Sitemap Admin Seeing What A User Sees
Jan 21, 2010
I am currently trying to figure out how to best go about implementing an administration side for my application.I have a user site, where users can log in, customize their profile, submit information etc.I would like administration users to be able to log in and be able to choose from a list of users. From there, the administrator can submit information for the user just like the user can.
Website Start Page > RogerRabbit > Submit Information
Website Start Page > BillyBob > Customize Profile
So my question is:
How should my pages be laid out?How should the Web.sitemap file look? Is there a nice way of creating a sitemap (maybe in memory?)Would this method have to use session variables?
View 2 Replies
Similar Messages:
Apr 3, 2011
I have an asp.net application. There is a folder in the project that users upload images and files to that folder.
I want to restrict users, that each user sees only his files. How can I do this?
Because files are uploaded in folder, users may access them by browsing file urls.
View 1 Replies
Mar 15, 2011
I found a great answer on SO describing how to set up custom user roles, and I've done the same in my project. So in my Login service I have:
public ActionResult Login() {
// password authentication stuff omitted here
var roles = GetRoles(user.Type); // returns a string e.g. "admin,user"
var authTicket = new FormsAuthenticationTicket(
1,
userName,
DateTime.Now,
DateTime.Now.AddMinutes(20), // expiry
false,
roles,
"/");
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(authTicket));
Response.Cookies.Add(cookie);
return new XmlResult(xmlDoc); // don't worry so much about this - returns XML as ActionResult
}
And in Global.asax.cs, I have (copied verbatim from the other answer):
protected void Application_AuthenticateRequest(Object sender, EventArgs e) {
var authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null) {
var authTicket = FormsAuthentication.Decrypt(authCookie.Value);
var roles = authTicket.UserData.Split(new Char[] { ',' });
var userPrincipal = new GenericPrincipal(new GenericIdentity(authTicket.Name), roles);
Context.User = userPrincipal;
}
}
Then, in my ServicesController class, I have:
[Authorize(Roles = "admin")]
//[Authorize]
public ActionResult DoAdminStuff() {
...
}
I login as a user with the "admin" role, and that works. Then I call /services/doadminstuff - and I get access denied, even though when I put a breakpoint in Global.asax.cs, I can see that my roles do include "admin". If I comment out the first Authorize attribute (with roles) and just use a plain vanilla Authorize, then I can access the service.
View 1 Replies
Mar 4, 2010
This is what I have in the RegisterUser.aspx and yet when the admin registers a new user, then on clickiing the register button, the site logs in as the user who was just created.
protected void CreateUserWizard1_CreatedUser(object sender, EventArgs e)
{
Roles.AddUserToRole((sender as CreateUserWizard).UserName, "Department");
}
View 4 Replies
Jul 12, 2010
In our project, we have a situation where the administrator needs to 'force log off' a particular user under certain conditions. In other words, the admin user needs to have the ability to kill any other user's session.Is this possible? By using the session properties, we can kill the current session (the current user's session) but is it possible (for the admin user) to kill some other user's session?
View 1 Replies
Dec 22, 2010
have table for users have a some attribute one of them admin attribute have a bit data type when the user is admin it is true and i have ligin page and control panal page i want throw login page check for the user to redirect him to control panal if the user is admin the control panal will be displayed with moreoptions any one how can i doing this with select statement
View 2 Replies
Mar 17, 2010
i am currently checking to see if the logged in person is an admin, by putting a check in the page_load function. (same thing to see if the person is logged in at all)
is there a better way to do this? or should i just go ahead and put my check on every single page?
View 1 Replies
Jun 18, 2010
I am creating a web application using Form Authentication of Asp.Net with C# and back end Sql Server. Here in my application administrator login and creates new users. I am using the create user wizard under login controls. My problem is when the new user is created by Admin he is automatically logged out and logged in with new user credentials which he has just created.
View 2 Replies
Aug 10, 2010
I'm using DataAnnotations to validate creation of a new Admin user. However on EDIT page I want to have password and confirm password fields blank. This way i know that password has not changed. However whenever I EDIT a user I get ModelState.IsValid = false because password and confirm password are blank even though I set these in my controller. how would i fix this so that on EDIT screen I can omit "Required" validation?
Controller:
[code].....
View 4 Replies
Jul 12, 2010
Is there anyway to implement this.If admin block a user then session of that current user should be expired in ASP.NET
View 1 Replies
Aug 4, 2010
I am using SQL membership authentication and SQL Database for my ASP.NET Website and its using for my Organization (has multiple Branches in different cities).How I can get all user list which are recently online/Login in my system (WebSite) in my Admin Panel?
View 4 Replies
Nov 15, 2010
In my project I have one folder called Administration (contains pages created for administrating the public part of the page) and in root I have public pages. What I want to do is to prevent anyone beside administrator to enter the Administration part and to make the Administration/Login.aspx default page for entering Administration part. This part makes me confused. I tried to create the access rules, but that wasn't the option because I upload the images to the Administration/Upload folder so if I deny the users the images on the public part can't be accessed.
The second problem I don't know how to solve is public part of the page where I want to allow commenting only to logged in users (users only, not the admin). How to check if user is logged in and authetificated and how to enable the commenting part of the form to him (textbox and submit button).
View 6 Replies
Mar 4, 2010
I have a directory structure root->admin-> admin operations admin page inherited from a ase page with principla security.demand role = "Admins" i am usinf forms authantication mode. i have also put a web.config file in admin folder, restricting other users. it is working normaly with siteroot/admin. I want to setup a mechanism to admin like siteroot/username/admin I can redirect to page admin but it gives security error, it should redirect to login page instead of if user did not sign in.
View 5 Replies
Feb 5, 2011
I am looking for a way to distroy the ASP.net membership session for a specific user. The reason I am doing this is as an admin I want to delete a user. This works fine, but if the user already has an active session, he is still marked as "online" until this session dies (I verify each time by using Current.User.Identity.IsAuthenticated). How do I go about killing a session based on the user it's authorized as. This way when I do Memberships.DeleteUser(username) I can also do Sessions.KillByUser(username)[URL]
View 2 Replies
Jun 13, 2010
I have an Admin folder which contains 4-5 aspx pages. I want to that only user with role="admin" can view those files. What settings i need in web.config?
View 1 Replies
Sep 3, 2010
develop a user admin application.My schema looks like the following:See full size As you can see I've got my own version of the user table and profile tables to store my data with a one-to-one mapping with aspnet membership tables.I'm interested in using ASP.NET dynamics to speed up the proccess of creating an admin system.
I would like to create a customised listing with a search and a data grid listing with just basic details such as name and state information, date registered and then when you click to edit your presented with the domain representation of the data and not the exact undelying data.Has anyone any experiece in doing this or building a real work application with Dynamic data?
View 1 Replies
Apr 17, 2010
I'm looking for a way to create a login control without the use of web admin tool
Here are my system requirements
Windows 7 Visual Studio 2008 Professional Edition Microsoft SQL Server 2005 Express Edition ESET Anti-virus but SQL and Studio files excluded from being scanned. I have got a database. I've created the front end of the user login control manually not using the toolbox. Basically what I need is that once a user has registered. He then logs in. when he enters his username and password how do I code it so the database realises it's him/her and takes them to their LOGGED IN user
View 7 Replies
Oct 26, 2010
i need certain algorithem/formula or code where admin assign userid/password to user ,means multiple user get registered site but user id and password are assign by admin after registered . did not any thing on google yet !!
View 3 Replies
Jan 13, 2011
i need some lessons in how to create admin folder and pages to add user ,content ,authentication, etc
View 2 Replies
Nov 13, 2011
I have this code , to redirect user when an error is detect on a page, and to notify the admin
vb Code:
Protected Sub Page_Error(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Error
REPORT IF ERROR DETECTED Dim a As New errorhandler
a.reporterror(Page.Title.ToString & " "
& Request.Url.Host.ToString, Server.GetLastError.ToString)
End Sub
then under another button I have this try and catch , i wud like to show the user there is an error on the date input format.
vb Code:
Try
aaa = dateTextBox.Text.Split("/")
bbb = aaa(2).Split(" ")
If (bbb.Length > 1) Then
a = aaa(0) + "/" + aaa(1) + "/20" + bbb(0) + " " + bbb(1).Substring(0, 2) + ":" + bbb(1).Substring(2, 2)
[Code] ....
But whenever an error is detect the user is redirected to another page (errorhandler).I was wondering if it's possible not to redirect the user if the error is of type InvalidCastException .
View 9 Replies
Apr 18, 2010
I have a footer that I am adding to a masterpage. Within this footer, if constructs menus based on the Current Node of the sitemap, however the sitemap is coming back as null. how to fix this issue.
View 2 Replies
May 11, 2010
We are getting this error message when we try to click the link in the menu to go to Report Server:
Source Error:
Line 31: <siteMapNode title="Reports" description="Reports">
Line 32:
Line 33: <siteMapNode url="https://ffxsqldgc01.ffx.co.fairfax.va.us/Reports/Pages/Folder.aspx?ItemPath=%2fDPZ&ViewMode=List" title="View Reports"
description="Click here to view the reports" />
Line 34: </siteMapNode>
Line 35:
I tried to add after the &, as it was suggested on one of the forum but it did not work. Any other ideas.
View 5 Replies
Aug 2, 2010
I've been having some production runtime errors that I don't fully understand. This has happened to us on a couple different ASP.NET 4.0 Web Sites (shudders - yes, I know - we're porting it to MVC but that's taking some time).
First of all, we have never been able to reproduce this issue in development/QA environments. Secondly, upon deployment, the issue seems to be non-existent. Sometimes the issue manifests within a day or two of deployment and other times the deployment will be live for a month without it manifesting at all. However, once it manifests, then ANY page viewed under the web site causes the error. Lastly, this problem seemed to only come up once we migrated to .NET 4.0. We started at 2.0, a year ago upped to 3.5, and recently upped to 4.0 with this solution and most child projects.
The error:
Could not find the sitemap node with URL '~/Default.aspx'.
A simplified version of our sitemap (with some names changed and uninteresting nodes removed) is as follows:
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0">
<siteMapNode roles="*" title="EG">
<siteMapNode url="~/../SM/Default.aspx" title="Welcome" description="" roles="*" />
<siteMapNode url="~/../SD/Default.aspx" title="SD" description="" roles="*" />
<siteMapNode url="~/../SMD/Default.aspx" title="SMD" description="" roles="*" />
[code]...
I have confirmed in all of the SiteMaps that there is a node with url="~/Default.aspx" with roles="*" (which includes public/anonymous access), so I am very confused as to why this problem occurs.
SiteMap does not have a node for Default.aspx. All of them do. SiteMap's Default.aspx node is not accessible for security reasons to the current user/role. They're all accessible to anonymous users and this problem even exists for super admin users. Passed-in URL contains querystrings (Default.aspx?abcd). I don't know if this is a problem (I sure would hope not) but once the problem manifests itself, I can handwrite the URL with no querystrings and the problem still exists.
SiteMap changes. It doesn't Service's permissions to the sitemap file. The sitemap works perfectly fine after a deployment, so unless permissions are changed in a way that IISRESET fixes, then this is not an issue. The worker process becomes globally corrupt. I don't think so. We have ~12 web sites all in the same app pool and the problem always stays confined within a single web site. Also, we have yet to have this happen to more than a single web site at a time although it has manifested itself in 4 different ones so far.
View 1 Replies
Jan 25, 2011
I've got a custom menu navigation built from a web.sitemap file, the first line of this would be something like:
SiteMapNodeCollection topLevelNodes = SiteMap.RootNode.ChildNodes;
However, now I want to be able to create multiple web.sitemap files, and then programmatically determine which web.sitemap file to use, but I can't seem to find out how to do this. I'm assuming I could either create one custom SiteMapProvider that can perform the logic to determine which web.sitemap file to load, or I have multiple providers, each one with the SiteMapFile property set to a specific *.sitemap file, and then switch providers programmatically before I access SiteMap.RootNode.
View 2 Replies
Sep 22, 2010
I have sitemap which looks like this:
<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
<siteMapNode url="~/default.aspx" title="Prva stran" roles="*" description="Shema ISEF">
<siteMapNode roles="2" title="Analize" id="Analize" description="" >
<siteMapNode url="~/karneki1.aspx" title="Karneki1" description="" />
<siteMapNode url="~/karneki2.aspx" title="Karneki2" description="" />
</siteMapNode>
</siteMapNode>
</siteMap>
if I set roles in a siteMapNode with title "Analiza" it works fine, the link is not shown in the navigation... but if I set roles on any of "karneki" siteMapNode the links are still visible...
Is it even posible to restrict access to lower links based on user role?
View 1 Replies
