[AngularJsonOnlyConfiguration] // TODO: This could be applied with our Application Model conventions
[JsonExceptionFilter]
[IsBackOffice]
[UmbracoUserTimeoutFilter]
[Authorize(Policy = AuthorizationPolicies.BackOfficeAccess)]
[DisableBrowserCache]
[UmbracoRequireHttps]
[CheckIfUserTicketDataIsStale]
[MiddlewareFilter(typeof(UnhandledExceptionLoggerFilter))]
we've tried adding these (and various combinations of attributes as the IsBackOffice and Authorize attributes would seem the only ones we really need) but no joy.
appreciate this is a bit of a niche requirement but has anyone hit this and has a work around?!
Im curious to know how you managed to get an MVC view working with the backoffice as from my understanding this was only possible with HTML, AngularJS for the backoffice pages? Or are you hiding it inside an iFrame?
we return the html generated by the view and then display it in the backoffice:
the cool thing being you can use very simple mvc views for the backoffice or (with additional set up in bento) actually load the views used in the site meaning the 'preview' you get in the backoffice represents the frontend.
urfaceController is an MVC controller that interacts with the front-end rendering of an UmbracoPage. They can be used for rendering view components and for handling Form data submissions. SurfaceControllers are auto-routed which means you don't have to add/create your own routes for these controllers to work.
is it possible to lock down a 'UmbracoPageController' for backoffice use?
hey out there,
gotta an interesting one for ya: we need to return an mvc view in the backoffice. in v8, the
UmbracoAuthorizedControllerallowed you to do this......but in v9 this is no longer available!
for the moment, we're using a
UmbracoPageControllerand we're wondering if there's a way to lock it down so it's only accessible in the backoffice?looking at the UmbracoAuthorizedController in the core, it has the following attributes:
we've tried adding these (and various combinations of attributes as the
IsBackOfficeandAuthorizeattributes would seem the only ones we really need) but no joy.appreciate this is a bit of a niche requirement but has anyone hit this and has a work around?!
as ever, any suggestions are greatly received ;)
yes yes yes! blardy found out how to lock any controller down for backoffice use ;)
after a lot of searching and reading i randomly found this:
so i changed my controller route and then decorated the class with:
and like magic, it works!
based on what i'm seeing around. the
/umbraco/backoffice/*part of the route has caused a bit of confusion with other people too...but got there in the end, happy days.
Hi Jake
Im curious to know how you managed to get an MVC view working with the backoffice as from my understanding this was only possible with HTML, AngularJS for the backoffice pages? Or are you hiding it inside an iFrame?
Thanks
in bento, we load backoffice previews using angular/html.
this is the controller code:
https://github.com/KOBENDigital/bento.editor/blob/feature/v9/src/Bento.Core/Controllers/BentoApiController.cs
this is the angular:
https://github.com/KOBENDigital/bento.editor/blob/feature/v9/src/Bento.Website/App_Plugins/Bento/Directives/Components/blockpicker.directive.js#L385
and the html:
https://github.com/KOBENDigital/bento.editor/blob/feature/v9/src/Bento.Website/App_Plugins/Bento/Views/Components/bento-block-picker.html
we return the html generated by the view and then display it in the backoffice:
the cool thing being you can use very simple mvc views for the backoffice or (with additional set up in bento) actually load the views used in the site meaning the 'preview' you get in the backoffice represents the frontend.
urfaceController is an MVC controller that interacts with the front-end rendering of an UmbracoPage. They can be used for rendering view components and for handling Form data submissions. SurfaceControllers are auto-routed which means you don't have to add/create your own routes for these controllers to work.
MyBPCreditcard
is working on a reply...