Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeArchived Discus...Archived Discus...Developing Under Previous Versions of .NETDeveloping Under Previous Versions of .NETASP.Net 2.0ASP.Net 2.0Creator / Owner PermissionCreator / Owner Permission
Previous
 
Next
New Post
1/22/2007 5:17 PM
 
BSBoard

Joined: 1/5/2007
Posts: 11
I am writing a set of custom modules to create a classifieds section similar to craigslist.

My plan is to allow users to edit their posts as often as they want. I was hoping to allow this through the 'Edit Module' functionality built into DNN. However for this to work I would need to be able to programmatically change weather or not a module is editable. This is due to the fact that I only want a registered user to be able to edit their own posts, and not anyone else's.

Is this possible without changing any core functionality? If not I will have to perform a test myself and dynamically create a link to a seperate module which allows editing.
 
New Post
1/22/2007 7:11 PM
 
Sebastian Leupold


Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

www.dnnwerk.de
Joined: 3/8/2004
Posts: 46212
check out default module text/HTML, AFAIK it is the simpliest module allowing to specify, who is able to view or edit the content.
Cheers from Germany,
Sebastian Leupold

dnnWerk - The DotNetNuke Experts   German Spoken DotNetNuke User Group

Speed up your DNN Websites with TurboDNN
 
New Post
1/23/2007 10:15 AM
 
BSBoard

Joined: 1/5/2007
Posts: 11
Can you elaborate? I didn't see any way to specify user-based permissions on the text/html module (only role based). What I need to do is say that the logged in "registered user" can edit anything that he has posted, but not something that another "registered user" has posted. I realize I can give edit permissions to the registered users group, but this does not solve the problem of preventing people from editing others posts.
 
New Post
1/23/2007 6:05 PM
 
BSBoard

Joined: 1/5/2007
Posts: 11
For anyone else interested in doing something similar, here is how I got around this problem:

  1. Make module editable by registered users - this effectivly lets all users edit all other users posts
  2. Comment out line in 'ModuleActions' property that starts with Actions.Add - this will stop the edit link from showing up even if the user does have edit permission.
  3. Create your own link using the EditUrl() function to link to the edit page. Because you have created this one yourself, you can control when it shows up. Here you can check if the userId is the same as who originally posted the listing. If so, display the link.
This is basically all you need to do to get the functionality there. However, it isn't secure because anyone logged in can manually type in a url to edit someone else's post, because technically they have permission to do so, we are just hiding the link. To solve this, make sure in the edit page the first thing you do is once again check that the current userId matches the userId of what they are trying to edit. If not, I just response.redirect them to the homepage.

Well that's what I did and it seems to be working, if anyone sees any flaws in my method please let me know. Thanks!
 
New Post
1/23/2007 6:43 PM
 
Charles Nurse


Charles Nurse's Avatar

Charles Nurse's Avatar

Joined: 2/9/2004
Posts: 3652

Your method would probably work.

However, a slightly better solution, that would still allow you take advantage of the Action menu and any actionbutton skinobjects in the container would be as follows.

Edit the code that adds the action to the Actions collection by wrapping it in an IF statement so that it is only added if the current user is the owner of the item.

You would still need to double check in the edit control itself (in case users manually edit the URL).

Charles Nurse
Chief Architect
Evoq Content Team Lead,
DNN Corp.

Want to contribute to the Platform project? - See here 		MVP (ASP.NET) and
ASPInsiders Member
View my profile on LinkedIn
 
 Page 1 of 2
12Next 
Previous
 
Next
HomeHomeArchived Discus...Archived Discus...Developing Under Previous Versions of .NETDeveloping Under Previous Versions of .NETASP.Net 2.0ASP.Net 2.0Creator / Owner PermissionCreator / Owner Permission


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out