This project is read-only.

QuickNotes displaying for all Authenticated Users

Jun 26, 2012 at 9:38 PM

Something you may have already known, but the QuickNotes module displays for all authenticated users in v2.6 out-of-the-box.  Wrapping QuickNotes instantiation in a Security.IsAuthorizedTo() is only partially effective for multiple blogs, since if a user has Rights in ANY blog he sees the QuickNotes Module on all blogs...

public QuickNotes(string user)
    if (Security.IsAuthorizedTo(Rights.CreateNewPosts))
        author = user;
        cacheKey = user + "_" + "QuickNotes";
        cacheKeySettings = user + "_" + "QuickSettings";

Jun 26, 2012 at 10:22 PM
Edited Jun 26, 2012 at 10:37 PM

Are you sure? Just checked it running, logged into one blog and it only shows me q-notes for this blog, not others. Which is what it supposed to, because that cache key used withing cache for current instance:


if (Blog.CurrentInstance.Cache[cacheKey] == null)
	var n = BlogService.FillQuickNotes(author);
	Blog.CurrentInstance.Cache[cacheKey] = n;
return (List<QuickNote>)Blog.CurrentInstance.Cache[cacheKey];


And then it uses current instance along with user id in the service:


.Where(s => s.Author == userId && s.BlogId == Blog.CurrentInstance.Id)

Also checked updates between 2.6 and and nothing seems to change for notes.

Jun 27, 2012 at 1:36 AM


I'll spend a little more time on it, but yeah, I'm sure about it's behavior.  Will post any updates.