One of our customers, Axis Corporate Solutions, provide an innovative (well innovative for an accountancy firm) function on their website. They allow their customers to login to the site and access all of the documents that have been created for them.
So each customer has their own login and their own private area within the website where they can view these documents.
This presented us with our first Kentico challenge. Here's what we did:
- Add a login form to the Master page. This was set to redirect to Login.aspx when a customer successfully logs in.
- In the Page_Load event for the login page we firstly check the ViewMode. We only want the redirection to happen on the live site otherwise we wouldn't be able to administer the login page.
- Then we get the current user context and find out if they are an editor. If they're an editor we send them off to the customer index page where they can choose who they want to have a look at.
- If they're not an editor then they're a customer. What we do for them is to check all of the documents in the Customer branch of the sitemap and see if they have read access. If we find one that has read access then we redirect them to it.
We like this approach because we don't need to add anything to the database to tie customers to their sections of the website. The code is below
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
// Send the user off in the right direction if we're
// in LiveSite mode. Don't want to do this in edit mode.
//
if (CMSContext.ViewMode == CMS.PortalEngine.ViewModeEnum.LiveSite)
{
CurrentUserInfo user = CMSContext.CurrentUser;
if (user.IsEditor)
Response.Redirect("~/Customers.aspx");
else
{
// It's a customer, check permissions on all sub-pages of "/Customer"
//
DataSet ds = TreeHelper.SelectNodes("/Customers/%", false, "Axis.Customer");
foreach (DataRow dr in ds.Tables[0].Rows)
{
int docId = (int) dr["DocumentID"];
CMS.TreeEngine.TreeNode node = TreeHelper.SelectSingleDocument(docId);
if (CMS.TreeEngine.AuthorizationResultEnum.Allowed ==
user.IsAuthorizedPerDocument(node, NodePermissionsEnum.Read))
{
// User has access to this page - send them there...
//
Response.Redirect(CMSContext.GetUrl(node.NodeAliasPath));
}
}
}
}
}
This comment has been removed by the author.
ReplyDeleteNice post, I was just looking for what properties come up in the DataSet returned by the SelectNodes() method, and you have exactly what I needed! Thanks!
ReplyDeleteWonderful news.
ReplyDeleteLegal advice forum
Hi,
ReplyDeleteA secure document includes a paper document substrate, a disc having a primarily holographic first face facing away from the substrate and a second face with permanent pressure sensitive adhesive engaging the substrate, and mechanical intertwining between the substrate and disc so that they are substantially inseparable. Thanks a lot...
Enterprise Rights Management