GUEST USER ROLE/PERMISSIONS/ACCESS

Oct 17, 2009 at 1:57 AM

Hi Blog Engine community. Can anyone help me please?  I would like to add a new role, for example a guest  to enable a visitor to add a comment but not be able to edit or delete comments or information on posts or pages.   I would also like this guest visitor to be able to view video, and download files that have been uploaded.  To put this in context.  I work in a school and want my leaners to be able to blog with me if they have any learning issues and be able to download and view resources that I have uploaded for them.  I have already added the privatiser function and am aware of this.  Any help would be greatly appreciated because I am really struggling to make headway with this and would love to get it to work as described.  Thanks in anticipation of any help.

Oct 18, 2009 at 1:59 PM

On page.aspx.cs AdminLinks, change the line that says:

if (System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated)

to this:

 if (System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated && Roles.IsUserInRole(System.Threading.Thread.CurrentPrincipal.Identity.Name, BlogEngine.Core.BlogSettings.Instance.AdministratorRole))

You also need to include:

using System.Web.Security;

This way only Administrators can edit/delete pages and posts....

Build the site and good luck...

Oct 18, 2009 at 6:21 PM
Hi Jeiras
 
Very many thanks for contacting me about this.  Can you tell me where to  include the  using System.Web.Security; please?    Thanks again.
 
Colin

2009/10/18 jeiras <notifications@codeplex.com>

From: jeiras

On page.aspx.cs AdminLinks, change the line that says:

if (System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated)

to this:

 if (System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated && Roles.IsUserInRole(System.Threading.Thread.CurrentPrincipal.Identity.Name, BlogEngine.Core.BlogSettings.Instance.AdministratorRole))

You also need to include:

using System.Web.Security;

This way only Administrators can edit/delete pages and posts....

Build the site and good luck...

Read the full discussion online.

To add a post to this discussion, reply to this email (blogengine@discussions.codeplex.com)

To start a new discussion for this project, email blogengine@discussions.codeplex.com

You are receiving this email because you subscribed to this discussion on CodePlex. You can unsubscribe on codePlex.com.

Please note: Images and attachments will be removed from emails. Any posts to this discussion will also be available online at codeplex.com


Oct 18, 2009 at 6:21 PM
Hi Jeiras
 
Very many thanks for contacting me about this.  Can you tell me where to  include the  using System.Web.Security; please?    Thanks again.
 
Colin
Oct 19, 2009 at 6:39 AM
Hi Jeiras
 
I've done the following and my BlogEngine now starts with the login page which is great.  However, when I log in as an administrator and make a change in settings and save this page it goes to the error page 'Oops' rather than the home page.  Any help would be greatly appreciated because I'm so nearly there.  By the way I've tried this with the 'privatizer' on and off and the same thing happens.  Thanks for all your help.
 
Colin

2009/10/18 jeiras <notifications@codeplex.com>

From: jeiras

On page.aspx.cs AdminLinks, change the line that says:

if (System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated)

to this:

 if (System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated && Roles.IsUserInRole(System.Threading.Thread.CurrentPrincipal.Identity.Name, BlogEngine.Core.BlogSettings.Instance.AdministratorRole))

You also need to include:

using System.Web.Security;

This way only Administrators can edit/delete pages and posts....

Build the site and good luck...

Read the full discussion online.

To add a post to this discussion, reply to this email (blogengine@discussions.codeplex.com)

To start a new discussion for this project, email blogengine@discussions.codeplex.com

You are receiving this email because you subscribed to this discussion on CodePlex. You can unsubscribe on codePlex.com.

Please note: Images and attachments will be removed from emails. Any posts to this discussion will also be available online at codeplex.com