Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error
Login and FunctionAttribute doubts
Options
Previous Topic Next Topic
luiz@wise.com.br
#1 Posted : Monday, April 19, 2010 11:57:16 PM(UTC)
Rank: Advanced Member
Groups: Registered

Joined: 3/4/2010(UTC)
Posts: 157
Location: brazil
I have this problems

1) i was thinking about creating a membership module with login, lost password and other things, but even if i mark the page as deny "?" it doen't go to my login page, it goes to the admin login

i saw this page and tried to change in kooboo but still had no sucess

http://stackoverflow.com...ogin-url-in-asp-net-mvc

I changed this code in the commomController (151) and now I can chance the login page in each application, will this cause any side effect?

Code:

if (!roleAuthorizer.IsAuthorized(Application.ApplicationName, this.Cms_Page.Denies, this.Cms_Page.Allows, User))
{
IEnumerable<CustomError> customErrors = CachedData.GetCustomErrors(Application.ApplicationName);
var customError = customErrors.Where(c => c.HttpStatusCode == HttpStatusCode.Unauthorized ).FirstOrDefault();
if (customError != null)
{
actionResult = this.Redirect(customError.Redirect);
return actionResult;
}
throw new UnauthorizedException(Resources.UnauthorizedAccess);
}


2) The function attibute doesn't seem to work if the module is on one page, but it works fine in the module admin page, is this the designed way to work?


is there a way to get the information if the actual user can use one function?
Back to top
WWW
 |  Edit by user
jifeng
#2 Posted : Tuesday, April 20, 2010 1:25:18 PM(UTC)
Rank: Administration
Groups: Administrators, Registered

Joined: 9/3/2009(UTC)
Posts: 1,555
Location: Xiamen China
1) Please try to use CustomError, see: http://www.kooboo.com/vi...tail/Custom_error_video

2) Yes, every module has his owner login page.

3)Yes, please use: ModuleInfo.IsAuthorized(string functionName, IPrincipal user)
Regards,

Jifeng Huang

Kooboo Team

Microsoft ASP.NET MVP
Back to top
WWW BLOG
luiz@wise.com.br
#3 Posted : Tuesday, April 20, 2010 8:56:01 PM(UTC)
Rank: Advanced Member
Groups: Registered

Joined: 3/4/2010(UTC)
Posts: 157
Location: brazil
1) for me it doesn't work this way, the page that opens is the kooboo admin login page

2) i didn't understand, or maybe i didn't explain right my question
a) In fact looks like the permission for the module does not inherit, if in the root Module I put deny ? but in the application i don't then the module doen't use the root deny

b) another thing that happened is that if I save im the application/module one module, then the module disapear from the application module list, back in the root module I open the detail and that module has no application selected anymore

3) thanks
Back to top
WWW
 |  Edit by user
jifeng
#4 Posted : Tuesday, April 20, 2010 9:58:22 PM(UTC)
Rank: Administration
Groups: Administrators, Registered

Joined: 9/3/2009(UTC)
Posts: 1,555
Location: Xiamen China
1) You can custom the login page when you appoint page for "Unauthorized" status.

2)
a) Yes, the module permission does not inherit. Every-application have to config itself permission settings.

b) Yes, that's a known bug. I have fixed the bug in the lastest developing code. But It does not effect the code executing.
Regards,

Jifeng Huang

Kooboo Team

Microsoft ASP.NET MVP
Back to top
WWW BLOG
luiz@wise.com.br
#5 Posted : Tuesday, April 20, 2010 10:03:57 PM(UTC)
Rank: Advanced Member
Groups: Registered

Joined: 3/4/2010(UTC)
Posts: 157
Location: brazil
1) but I did as the video and it redirects to the kooboo admin login, would it help if I send you the link? or the site package?


the web event shows this error

EventId:
c764193ab7524796af11facc37039d33
EventTime:
4/20/2010 11:11:36 AM
EventType:
System.Web.Management.WebRequestErrorEvent
EventCode:
100001
RequestUrl:
http://cms.wise.com.br/c-unauthorized/
ExceptionType:
Everest.CmsServices.Exceptions.UnauthorizedException
Details:
Event code: 100001 Event message: You have no permission to access the resource. Event time: 4/20/2010 11:11:36 AM Event time (UTC): 4/20/2010 2:11:36 PM Event ID: c764193ab7524796af11facc37039d33 Event sequence: 693 Event occurrence: 4 Event detail code: 0 Application information: Application domain: /LM/W3SVC/691328/Root-1-129162450685609299 Trust level: Full Application Virtual Path: / Application Path: C:\Inetpub\wwwroot\CMS\ Machine name: WISE11 Process information: Process ID: 2500 Process name: w3wp.exe Account name: NT AUTHORITY\SYSTEM Exception information: Exception type: Everest.CmsServices.Exceptions.UnauthorizedException Exception message: You have no permission to access the resource. Request information: Request URL: http://cms.wise.com.br/c-unauthorized/ Request path: /c-unauthorized/ User host address: 100.100.0.253 User: Is authenticated: False Authentication Type: Thread account name: NT AUTHORITY\SYSTEM Thread information: Thread ID: 5 Thread account name: NT AUTHORITY\SYSTEM Is impersonating: False Stack trace: at Everest.CmsServices.Controllers.CommonController.Execute() at lambda_method(ExecutionScope , ControllerBase , Object[] ) at System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters) at System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters) at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters) at System.Web.Mvc.ControllerActionInvoker.<>c__DisplayClassd.b__a() at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodFilter(IActionFilter filter, ActionExecutingContext preContext, Func`1 continuation) at System.Web.Mvc.ControllerActionInvoker.<>c__DisplayClassd.<>c__DisplayClassf.b__c() at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodWithFilters(ControllerContext controllerContext, IList`1 filters, ActionDescriptor actionDescriptor, IDictionary`2 parameters) at System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName) Custom event details:
Back to top
WWW
 |  Edit by user
jifeng
#6 Posted : Tuesday, April 20, 2010 11:24:16 PM(UTC)
Rank: Administration
Groups: Administrators, Registered

Joined: 9/3/2009(UTC)
Posts: 1,555
Location: Xiamen China
Yes, it will help me to investigate the issue.
Regards,

Jifeng Huang

Kooboo Team

Microsoft ASP.NET MVP
Back to top
WWW BLOG
luiz@wise.com.br
#7 Posted : Tuesday, April 20, 2010 11:30:31 PM(UTC)
Rank: Advanced Member
Groups: Registered

Joined: 3/4/2010(UTC)
Posts: 157
Location: brazil
I have another information

First opens the kooboo login, if I login then goes to my login page

http://ntbi01.wise.com.br/kooboo/c-SmallBusiness/

The products menu is marked as Deny '?'



we have another example but it's not online yet, i'll send later

this is the other example
http://cms.wise.com.br/c-Unauthorized
this url was created copying the video steps and it still open the kooboo admin url
Back to top
WWW
 |  Edit by user
jifeng
#8 Posted : Wednesday, April 21, 2010 10:07:07 AM(UTC)
Rank: Administration
Groups: Administrators, Registered

Joined: 9/3/2009(UTC)
Posts: 1,555
Location: Xiamen China
HI

Really bad, it is a bug. Please change the following code in the CommonController.cs to solve the problem:

filterContext.Result = new MVCTransferResult(pageUrl);

To:

filterContext.Result = new RedirectResult(pageUrl);

Regards,

Jifeng Huang

Kooboo Team

Microsoft ASP.NET MVP
Back to top
WWW BLOG
Users browsing this topic
Guest
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Powered by YAF 1.9.5.5 | YAF © 2003-2011, Yet Another Forum.NET
This page was generated in 0.535 seconds.