Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Matt Brailsford 2402 posts 11633 karma points MVP 6x c-trib
    Jul 24, 2015 @ 11:18
    Matt Brailsford
    1

    Umbraco 7.2.8 + Teacommerce 3.0.3 Security Exception on Edit Store

    I've installed a fresh install of Teacommerce 3.0.3 and a fresh install of Umbraco 7.2.8 however whenever I go to the edit store page for the store I have setup, I get a YSOD as follows, any ideas?

    Server Error in '/' Application.
    
    Security Exception
    
    Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. 
    
    Exception Details: System.Security.SecurityException: Security error.
    
    Source Error: 
    
    
    [No relevant source lines]
    
    Source File: c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\6e6a9604\30221736\App_Web_editstore.aspx.a6caedcd.hddwenkb.0.cs    Line: 0 
    
    Stack Trace: 
    
    
    [SecurityException: Security error.]
       TeaCommerce.Umbraco.Application.Views.Stores.EditStore.OnInit(EventArgs e) +1471
       System.Web.UI.Control.InitRecursive(Control namingContainer) +186
       System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +12309539
       System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +12309057
       System.Web.UI.Page.ProcessRequest() +119
       System.Web.UI.Page.ProcessRequest(HttpContext context) +99
       ASP.app_plugins_teacommerce_views_stores_editstore_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\6e6a9604\30221736\App_Web_editstore.aspx.a6caedcd.hddwenkb.0.cs:0
       System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +913
       System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +165
    
    Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.34248
    
  • Stephen Roberts 47 posts 511 karma points c-trib
    Jul 24, 2015 @ 12:17
    Stephen Roberts
    0

    What does Source File: c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\6e6a9604\30221736\AppWebeditstore.aspx.a6caedcd.hddwenkb.0.cs Line: 0

    Contain?

  • Stephen Roberts 47 posts 511 karma points c-trib
    Jul 24, 2015 @ 12:20
  • Matt Brailsford 2402 posts 11633 karma points MVP 6x c-trib
    Jul 24, 2015 @ 12:21
    Matt Brailsford
    0

    Already tried that, didn't fix it (emptied temp files, restarted IIS, etc) :(

  • Matt Brailsford 2402 posts 11633 karma points MVP 6x c-trib
    Jul 24, 2015 @ 17:48
    Matt Brailsford
    102

    Ok, I think I sussed it out, though I did have to slightly violate the licensing agreement a little :) (Any update on whether TC will be open sourced? ;))

    So it looks like the issue is with the EditStore code behind, in that, it uses a PermissionService to determine whether the current logged in user has permission to edit the store. But the problem is, the Permissions property (which is populated by via the PermissionsService) is populated at the time of instantiation for the EditStore class, which at this point, the current logged in user is not yet set (which PermissionService uses to lookup the Permissions to return), and so the page thinks "there is no user, and so you don't have permission"

    This doesn't seem to be a problem on other views because the Permissions property is populated during the OnInit call which gives Umbraco enough time to set the current User and so works as expected.

    My guess at a fix would be to move the population of the Permissions property to be within the OnInit function like the other pages so that the current user can be set.

    Now if only I could issue a PR ;)

    Matt

  • Tom Steer 161 posts 596 karma points
    Aug 03, 2015 @ 11:18
    Tom Steer
    0

    Hey TC,

    When do you plan to release an official fix for this?

    Cheers,

    Tom

  • Christer Josefsson 53 posts 81 karma points
    Oct 09, 2015 @ 07:20
    Christer Josefsson
    0

    I'm having this problem after upgrading to 7.2.8. Any fix on the way?

  • Peter 3 posts 23 karma points
    Mar 20, 2016 @ 02:59
    Peter
    0

    Hi there,

    We also have the same problem in Umbraco 7.2.8 with 3.x versions of Teacommerce (we have tried all).

    We have tried everything suggested such as clearing the ASP.Net cache, and even restarting the server. Have also tried setting High Trust on security.

    Is there a solution or workaround to this problem?

    Thanks, Peter

    Screenshot

Please Sign in or register to post replies

Write your reply to:

Draft