Allow a user to access a specific blog

Topics: Business Logic Layer
Feb 14, 2012 at 9:58 PM

Hi there,

How to allow a user to access just a specific blog ?
When I create user the user has access to all blogs.

Feb 15, 2012 at 12:18 AM
Edited Feb 15, 2012 at 12:20 AM

Shaahin,

One approach to restricting access of one particular user is to configure BlogEngine.NET for ASPNET Membership and create a role with common permissions to multiple blogs.  The user you want to restrict would not be a member of that role, but in another role which would have access to blog you grant it access to in Blog Administration -> The User's Blog -> Role -> Rights.

You would also need to pay attention to "Anonymous" or "All User" settings in the blogs you want to prevent the user from seeing. 

Good luck,
Dave

Feb 18, 2012 at 11:48 AM

Hello Dave,

Thanks for your attention.

I try but I wasn't success.

For example I have created BlogA and BlogB and there are UserA and UserB .

Now , How can I configure that UserA just allow to post in BlogA and UserB just allow to post in BlogB.

Is it available ?

Thanks.

Mar 18, 2012 at 5:13 AM
shaahin wrote:

For example I have created BlogA and BlogB and there are UserA and UserB .

Now , How can I configure that UserA just allow to post in BlogA and UserB just allow to post in BlogB.

Is it available ?

I have the same question. If it is not available, what could be the solution?

Mar 19, 2012 at 10:04 AM

I have not used multi blogging system of be yet but just a suggestion..Manually putting this in default.aspx (page load)

 if (User.Identity.IsAuthenticated)
        {
            if (User.Identity.Name.Equals("admin"))
            {
           
                //do as what you want like disabling the Publish or whole administration area..so on..
           
            }
        }

Apr 30, 2013 at 11:18 PM
hi

did anybody find a solution to this?

i would like to remove edit and create and post rights for users depending on their membership name. they should still be able to post comments though

any help would be appreciated

thanks

paul
May 1, 2013 at 12:38 AM
Hi All,

You have to edit the user rights on a per sub blog bases.

Example:

AdminUser
User1
User2

There are 3 blogs

Blog A <--- Primary

Blog B

Blog C


In Blog A you only have users in there that you want to give access to all of the blogs.

So users in Blog A

AdminUser
User1

Here both these users can access all blogs A,B, and C


Now in Blog B

Only have User2


Here User2 can only access Blog B and that is it.


Currently if you wish to give User2 access only to Blog B and C but not A

You would have to add them to each blog B and C

Solution to future fix:

Have the Primary Blog have a master list of all users in all blogs.

In a Blogs access page

Have all of the users listed with boxes for each blog.

Then you assign blogs to each user by checking each box per blog

Or by roles.
May 1, 2013 at 2:59 PM
hi

thanks for the help. Ill give that a go as soon as i get a chance

cheers

paul
May 2, 2013 at 3:45 PM
hi

im struggling to work out how to implement this. Im trying to use blogengine withs sqlServer so dont want to just manipulate the xml files. Is there a way set the users for a blog through the exposed methods and classes in the blogengine dlls? Ive been looking through all the exposed classes but cant find what i need.

and sample code would really help

Thanks

Paul
Coordinator
May 2, 2013 at 4:52 PM
paulcripps wrote:
hi

im struggling to work out how to implement this. Im trying to use blogengine withs sqlServer so dont want to just manipulate the xml files. Is there a way set the users for a blog through the exposed methods and classes in the blogengine dlls? Ive been looking through all the exposed classes but cant find what i need.

and sample code would really help

Thanks

Paul
Can you clarify scenario you are trying to accomplish? Not sure why would you need to modify any files or methods to let user access specific blog, this is a default behavior. Just create a new blog, add user and assign a role - this user should only be able to do within this blog whatever specified in the rights for his role. In 2.8 you can let users to create their own blog and be an admin for this blog only.
May 2, 2013 at 5:00 PM
im trying to create a new blog for each user in my asp.net memberiship provider where only that user can edit their own blog. from the tests ive done so far if a user is assigned as an editor they can edit all blogs. not just their own. If a user is not in the editors or administrators they cant change any blogs at all.

It sounds like ive missed something crutial like assoicating the user with the blog. How do you let users create their own blog and be admin like you described. that would work for what i want
Coordinator
May 2, 2013 at 5:50 PM
In the admin -> settings -> advanced, there is "security settings" section. Check "enable self registration" and "create new blog for self-registered users".
Then on login screen you should see an option to either log in or create new account. This new account option will let users to create their very own blog.
May 6, 2013 at 9:41 PM
hi thanks for the help. this doesnt work sadly. im using a sqlserver db for both the blog and the membership. Ive been checking into why and when the sql membership is used IsAuthorized checks the user roles. The user roles are just taken from the sql membership provider so its not actually possible to publish anything as the roles are site wide as opposed to blog specific. Does anybody know a clean solution to this problem? for the short term i have just hacked GetCurrentUserRoles to include Editors if the blogname matches the username (im trying to programatically create a blog for every user)
Coordinator
May 6, 2013 at 10:43 PM
This is from DbRoleProvider:
"SELECT role FROM {0}Roles WHERE BlogID = {1}blogid "
Looks pretty blog specific to me, and I have a blog where sub-blog has no standard roles, even "admin" removed, and it seems to work fine.