YAFLogo

McHine
  • McHine
  • 64.6% (Friendly)
  • YAF Forumling Topic Starter YAF Version: 4.0.0 RC4
2 months ago
Looking to expose the roles in order to do some authorisation control.

Seems using boardcontext I can get most of the existing ones .membershipuser .isforumadmin etc (please correct if i'm wrong).

I have added two (Crew and Owner if you want to know), and want to access those to change website behaviours.

How to?

Thanks a millon!

View All Posts by User
Sponsor
tha_watcha
  • tha_watcha
  • 100% (Exalted)
  • YAF.NET Project Lead 🤴 YAF Version: 4.0.0 rc 2
2 months ago
If you want to check if the Current user is part of a role use ...

​await BoardContext.Current.Get<IAspNetUsersHelper>().IsUserInRoleAsync(BoardContext.Current.MembershipUser, "Crew");
View All Posts by User
+1
McHine
  • McHine
  • 64.6% (Friendly)
  • YAF Forumling Topic Starter YAF Version: 4.0.0 RC4
2 months ago
ok that is working pretty well, for example currently using this in pages needing to have user logged in:

bool RegUser = await BoardContext.Current.Get().IsUserInRoleAsync(BoardContext.Current.MembershipUser, "Registered Users");

if (!RegUser)

{ Nav.NavigateTo("/Forums/Account/Login", true); }

but.....

what about banned and suspended users, are they considered Registered Users? probably a noob question or easily found (happy to be shown where to look for this kind of thing, struggling with trawling so asking early!)

thanks again getting closer and closer to first looks :)

View All Posts by User
tha_watcha
  • tha_watcha
  • 100% (Exalted)
  • YAF.NET Project Lead 🤴 YAF Version: 4.0.0 rc 2
2 months ago
if you want to check if the user is registered just check for guest

​if (BoardContext.Current.IsGuest)
{
    Nav.NavigateTo("/Forums/Account/Login", true);
}

Banned Users are deleted users and are treated as guest, and as suspended users they only see a blank page.

View All Posts by User
+1
McHine
  • McHine
  • 64.6% (Friendly)
  • YAF Forumling Topic Starter YAF Version: 4.0.0 RC4
17 days ago
ok i don't think that's the droids code that i'm looking for.

it works fine for sending someone not logged in to the login page, but someone suspended can see and operate the pages / site, per the pictures attached.

should make sense, let me know if you need anything else, thanks a mill

 backendaccess.jpg You have insufficient rights to see the content. addvenuecode.jpg You have insufficient rights to see the content. suspendeduser.jpg You have insufficient rights to see the content.

View All Posts by User
tha_watcha
  • tha_watcha
  • 100% (Exalted)
  • YAF.NET Project Lead 🤴 YAF Version: 4.0.0 rc 2
16 days ago
I dont understand the problem, the user cant access any forum page.
View All Posts by User
McHine
  • McHine
  • 64.6% (Friendly)
  • YAF Forumling Topic Starter YAF Version: 4.0.0 RC4
16 days ago
I'm using the forum as my membership management, if they are suspended from the forum, they are suspended from the site and not able to update comment etc, as you would expect. I need to be able to enact this. 

if (BoardContext.Current.IsGuest)

{ Nav.NavigateTo("/Forums/Account/Login", true); }

so that will send them to the login if they are not, and then if i'm right, then adding 

  bool IsUnWelcome =

  await BoardContext.Current.Get().IsUserInRoleAsync(BoardContext.Current.MembershipUser, "Banned") ||

  await BoardContext.Current.Get().IsUserInRoleAsync(BoardContext.Current.MembershipUser, "Suspended");

if (IsUnWelcome)

{ Nav.NavigateTo("/Forums/Info/2", true); }

will send the suspended user to that page if they are using my part of the site.

Thanks a lot!

View All Posts by User
tha_watcha
  • tha_watcha
  • 100% (Exalted)
  • YAF.NET Project Lead 🤴 YAF Version: 4.0.0 rc 2
15 days ago
There is a host setting setting to "Require User Login" this will always redirect guests to the login page.

then you only need to add  PageSecurityCheck and UserSuspendCheck filter to your page

https://github.com/YAFNET/YAFNET/blob/f5ed34b8598d185e5a162f81056889f14edd3d6b/yafsrc/YAFNET.Core/BasePages/ForumPage.cs#L38 

The the suspend check is also applied to your custom pages.

View All Posts by User
McHine
  • McHine
  • 64.6% (Friendly)
  • YAF Forumling Topic Starter YAF Version: 4.0.0 RC4
13 days ago
I couldn't get that to work, but:

  if (BoardContext.Current.IsGuest || BoardContext.Current.PageUser.Suspended > DateTime.Today)

  {

      Navigation.NavigateTo("/Forums/Account/Login", true);

      return;

  }

that does seem to work quite well.

am I missing anything?

Thanks for the prompt replies, I think it's time to look at a quick upgrade to the latest and first publishing!

btw for reference it's a blazor .net core 8 project, and the relevant code that compiles but doesn't seem to do anything is below

using System.Threading.Tasks;

using YAF.Types.Attributes;

using YAF.Core.Filters;

using YAF.Core.Handlers;

using YAF.Types.Constants;

using YAF.Types.Models;

namespace EFMB2.Pages

 

{

 

    [PageSecurityCheck]

    [UserSuspendCheck]

    public partial class AddAlbumBase : ComponentBase

    {

       

        protected CAlbum album = new CAlbum();

View All Posts by User
tha_watcha
  • tha_watcha
  • 100% (Exalted)
  • YAF.NET Project Lead 🤴 YAF Version: 4.0.0 rc 2
11 days ago
I think the page filter works only on pages and not on blazor Components.

instead of 

​BoardContext.Current.PageUser.Suspended > DateTime.Today
just do

​BoardContext.Current.IsSuspended
View All Posts by User
Similar Topics
Users browsing this topic