Search code examples
c#episerver-7episerver-relate+

EPiServer Community member Avatar error

I am developing EPiServer CMS 7 MVC site with Community. I am trying to get and display member Avatar (Avatar exist physically in Contributed files folder). Here is my code:

        var user = CurrentUser;
        var image = user.GetPortraitUri(ImageSize.Huge).ToString();

variable image gets value:

        http://localhost:18000/EPiServerCommunity/Modules/ImageGallery/ImageHandler.ashx?imageId=7&thumbnailId=10

But on View I see only image icon (like when can't upload or display image). When I am trying to open this image link in new tab its redirect me to EPiServer login page. I cant understand why it redirect me to login page if user is authorized. Any ideas?

Additional information: I installed EPiServer Relate site using Deployment center. There is the same way of getting user Avatar on EditProfile user control or on MyPage. And when I am trying to open image in new tab using getted Url I see it. I think there can be some permissions in Web.config file , but I dont know ....

Add new information (11/10/2014). The problem is in section I mean in section of EPiServerCommunity section. When I changed to deny in installed previously EpiServer Relate site than I am getting login page when I am trying to open image. In my web.config file I changed all deny to allow, but still I am getting login page when I am trying to open image by url. I guess Episerver doesnt see this section in web.config file.

Add new information (11/11/2014). I added one more role "Everyone" to of section. I see that when I am trying to open localhost:18000\episerver it skip login page. I added the same role "Everyone" to EpiServerCommunity section. Now it looks:

<location path="EPiServerCommunity">
<system.web>
  <pages enableViewState="true" />
  <authorization>
    <allow roles="CommunityAdmins,CommunityModerators,Administrators,Everyone" />
    <allow users="*" />
  </authorization>
</system.web>

But I am still getting login page when I am trying to open image by url :(

P.S. This question I posted in EPiServer World, but I hope I will get answer here more quickly.

Solution

  • Resolved my problem. EPiServer skips permitions in location section. I created class CommunitySecurityModule with events DefaultSecurity_CreatedUser and MyPageHandler_Register where I set Owner to ImageGallery and other AccessRights for newsfeed and etc. Now when I had registered user and added it to System 

            newUser = CommunitySystem.CurrentContext.DefaultSecurity.AddUser(newUser);

    it calls MyPageHandler_Register and sets all rights:

            var user = e.Object as IUser;
        if (user != null)
        {
            var myPage = MyPageHandler.Instance.GetMyPage(user);
            if (myPage != null && myPage.ImageGallery != null)
            {
                foreach (var imageGallery in myPage.ImageGallery.Children)
                {
                    var imageGalleryClone = imageGallery.CreateWritableClone() as ImageGallery;
                    imageGalleryClone.SetOwner(user);
                    ImageGalleryHandler.Instance.UpdateImageGallery(imageGalleryClone);
                }
            }
        }

    Implementation of SetOwner method below:

        public static void SetOwner(this ImageGallery imageGallery, IUser owner)
    {
        imageGallery.SetAttributeValue("Owner", owner);
    }

    Implementation of DefaultSecurity_CreatedUser:

        private void DefaultSecurity_CreatedUser(ISecurityHandler sender, ICreateUserEventArgs args)
    {
        // Add user to the community members group
        var group = CommunityMembersGroup;
        var addedUser = args.User;
        addedUser = (IUser)addedUser.CreateWritableClone();
        addedUser.Groups.Add(group);

        // Update the user
        CommunitySystem.CurrentContext.DefaultSecurity.UpdateUser(addedUser);

        // Set access rights to the newly created user
        // Access right for anonymous users
        var anonAccessRights = new ReadModifyRemoveAccessRights
        {
            Read = true,
        };
        EntitySecurityHandler.Instance.SetAccessRights(addedUser, AnonymousGroup, anonAccessRights);

        // Access right for community members
        var communityMembersAccessRights = new ReadModifyRemoveAccessRights
        {
            Read = true,
        };
        EntitySecurityHandler.Instance.SetAccessRights(addedUser, group, communityMembersAccessRights);

        // Access rights for administrators
        var adminAccessRights = new ReadModifyRemoveAccessRights
        {
            Read = true,
            Modify = true,
            Remove = true
        };
        EntitySecurityHandler.Instance.SetAccessRights(addedUser, AdministratorsGroup, adminAccessRights);

        // Access rights for the added user
        var userAccessRights = new ReadModifyRemoveAccessRights
        {
            Read = true,
            Modify = true,
            Remove = true
        };
        EntitySecurityHandler.Instance.SetAccessRights(addedUser, addedUser, userAccessRights);

        // Access rights for moderator
        var moderatorAccessRights = new ReadModifyRemoveAccessRights
        {
            Read = true,
            Modify = true,
            Remove = true
        };
        EntitySecurityHandler.Instance.SetAccessRights(addedUser, ModeratorsGroup, moderatorAccessRights);
    }

    Note: Before that you should create Attribute "Owner" of type IUser for type ImageGallery in admin panel.