Physical aspx pages building, securing, etc.

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

Please do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.

This forum is for discussing mojoPortal development

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

You can monitor commits to the repository from this page. We also recommend developers to subscribe to email notifications in the developer forum as occasionally important things are announced.

Before posting questions here you might want to review the developer documentation.

Do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.
This thread is closed to new posts. You must sign in to post in the forums.
3/11/2010 1:56:41 PM
Slaven Brumec
Gravatar
Total Posts 55
View Posts

Physical aspx pages building, securing, etc.

Greetings!

I wonder is there any tutorial about building and securing physical aspx pages in mojoPortal?

Looking at, for example, EditPost.aspx page of Blog module, I found out some basics: in link on virtual ascx page that leads to physical page provide (virtual) PageId and moduleId so that physical aspx page gets home settings to apply security and other rules (as in FolderGallery/Edit.aspx or Blog/EditPost.aspx). We can also apply such rules directly (as in Blog/EditPost.aspx).

However, I might be missing something important about that so is there any guideline about physical pages?

Also, except for view-edit scenario, what might be the other scenarios where using physical pages is recommended?

3/12/2010 12:40:15 PM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Physical aspx pages building, securing, etc.

Hi Slaven,

In mojoBaseBage we have methods to validate view permissions so you can protect a view page in a feature with:

if (!UserCanViewPage(moduleId))
 {
       SiteUtils.RedirectToAccessDeniedPage();
        return;
  }

we also have method to validate Edit Permisions like this:

if (!UserCanEditModule(moduleId))
{
     SiteUtils.RedirectToAccessDeniedPage();
      return;
  }

These methods verify also that the page contains the module and determines view or edit permissions based on page and module permissions.

The only other scenario that I can think of in an existing feature is like in the forums where a user does not need edit permissions to post, so the forum postedit page chacks view permissions and checks module permissions whether anonymous posting is allowed.

So, it depends on your feature, we have helper methods for view and edit permissions,but it is also possible for you to implement any other rules you need in your own custom features.

I don't know if you've seen these, but I'm working on a series of developer training videos.

http://www.mojoportal.com/developertrainingvideos.aspx

Best,

Joe

You must sign in to post in the forums. This thread is closed to new posts.