I'm creating a news section on a site which requires users to be logged in to view the news stories in full, however I need anonymouse users to be able to see the index (container) page, it's only when they click to read the story that they should be redirected. I know I could do this by setting the public access setting on each news story, but i was wondering if anyone knows how to do this in a single sweep (ie I don't have to trust the editors to set the permissions)
I think it should be possible to achieve using the "BeforePublish" event where you can specify that all nodes created under your container node should be protected.
You could create a control on the template that programatically checks the permissions? This was you don't need to set any permissions, you can just check the users roles before rendering the page.
Just as an addition for others who want to use this, I'm pretty sure it will only work from version 4 as I believe it uses the membership provider to check permissions.
And, just another usefull snippet, I also created an extension method for use in my XSLT files to check whether a user has permission to access a given node (Similar to umbraco.library.HasAccess)
How to protect child pages only?
Hi Guys,
I'm creating a news section on a site which requires users to be logged in to view the news stories in full, however I need anonymouse users to be able to see the index (container) page, it's only when they click to read the story that they should be redirected. I know I could do this by setting the public access setting on each news story, but i was wondering if anyone knows how to do this in a single sweep (ie I don't have to trust the editors to set the permissions)
Many thanks
Matt
Hi Matt
I think it should be possible to achieve using the "BeforePublish" event where you can specify that all nodes created under your container node should be protected.
I think that you can find some inspiration on how to do it in this post http://our.umbraco.org/forum/developers/api-questions/7217-Programitically-setting-public-access-to-a-document
Hope this helps.
/Jan
You could create a control on the template that programatically checks the permissions? This was you don't need to set any permissions, you can just check the users roles before rendering the page.
Chris
Hi Guys,
Just to let you know, I solved my problem be securing the folders using the web.config
(I've had to turn off extensionless urls for this however)
I chose this route as it didn't require the editors to remember to do anything, and if it ever needs changing, it only needs changing in once place.
Thanks for your sugestions guys.
Matt
Hi Matt
That seems like a very clever and simple solution too. I actually did not know about this oportunity untill now. Thanks for posting it :-)
/Jan
No problem,
Just as an addition for others who want to use this, I'm pretty sure it will only work from version 4 as I believe it uses the membership provider to check permissions.
And, just another usefull snippet, I also created an extension method for use in my XSLT files to check whether a user has permission to access a given node (Similar to umbraco.library.HasAccess)
public bool HasAccess(int id)
{
string url = umbraco.library.NiceUrl(id);
return System.Web.Security.UrlAuthorizationModule.CheckUrlAccessForPrincipal(url, System.Web.HttpContext.Current.User, "GET");
}
Matt
is working on a reply...
This forum is in read-only mode while we transition to the new forum.
You can continue this topic on the new forum by tapping the "Continue discussion" link below.