Authors,Editors cannot access a backend page

Posted by Community Admin on 03-Aug-2018 11:04

Authors,Editors cannot access a backend page

Sitefinity - General Discussions

All Replies

Posted by Community Admin on 13-Jul-2011 00:00

Hello
I have some programmatically added backend pages for a custom module that cause an uncaught exception when a non-administrator backend user tries to access the page in v4.1 SP2. I've checked the permissions and both Author and Editor roles have permissions to view this page and edit content. The stack trace is below:

Exception information:
    Exception type: ArgumentNullException
    Exception message: Value cannot be null.
Parameter name: source
   at System.Linq.Enumerable.Where[TSource](IEnumerable`1 source, Func`2 predicate)
   at Telerik.Sitefinity.Security.SecuredObjectExtensions.GetActivePermissions(ISecuredObject securedObject)
   at Telerik.Sitefinity.Security.SecurityExtensions.IsGranted(ISecuredObject item, String permissionSet, Guid[] principals, Int32 actions)
   at Telerik.Sitefinity.Security.SecurityExtensions.IsGranted(ISecuredObject item, String permissionSet, String[] actions)
   at Telerik.Sitefinity.Security.SecuredObjectExtensions.IsGranted(ISecuredObject securedObject, SecurityActionTypes actionType)
   at Telerik.Sitefinity.Web.UI.SecuredControl.get_IsGranted()
   at Telerik.Sitefinity.Web.UI.SecuredControl.get_Visible()
   at System.Web.UI.Control.PreRenderRecursiveInternal()
   at System.Web.UI.Control.PreRenderRecursiveInternal()
   at System.Web.UI.Control.PreRenderRecursiveInternal()
   at System.Web.UI.Control.PreRenderRecursiveInternal()
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)


The stacktrace mentioned SecuredControl - is this a problem with permissions on an item on the page, and if so, how can I add permissions programattically for controls on a backend page?

Thanks
Ryan

Posted by Community Admin on 14-Jul-2011 00:00

Hi Ryan,

The stack trace does not provide a clear information about which control causes the issue. You can try removing the controls on your page one by one to see which of them is the problematic  one and narrow down the issue. If the problem comes from a control, first try setting some permissions manually from its "Permission" menu.

GetActivePermissions - gets the permissions sets for an object - ISecuredObject. By default this returns an array of PermissionItem objects. Each PermissionItem has - principal ID and valid permissions for this principal ( View, Edit, Modify, Delete etc) and objectID - the id of the secured object.

Below is a sample code that illustrates setting permissions of a widget programmatically

//set the role Id you want grant with some actions.
//<role id="263d4a0a-9e35-4d30-ad13-edac983cde39" name="Editors" />
var roleID = newGuid("263d4a0a-9e35-4d30-ad13-edac983cde39");
 
var checkPerm = manager.GetPermission(SecurityConstants.Sets.Controls.SetName, cb.Id, roleID);
if(checkPerm == null)
     var perm = manager.CreatePermission(SecurityConstants.Sets.Controls.SetName, cb.Id, roleID);
    perm.GrantActions(true, SecurityConstants.Sets.Controls.View);// set view permission
    cb.Permissions.Add(perm);
    manager.SaveChanges();


All the best,
Ivan Dimitrov
the Telerik team
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

This thread is closed