I need to develop a web based product. Features of this will be available to users based on subscription categories like Basic Version /Premium Version / Enterprise Version. I would like to maintain single source for these subscription categories.
Here my question is,
How to design web application, which has features enabled based on configuration / subscription categories?
Thanks in Advance
This is very general question, and I will answer generally.
You can assign Roles to your registered users, and then you check using the IsUserInRole to
see what you going to show and what not.
To gain speed you can assign the permission to the user session and not always call the IsUserInRole
You can open and close some part of your page using the Panel and the Visible of it. Also close the Viewstate of the Panels that are hidden.
Alternative you can use UserControls that inside of them you check if the user have permission to see it or not, and you hide it OnInit, and also disable the ViewState of it.
And of course if a full page is not permitted you can always make a full redirect.
So a full page can have Panels, and UserControls, and the views of it depend from the user level.
You will not be able to get this readymade , you have to design the application based on the technology you are using.
I had similar kind of project going on in which we store the list of feature in database and when the page initializes loads the feature list in session.
On various pages we are showing/hiding controls based on the feature availability.
Offcourse Single feature can also have category based on the User Roles that we can check using FormAuthentication methods and change the page server side accordingly.
Let me know if you have any specific approach in mind and have question related with it.
Related
Not sure if this is stackoverflow typically question (I'll remove it if suggested), still may help me understand the possible options here.
I would like to know if it's somehow possible beside core, master and web instances to append new content database (let say for some form's filled with data by web users with CRUD repository using existing sitecore api). Editable/readonly from CMS, visible for exports, reports or charts via CMS using custom modules.
Somehow this DB should be located on the same level with Web Database, it's important to follow templates and functionality from sitecore legacy functionality.
This entire shebang will be used in as Sitecore Custom Module (installation, integration customization, management, blah, blah blah). Important: Items stored in this database are pure data items.
I found vague information on John west Sitecore blog, so what I asking more then the direct solution in front of my eyes references or examples how to, or signals if it's against the policy.
Best reference until now: http://intothecore.cassidy.dk/2009/05/working-with-multiple-content-databases.html article written by Mark Cassidy.
The reason you don't find much information on this is because its very uncommon to add another database which is accessible to Sitecore as per the john west blog. Note the data of that post also. I'm not aware of your requirements but I have never seen it done or found a need for it.
With user input data such as forms, comments etc. You have three data considerations storage, access and reporting. In a scenario where you would like to store this data and access it in Sitecore. I would approach it as follows:
Storage of that data should be in the master database inside a bucket. From version 7.0+ buckets were introduced so you can add virtually unlimited data to a Sitecore database. There was a buckets module which supported 6.3+ but appears to not be downloadable anymore: https://marketplace.sitecore.net/en/modules/sitecore_item_buckets.aspx. The code is out there though and possibly Sitecore support would even provide it.
The master database in a standard production environment (split content management and content delivery environments) if not accessible directly via connection string is made accessible by calling the Sitecore web API or creating a custom web service.
Requirements such as reporting and/or shared access to the data for other applications could possibly provide reasons to create a custom database but otherwise there is no reason not to store it in the master database.
You have to save the information filled by the user in Master database so that you can modify or use it using SItecore API.
Since the users filling the form may not have access to modify Sitecore Master DB. You would have to either switch the user to a user with least permissions required to make those changes(safer) or You would have to disable the security for a while and perform those tasks(not recommended). Both of these are explained in http://www.nehemiahj.com/2012/03/how-to-use-securitydisabler-and_15.html
And then add the form as an item in master db. If the number of form items created using this is more then use Sitecore Buckets.
We have SharePoint 2010 application with contains Custom Web Parts. A single web part usually contain around 200 UI fields. Some of them are enabled and few are disabled with default values that will be loaded based on the logged in user.
Recently we came across an issue, user while submitting the application can use FireBug/DOM Explorer or some other developer tool and can tweak the disabled fields which finally submits the wrong values to the database.
We are trying to use Session Variables to store these default values and while storing them to database taking these values from Session instead of taking them from UI form.
Please let me know whether there is any better way to prevent such hacks in SharePoint?
I have been tasked with making my company's Web App available offline. Before I move to the actual development phase, I want to be sure that my current strategy will not turn out to be a bust.
I first thought about using html5 app cache but after doing some tests I found that it seems to not cache the server side operations but the actual html that is rendered (Please correct me if I'm wrong). This will not work because the rendered html depends upon who is currently logged in. From my tests, it always rendered the html as if the last person that logged in (online) is logging in.
My current strategy is this:
I cache only the login page and an offline (.html) page to correspond to each aspx page that will need to be available offline. Every successful login (online) results in creating or updating Web SQL Database or IndexDB (depending on browser) with all data needed for that person to operate offline including a table that will be used for login credentials. In this way the only requirement for logging in offline is logging in with your login credentials at least one time.
My concern is that I am overcomplicating it. In order to make this work, I will need to create an html page for each current page (a lot of pages) and I will have to rewrite everything that is currently being done on the server in JavaScript including validation, database calls, populating controls such as dropdown lists and data grids, etc. Also everything that I change in the future will require a subsequent offline change.
Is there an established best practice for what I am trying to do that I am overlooking or am I venturing into new ground?
Please refer to these links, which gives you some insight on what is to be achieved. I'm not sure these are best practices, but these will be good starting point.
http://www.c-sharpcorner.com/UploadFile/aravindbenator/offline-mvc3-application/
http://www.developerfusion.com/article/84438/isolated-storage/
I am currently trying to figure out how to best go about implementing an administration side for my application.
I have a user site, where users can log in, customize their profile, submit information etc.
I would like administration users to be able to log in and be able to choose from a list of users. From there, the administrator can submit information for the user just like the user can.
Website Start Page > RogerRabbit > Submit Information
Website Start Page > BillyBob > Customize Profile
So my question is:
How should my pages be laid out?
How should the Web.sitemap file look? Is there a nice way of creating a sitemap (maybe in memory?)
Would this method have to use session variables?
Any suggestions, or tips would be great.
I can't answer your sitemap question but I have implemented a solution like this on one of our systems where I can see exactly what the end user is seeing by impersonating them. I did this mainly for troubleshooting purposes so that when they report a problem to me (such as something missing from their view), I can go in as them and see exactly what they are talking about.
The way I did this, which is admittedly a little crude, was to have an impersonation table in my database which contains the logon name of the user who is doing the impersonating and the logon of the user they wish to impersonate.
I added some override code so that when the user first goes to the page (it uses Windows authentication), it will check to see if that user has an impersonation set in the table and then place this user id in an object in the session state. If there was no impersonation, it would place the actual user id in this same object.
To prevent me from doing things to the user's data as them, there are two properties in this object, one for logon_name, which is what is used by the system for content-customization, and another called NameForLog, which is used when logging any actions. All actions I make will be logged as me.
All areas on the site that display user-customized content look at this session object, so they will always use the impersonated ID and therefore always show me what the user is seeing. Beyond the first page and the logging code, it doesn't even know that it is me it is dealing with.
It isn't the cleanest solution, but it has worked well for me.
I dunno mike... that's a broad set of questions there. Kinda like asking "how to I build a web site in asp.net".
It sounds very much like you need to invest in an introductory "how-to asp.net book" that covers these topic areas. The good news is that just about every beginner to intermediate asp.net book ever written probably hits most of these topic areas.
would like administration users to be able to log in and be able to choose from a list of users. From there, the administrator can submit information for the user just like the user can.
This is a kind of impersonation... and is a lot harder than it sounds. But how you do this depends on how your application authenticates users, authorizes users, and manages roles... which is a whole sub-specialty within asp.net (with it's own dedicated books actually).
1) How should my pages be laid out?
Carefully?
2) How should the Web.sitemap file look? Is there a nice way of creating a sitemap (maybe in memory?)
This is covered on MSDN quite thouroughly. Yes, you can create your sitemaps in memory. I've created sitemaps from data stored in a SQL DB a few times in the past, but I'd have no idea where to even start to explain it. You have to understand the base classes and interfaces used by sitemaps and then make a custom sitemap provider adapted to working with your data and rules for the site's structure.
3) Would this method have to use session variables?
Probably. Most sites with an awareness of "logged in user" need sessions. Not universally true, but nearly so.
I have one portal with 3 modules inside it, now my requirement is i would like to create
new portal for every client registered in my DNN site.
So, i have one interface for registration, so as soon as client registers entirely new parent portal should be created with all the modules.
How can i achieve this functionality ???
I would suggest digging into the admin files that come as part of the default DNN installation and look for the code that creates a new portal from there. It will ultimately be calling a stored procedure to create the necessary data in the SQL tables. You might get away with just calling the stored procs but the admin code probably calls several different ones to setup the default security settings.
Curiously what alias will each of these portals use? It's not clear why you need a complete portal for each user. The DNN segmentation already allows you to show different content based on role membership. Why the need for a whole portal per user?
Use the site wizard to create template of the current portal and during client registration programmatically execute the template. You may also want to automate the site setup in IIS.
Well, You can easily do it! Login to host and go to portals. Click on create new protal.
See which control is responsible for creating new portal. you can simaply get it by using firebug and look into client id of link or text box.
Once you do that, you will find the code you can use.
tell me if you need more help with it, I'm good with what you want to do!