string error = string.Format("Unable to find NDG for UserName : {0}", UserName);
                        logger.Error(error);
                    }

                    HttpContext.Current.Session["UserName"] = UserName;
                }

                base.OnLoggedIn(e);
            }
        }
    }

    [/code]

    But I don't know how to set the redirect to the page, should I only set 

     

    Response.Redirect(returnURL) or there's a better way?

     

    Another question is related to the content visibility.

    Before when a user logged in I was pointing to /Content and each ascx was loading it's data. Now that I've protected the documents I see no documents for each ascx I was loading

     

    For example

     

     public List<Document> GetMoreReads(int numItems, int giorniPrecedenti, bool showOperativita)
            {
                List<Document> res = new List<Document>();

                try
                {
                    int value = Math.Abs(giorniPrecedenti);
                    DateTime dataMinima = DateTime.Now.AddDays(-value);

                    var res1 = App.WorkWith().Documents().Where(o1 => o1.Status == ContentLifecycleStatus.Live && o1.ViewsCount > 0
                             && o1.PublicationDate >= dataMinima && o1.PublicationDate <= DateTime.Now).OrderByDescending(o2 => o2.ViewsCount);

                    var docs = res1.Get();

                    int count = 0;

                    if (showOperativita)
                    {
                        var docsToTake = docs.Take(numItems);
                        res.AddRange(docsToTake);
                    }
                    else
                    {
                        var lstCategories = repository.GetCategoriesForStatistics();

                        Stopwatch sw = Stopwatch.StartNew();

                        foreach (var document in docs)
                        {
                            var taxon = TaxonomyHelper.GetTaxonForDocument(document, "Category");

                            if (lstCategories.Contains(taxon) && count < numItems)
                            {
                                res.Add(document);
                                count++;
                            }
                        }
                        sw.Stop();

                        int t = 0;
                    }
                }
                catch (Exception ex)
                {
                    logger.Error(ex);
                
                }

                return res;
            }
        }​

     

    What should I put the permission?

    Thanks

  2. Svetoslav Manchev
    Svetoslav Manchev avatar
    735 posts
    Registered:
    06 Sep 2017
    07 Aug 2015
    Link to this post
    Hello Paolo,

    Yes, you can use "Response.Redirect()".  Alternatively I would recommend you to set a frontend login page:
    - Single site project 
    - Multisite project
    Thus the unauthorized users should be automatically redirected when Authorization is needed.


    Regarding the second question about Content visibility - More information about permissions API and how to check the permissions is available here:
    http://docs.sitefinity.com/for-developers-permissions-api
    http://docs.sitefinity.com/for-developers-check-and-demand-permissions
    http://docs.sitefinity.com/for-developers-get-the-current-user 

    Regards,
    Svetoslav Manchev
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
     
2 posts, 0 answered