Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Dominic Resch 45 posts 115 karma points
    Jan 26, 2024 @ 17:46
    Dominic Resch
    0

    V13.1: Assign members to a group during registration

    Greetings,

    the following:

    I would like to automatically assign a group to a new member who registers. Now, of course, I have found the following link:

    https://docs.umbraco.com/umbraco-cms/tutorials/members-registration-and-login#assigning-new-members-to-groups-automatically

    The advice here is to copy the source code of the existing UmbRegisterController and create a new controller with the same code, except that you add the modification so that the member is assigned the group.

    So far, so good.

    But: Is this really the best way? My problem with this is that if the controller is modified in any new Umbraco version (e.g. bug fixing), the new version will not be used at all. Now imagine there is a security gap. Wouldn't that be fatal?

    Shouldn't we create a new controller instead, which derives from the existing UmbRegisterController and "overwrites" the "HandleRegisterMember" method with the "new" keyword?

    I know that hiding the existing implementation is often regarded as "bad practice". But in this case, wouldn't it be more appropriate than copying the code and not benefiting from bug fixes/security patches?

    As an example:

    [
        HttpPost,
        ValidateAntiForgeryToken,
        ValidateUmbracoFormRouteString
    ]
    public new async Task<IActionResult> HandleRegisterMember(
        [Bind(Prefix = "registerModel")] RegisterModel registerModel)
    {
        IActionResult result = await base.HandleRegisterMember(registerModel);
    
        if (string.IsNullOrWhiteSpace(registerModel.Username))
        {
            return result;
        }
    
        if (!memberService.Exists(registerModel.Username))
        {
            return result;
        }
    
        memberService.AssignRole(registerModel.Username, "Foo");
    
        return result;
    }
    
Please Sign in or register to post replies

Write your reply to:

Draft