Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Mike Taylor 155 posts 353 karma points
    Mar 28, 2013 @ 08:50
    Mike Taylor
    0

    Custom authorisation in HasAccess method... possible?

    Hi Richard

    I have a situation where certain media files are "activated" on a per-user basis (by entering a code printed on a physical product). In this instance, the media files should only be served to logged-in users who have activated those items.

    Is it possible to extend/override the HasAccess method to allow custom authorisation checks?

    Thanks

    Mike

  • Richard Soeteman 4049 posts 12922 karma points MVP 2x
    Mar 28, 2013 @ 13:49
    Richard Soeteman
    0

    Hi Mike,

    Yes it's possible. You have to use the event system where you can cancel access to a file. Currently onsite but someting like this should help you i think? More samples in the documentation check for events. http://mediaprotect.soetemansoftware.nl/documentation.aspx

     /// <summary>
        /// Example code for the Requesting event
        /// </summary>
        public class ProtectedFolderRequest : ApplicationBase
        {
            /// <summary>
            /// Constructor to wire up the requesting event
            /// Make sure your class derives from ApplicationBase otherwise this constructor never gets hit
            /// </summary>
            public ProtectedFolderRequest()
            {
                Request.FileRequesting += new Request.FileRequestingEventHandler(Request_FileRequesting);
            }

            /// <summary>
            /// Handles the FileRequesting event to check if the user has access
            /// </summary>
            private void Request_FileRequesting(object sender, MediaProtect.Library.EventArgs.FileRequestingEventArgs e)
            {
                //Check if the user request a protected folder and the role of the user
                if (e.Path.StartsWith("/protected/", StringComparison.CurrentCultureIgnoreCase) && !Roles.IsUserInRole("Subscriber"))
                {
                    //Cancel the event when a user requests a file from the /protected folder and is not in the subscriber role
                    e.Cancel = true;

                    //Specify the login page. MediaProtect will redirect to this page
                    e.RedirectPage = "/login/";
                }
            }
        }

    Let me know if you need ore info please.

    Hope this helps,

    Richard

Please Sign in or register to post replies

Write your reply to:

Draft