ShouldAllowEdit

This is the place to report bugs and get support. When posting in this forum, please always provide as much detail as possible.

Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum, do not report it as a bug.

This is the place to report bugs and get support

When posting in this forum, please try to provide as many relevant details as possible. Particularly the following:

  • What operating system were you running when the bug appeared?
  • What database platform is your site using?
  • What version of mojoPortal are you running?
  • What version of .NET do you use?
  • What steps are necessary to reproduce the issue? Compare expected results vs actual results.
Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum.
This thread is closed to new posts. You must sign in to post in the forums.
6/20/2013 1:29:31 AM
Gravatar
Total Posts 29
Thomas N. TALESIS SARL Conseil / Expertise en développement DOTNET

ShouldAllowEdit

Hi all, 

I think  SiteModuleControl.ShouldAllowEdit() has probably a  bug because of the line:  

if (currentPage.EditRoles == "Admins;") { return false; }

It looks like a fast test, probably to try a gain on performances and to eliminate cases, but it seems wrong. (Or I missed something?)

In fact, even if we have tested the IsAdmin before, this assertion is wrong because the module should be editable upon its own AuthorizedEditRoles​ which is not tested yet.

I worked around the issue by adding an unused Role to the Page (so the expression currentPage.EditRoles == "Admins;" became false as EditRoles contains  somthing like "Admins;DummyRole; ") but I suggest to simply remove or comment this line:

Thank you, 

Best, 

Thomas.

6/20/2013 6:23:49 AM
Gravatar
Total Posts 18439

Re: ShouldAllowEdit

I don't think it is a bug. When a page or module is marked with Admins as the only edit role it is a special case, everyone else including Content Admins is supposed to be locked out and not able to edit. Therefore no further checks are needed.

You must sign in to post in the forums. This thread is closed to new posts.