Using MVC3 I am trying to come up with method of checking the database to see if a user is allowed access to a folder. The administrator has individual control over each user's permission to courses, so I cannot control this from web.config.
The screenshot below provides an example of what I am trying to accomplish: courseA is an example of one of many folders that only certain users will be allowed access to. My thinking is that I could use a CourseController action like OpenCourse(int id) to check against the db if a user has access to a course, and if so then "allow access" to the entire course folder and open the player.html file contained within it. The user's permission to each file within courseA folder would probably need to persist for the user's session.
Is it even possible to do something like this from within the MVC View folder, or should the courseA folder sit somewhere else?
You can enforce this sort of restriction in your database calls. You could say for example:
var courses = ListCoursesForUser(userId);
Then when accessing a specific course you can reuse this:
public doSomethingWithCourse(courseId, userId)
{
var courses = ListCoursesForUser(userId);
if(courses.Any(c => c.courseId == courseId))
{
}
}
Related
I'm setting up a new share that I've enabled enumerated access on. I'm looking to limit people access to files on a certain folder. I've setup other folders that restrict access unless your in a security group. This folder thats giving me trouble was copied over from another network share. When I create a folder from scratch everything works fine so I'm curious if thats whats giving me issues.
The folder I'm trying to access is
x:/Limerock/Projects/"Project Name"
If I go into the security tab and check my effective access it says that I have full control:
The user I'm signed into is joe.jankowiak which is part of the Domain Admins security group. Domain Admins owns all the folders in above this and has full control.
When trying to enter the folder it tells me I need to request permission. I'm an admin so it goes through and adds "joe.jankowiak" to the full control list in the security permissions.
Why is it not taking my domain admin credentials to enter this folder? I'm seeing other weird behavior such as it saying "Unable to display current owner." and "You must have read permissions to view the properties of this object". Clicking continue lets me see it.
Everything looks right, I've setup 6 other new folders in the exact same manner and they work fine. I've signed in and out many times but it hasn't fixed it. Weird enough, another computer I signed into lets me access the folder just fine. Is there a way to reload file permissions since logging in/out doesn't seem to do it. Is there a command like gpupdate that I should run?
I have seen this before andyou might need to do the following operations in order:
-Replace Ownership on the folder and replace all child object ownership too=>apply or OK
-Close the security properties and re-open it again
-Add Domain Admins as full control and Replace all child object permissions... =>apply/OK
That should do it
hi guys im pretty new in laravel 4.2 i have a project that stores file in the server and what i did based from the opinion of other people, when the user saves a file it goes to app/storage/uploads my problem is when i know the url to the file, it still have access to the file. for example it is a pdf file, it opens in the browser or if it is doc, xls, xlsx etc it triggers a download what i'm tying to do is when the user tries to access that url, it would go to a certain view informing them that the folder is restricted so far i have this on my routes
Route::get(storage_path().'uploads/{all?}' , 'sample#restrict');
then in my controller
public function restrict()
{
dd("WHOOOPS!"); //for trial purposes
}
any ideas what im doing wrong? thanks in advance
With normal configuration web server has access only to a public directory.
If you set public directory as root for a virtual host, noone will be able to access app or storage directories which are outside public.
I would like to create logfiles for my application in an user independent lactation. AFAIK C:\ProgramData is good place for that.
I've tried it this way:
if not DirectoryExists('C:\ProgramData\MyApp') then
CreateDirectory('C:\ProgramData\MyApp', nil);
LogFileStream := TFileStream.Create('C:\ProgramData\MyApp\LogFile01.txt', fmCreate, (fmOpenRead or fmShareDenyNone));
The problem with this approach is that the created filed does not have Authenticated Users nor Everyone in Properties->Security->Group or user names.
This results in other users being unable to modify the created files.
But how can I achieve this, also other users being albe to modify the created files.
I think it must be possible to have files with this permission there. Some files do have this permission e.g. C:\ProgramData\Microsoft\Windows\Ringtones\Ringtone *.wav
Maybe either in
1.) somehow creating a 'MyApp' folder in C:\ProgramData with Authenticated Users or Everyone permission which would result in TFileStream automatically creating files with the same permission or
2.) somehow telling TFileStream to create the files with the required permission or
3.) somehow changing the files permission with some API function after its creation or
4.) some other way??
The default permissions in C:\ProgramData, aka FOLDERID_ProgramData allow any user to create new files and folders. However, only the user who creates the file or folder has permission to write to it.
So, if you wish to allow any user to modify objects under FOLDERID_ProgramData then you need to add a permissive ACL to grant those rights. You would typically do that when you installed your program. Create a folder under FOLDERID_ProgramData and add an ACL to grant rights to whichever class of users you wish to allow full access.
As an aside, clearly you should not be hard coding C:\ProgramData, but instead using FOLDERID_ProgramData with the known folder API. I guess the code in the question is just for testing, and your real program code does it correctly.
This is a google spreadsheet script question.
I have a GUI setup in order to search for "SouthWest" and then find a "test" sheet. This is the code I am using.
var file = DocsList.getFolder("SouthWest").find("test");
This works just fine when I run it under my account (as I have this folder and file setup correctly) but when another user is logged into google docs it will attempt to search for this folder/file under the new user instead of the owner of the document. Is there a way to have it just search the DocsList of the owner of the spreadsheet that is currently open? The error that I get under the new user is "Error encountered: Cannot find folder SouthWest." Thanks.
If you always want to access the same file, you can use the getFileById method and address it directly instead of searching every time:
https://developers.google.com/apps-script/class_docslist#getFileById
Of course, you should make sure that all users are allowed to access that file.
I have created an asp.net application in which i have used global.asax. I have created a static class which stores user information such as LoginID, CompanyID etc using properties. A property IsLoggedIn indicates whether user logged in or not. I have created a method ResetAll() within the same class to reset those properties.
The problem is that if the user directly closes the browser window without logging off the property values are not resetted. Therefore if the user opens a new browser window, the user is logged in automatically. I have also called ResetAll() within from Session_End() but still it is not working. Could someone explain me whats wrong with that or simply how to reset the property values if the user directly closes the browser window.
If I am reading this correctly and you have a class with static members, then you are going to run into issues. With an ASP.NET web app, static members are static for the entire AppDomain, not just for an individual user, so the values would be the same no matter where the request has come from.
It sounds like what you really need to think about doing is storing an instance of the user information class in the session. That way the information is specific to that particular user. Also, that should solve your issue as the session cookie is normally removed when the browser window is closed, forcing a new session when the browser window is re-opened.
So something like:
Dim thisUser As New UserInformation()
thisUser.LoginID = someValue
Session("UserInformation") = thisUser
You cannot make the class static. Worse than keeping the user logged in across sessions is the fact you cannot have multiple users in your system. They will all share the same login information. You should read about static.
What you want is to store an instance of that class in the session and access it whenever you need.