I have a page say xyz which contains many sub pages. Some of the subpages are "CUG enabled". In my jsp I am calling currentPage.listChildren() but this is listing the CUG enabled pages only if I login as an admin. If anonymous user hits the url for this jsp then the CUG enabled pages are not listed. Below is my jsp code:
Iterator<Page> itr = currentPage.listChildren();
while(itr.hasNext()) {
Page ctxPage = itr.next();
String url = hostName + ctxPage.getVanityUrl()+".html";
%>
<a href="<%=url%>"><%=url%><br/>
<%
}
}
I also tried logging-in to the workspace as an admin using the method described here, but it didn't work.
Any help is appreciated, Thanks!
I think this behaviour is intented - only users belonging to the user group specified as the CUG can view these pages.
Now it depends for what purpose you need to list those pages.
The easiest solution would be to add the "everyone" to the Admitted Groups in the CUG-Section of those specific page properties. But that's defeating the purpose of having CUG in the first place.
CAUTION: Doing so would allow "everyone" to access those pages - which might not be what you want.
ADDITION:
If you want to preserve access rights you need to go down to node level and access the repository directly.
Here it is shown how you can get a "Resource Resolver with admin rights":
https://cqwemblog.wordpress.com/2013/12/29/ways-to-access-jcr-repository-in-cq5/
You could then use this resource resolver to fetch your page and access it's children.
Related
We would like to keep the ideas we have previously presented to (non logged in) clients, but which are no longer "current". We set them to being private WP posts, so that they are no longer available to non logged in users. However, we would like to redirect anyone who clicks on that original link to a page which shows all of the currently active ideas instead.
Research led me to the solution below, but in our case we need to redirect to a specific url in each case. Our theme (the amazing Total theme from WP Explorer/AJ) does have a field for the redirect url to be entered at post level, but actually the value of the url is determined by the value of a custom taxonomy on a post ie all posts with that Taxonomy should redirect to the same url in all cases.
add_action('template_redirect', 'your_theme_private_posts_redirect', 99);
function your_theme_private_posts_redirect()
{
if (is_single() && 'private' == get_post_status(get_the_ID())) {
wp_safe_redirect(home_url());
exit();
}
}
Credit https://stackoverflow.com/questions/68954429/wordpress-how-to-redirect-private-custom-post-types
I understand that the above code would redirect all private posts to the home url, but how can I adapt it to do the following:
a) Only to apply to non logged in users and b)to set the url to be the value held in the redirect field on the post OR (better still) a custom field on the agency_artist custom taxonomy for that post. Hoping someone can help!
I'm trying to redirect the user to another page (default/news) after the login(on default/index) but no matter how much i tried i couldn't get it done. I'm using the login available in the navbar.
I've added this line to db.py
auth.settings.login_next=URL(r=request, c='default', f='news')
Everything in the default controller is the same it includes
def news():
message = "Welcome to News!"
return locals()
I've also tried with this
auth.settings.login_next=URL('news')
Which doesn't work either. Please Help.
Edit:
After searching for days i've found the answer here This is how you do it.
#In layout.html change
<ul id="navbar" class="nav pull-right">{{='auth' in globals() and auth.navbar(mode="dropdown") or ''}}</ul>
# to
<ul id="navbar" class="nav pull-right">{{='auth' in globals() and auth.navbar(mode="dropdown",referrer_actions=None) or ''}}</ul>
And again a change in db.py
#In db.py add these lines:
auth.settings.login_next = URL('news')
That worked for me.
The auth.settings.login_next URL is only a default in case there is no referrer already in the login URL (the referrer is in the "_next" query string variable). The navbar automatically includes a referrer in the auth action links (set to the URL of the current page) -- to override that, you can explicitly specify thereferrer_actions argument and exclude actions for which the referrer should not be set:
{{=auth.navbar(..., referrer_actions=['register', ...])}}
It's now April 2016, and while the original question is still highly relevant, it appears that web2py has changed and the modifications suggested above to layout.html are no longer relevant. There is no reference to "auth.navbar" in the standard layout.html.
The good news is, that all one needs to do is include the python code described above in the default.py controller and it works. Note, I put it in the 'user' function, I'm not sure if that is the best place to put it as most comments just say to put it in 'the controller', without specifying a function.
def user():
auth.settings.login_next = URL('default','dashboard')
return dict(form=auth())
I was able to redirect to a user's home page after login/signup by putting the following code in my product info page.
This way, when they get redirected back to the welcome-product-info page, I check to see if they came from login or signup and direct them to where they should go.
I'd love to find way to use auth.settings.login_next
#
def info():
# If just signed up or just logged in, go to the user's home page and not
# back to this product landing page that referred them
if auth.is_logged_in():
if '/default/user/login?_next=/fnd/home/info' in request.env.http_referer:
redirect( URL( 'user', 'show_campaigns') )
if '/default/user/register?_next=/fnd/home/info' in request.env.http_referer:
redirect( URL( 'user', 'show_campaigns') )
return dict()
I have a link pointing to restricted page. When I access the link directly in logout status, its redirect to 404. Actually it should redirect to login form.
I tried:
config {
typolinkLinkAccessRestrictedPages=PAGE_ID
typolinkLinkAccessRestrictedPages_addParams = &return_url=###RETURN_URL###&pageId=###PAGE_ID###
}
Not working.
Also I tried the login status redirect plugin, no use.
Anyone know how to do this? I am using TYPO3 version 4.4.8.
As this is still unanswered, does this help?
Valid for TYPO3 < 8.x
# Check if user is logged in:
[usergroup = *]
# do something
[else]
page.config >
page.config.additionalHeaders = Location: http://www.yourdomain.org/login.html
[end]
I recently posted this to another questions and it crossed my mind that it might be a suitable workaround for your probem.
Found here
I'm not sure how to make redirection work correctly, but perhaps a bit of background will be helpful.
typolinkLinkAccessRestrictedPages only interacts with link generation. That way, anywhere you have a link to an access restricted page, you should get a link that points to the "PAGE Id" page. I suspect you are using your login pid in place of PAGE Id, which I guess should work, but I haven't used this particular feature. I have typolinkLinkAccessRestrictedPages = NONE which makes all links show up, linked to the correct url, but only users who are logged in will successfully load those pages.
If anyone, without being logged in, uses a bookmark to an access restricted page, or they click on one of these links, or directly type in the address, or whatever, they will run into TYPO3's 404 handling (with the error message: ID was not an accessible page). To change how TYPO3 handles these errors, you need to change what TYPO3 does via this setting in localconf.php:
$TYPO3_CONF_VARS["FE"]["pageNotFound_handling"]
I don't know if there's a clean way to just automatically redirect to the login page without hacking the pageNotFound_handling.
As far as the typoscript solution, that wouldn't work for my site, because the trigger isn't whether or not someone is logged in (often they will not be logged in)--the trigger for my site is trying to access a protected page when you are not logged in. I don't want it to redirect everyone who isn't logged in because a lot of pages don't require any login.
Fe_login cannot alone do this...
Follow these steps::
Install "pagenotfoundhandling" extention after felogin login
configuration.
Configure 403 page as login page in "pagenotfoundhandling" extention configuration.
Then, when you try to access "Access restricted page", "pagenotfoundhandling" will redirect to login page then pagenotfoundhandling handle redirect to again requested page. I have tested this on TYPO3 6.2.14
And I found an other workaround that looks like it should work fine.
# pages and subpages starting at 123 and 321 are restricted
[PIDinRootline = 123,321] && [loginUser = ]
page.headerData.666 = TEXT
page.headerData.666 {
data = getIndpEnv:TYPO3_REQUEST_URL
wrap = <meta http-equiv="refresh" content="0; URL=/passwort/?referer= | " />
}
[global]
Important notice: Do not restrict the complete page, only all contents of the page. Otherwise RealURL will trigger the 404 handler.
At the moment page.config.additionalHeaders (like used by #Mateng) does not support stdWrap, though you cannot add a referrer to redirect to the desired page after login (see TYPO3 Forge and vote for feature request).
Complete solution :
1. first in typo3conf/LocalConfiguration.php you have to add:
'FE' => [
'pageNotFound_handling' => 'REDIRECT:/login/',
"pageNotFound_handling_statheader" => 'HTTP/1.1 404 Not Found',
...
],
then add to typoscript :
'
config {
typolinkLinkAccessRestrictedPages = YOUR_LOGIN_PAGE_ID
typolinkLinkAccessRestrictedPages_addParams = &return_url=###RETURN_URL###
}
plugin.tx_felogin_pi1.redirectMode = referer
'
Because there seems no proper solution for this behaviour of TYPO3, I use the following workaround with RealURL.
Create a 404 page in TYPO3
set the Speaking URL path segment to "404-error" and check
Override the whole page path
Add a text that describes what is happening (i. e. "Page doesn't exist or is restricted, please login")
Add the felogin plugin to that page and hide it when users are logged in
Set [FE][pageNotFound_handling] = /404-error/ in the install tool
This 404-error page is shown every time a user requests a page that he is either not allowed to see or a page that does not exist. When the user uses the login form on the page, he will find the proper content immediately after login because the URI did not change at all (when there is no redirect configured for the fe_login plugin).
Problem:
I have a webforms app where every page inherits from BasePage.cs
I also have another class AuthenticatedBasePage.cs which inherits from BasePage.cs
BasePage.cs has some code which finds out if a Forms Authentication cookie is set, and if so, sets a IsAuthenticated boolean flag and a MyAppUser object (only has properties such as name, age, gendery) which means every page on the site can see if the user viewing the page is logged in or not, and if so, read the values of MyAppUser.
AuthenticatedBasePage has an additional feature where if anyone tries to browse to a page inheriting from this class are not authenticated, they are redirected to the login page with a 'returnurl' querystring variable set.
I would to have a similar setup in my MVC2 app. I've done a fair bit of reading that says I shouldn't reference HttpContext in my BaseController.cs (which all my controllers inherit from) as that means I can't unit test it. My first question is, how can I make the IsAuthenticated and MyAppUser objects available to every page? Secondly, how do I create pages which only authenticated users can access, and if they are not authenticated, they get redirected to the login page with the returnurl querystring variable set?
Many thanks,
A.
P.S. I'm not using the MembershipSchema, I'm only using the FormsAuthentication.SetCookie method.
What you want is the Authorize attribute. This article has a great explanation of how to use it with forms authentication.
When I go to /_layouts/groups.aspx in my site collection, I only see the first 100 groups. There is no pagination control visible. How do I correct this, to work with more than just the first 100 groups?
You can also modify this view through the standard UI, rather than using code if you need to:
Browse to "http://<site collection url>/_catalogs/users/AllGroups.aspx"
Site Actions-> Edit Page
Modify the List View web part
Under Selected View click the "Edit the current view" link.
You can now edit the view settings like any other in SharePoint.
That list is a sharepoint internal list which cannot be accessed through the API and must be hit by utilizing the object model.
Assuming you're familiar with the SharePoint API,
You need to access your site programmatically
then access the users and groups list, then access the default view on it, and set it's paging property to true.
static void Main(string[] args)
{
//Access the site
using (SPSite _site = new SPSite("http://myurlwithport:800"))
{
//Substitute the appropriate web if it is not the root
using (SPWeb _web = _site.RootWeb)
{
// This is always the name of the users list
SPList userList = _web.Lists["User Information List"];
//This is the view that is causing you trouble
SPView allGroupsView = userList.Views["All Groups"];
//Set this value to true if it is false.
Console.WriteLine(allGroupsView.Paged);
//Set this value to whatever you want if you don't want paging
Console.WriteLine(allGroupsView.RowLimit);
Console.ReadLine();
}
}
}
Hope this does it for ye.
EDIT
Based on OP comments
There is a RowLimit property that you can change instead if you want.
I've added it into the code provided.
I want to share some additional clarification to Michael M's suggestion on updating the "AllGroups.aspx".
Initially, I used a regular Site Collection admin account to access the
"http:///_catalogs/users/AllGroups.asp" page and got access denied.
I then used another Site Collection admin account who's also in the Windows admin group for the SP server and still got access denied.
Finally, I used the SharePoint 2010 Farm admin account that we used to setup the Web App/App Pool, and that finally gave me access to the page.