<< DNN 4.0 loads Provider classes with case-sensitive names. | Home | MetaBuilders.ComboBox compile with Visual Studio 2005 >>

DotnetNuke Changes to Promote User to SuperUser

I implemented mixed Authentication for DotNetNuke ( Use Windows Integrated Authentication for seamless logon intranet logon and use Forms authentication for users unable to use Windows Integrated authentication), similar to as I did it before for my ASP.NET application . See my previous post about some problems that I had.

It is also required to promote imported from Active Directory Administrator user to SuperUser. The current DNN core doesn't support this.It only allows to create a new SuperUser.

I had to add a new link button “Make SuperUser” to ManagedUsers.ascx.
Some code was added to hide the button according to user permissions(set Visible=false for a new button in the same places where cmdManageRoles.visible=false)

In Click event I've added call to add user to Asp.NET membersip (“dnn-1“ application for SuperUser) and update dnn_user table to set SuperUser=1. The current UserController.UpdateUser method doesn't allow to change SuperUser flag, so new Stored Procedure and method has to be created.

        Protected Sub cmdSuperUser_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles cmdSuperUser.Click

            ' update the user record in the database

            If Not UserInfo.IsSuperUser Then Exit Sub 'Only SuperUser can make another SuperUser

            Dim objUsers As New UserController

            Dim ObjUser As UserInfo

            ObjUser = objUsers.GetUser(PortalId, UserId)

 

            If Not ObjUser Is Nothing AndAlso ObjUser.IsSuperUser = False Then

'Required to force load from AspNetSecurity.Membership.GetUser 'see http://geekswithblogs.net/mnf/archive/2006/03/15/72324.aspx
Dim userMembership As Entities.Users.UserMembership = ObjUser.Membership

                ObjUser.PortalID = -1

                ObjUser.IsSuperUser = True

                Dim objStatus As AspNetSecurity.MembershipCreateStatus = UserController.CreateInMembershipProvider(ObjUser)

                Select Case objStatus

                    Case MembershipCreateStatus.Success, MembershipCreateStatus.DuplicateUserName

                        'Update User doesn't update IsSuperUser flag

                        SetSuperUser(ObjUser)

                    Case Else

                        UI.Skins.Skin.AddModuleMessage(Me, objUsers.GetRegistrationStatus(objStatus), UI.Skins.Controls.ModuleMessage.ModuleMessageType.YellowWarning)

                End Select

 

            End If

        End Sub

        'Should be a part of UserController

        Public Sub SetSuperUser(ByVal objUser As UserInfo)

            Dim objSecurity As New PortalSecurity

            Dim objUserController As New UserController

            'HACK, should be methods in DataProvider and SQlDataProvider,

            'SP with DatabaseOwner & ObjectQualifier

            'DataProvider.Instance.SetSuperUser(objUser.UserID,ObjUser.IsSuperUser )

            Dim sSQL As String = "exec dbo.dnn_User_SetSuperUser " & objUser.UserID & " , " & Convert.ToInt16(objUser.IsSuperUser)

            Microsoft.ApplicationBlocks.Data.SqlHelper.ExecuteNonQuery(DotNetNuke.Common.Utilities.Config.GetConnectionString(), CommandType.Text, sSQL)

 

        End Sub

 

I've also re-factor UserController class to separate function CreateInMembershipProvider that was a part of AddUser Function.

        'mnf 16/3/2006 added to call from SetAsSuperUser

        Public Shared Function CreateInMembershipProvider(ByVal objUser As UserInfo) As AspNetSecurity.MembershipCreateStatus

            'Dim UserId As Integer = -1

            'Dim Status As UserRegistrationStatus

 

            Dim objSecurity As New PortalSecurity

            Dim objStatus As AspNetSecurity.MembershipCreateStatus = AspNetSecurity.MembershipCreateStatus.Success

            If objUser.IsSuperUser Then

                Common.Globals.SetApplicationName(Common.Globals.glbSuperUserAppName)

            Else

                Common.Globals.SetApplicationName(objUser.PortalID)

            End If

 

            Dim objMembershipUser As AspNetSecurity.MembershipUser

            objMembershipUser = AspNetSecurity.Membership.CreateUser(objSecurity.InputFilter(objUser.Membership.Username, PortalSecurity.FilterFlag.NoScripting Or PortalSecurity.FilterFlag.NoMarkup), objUser.Membership.Password, objSecurity.InputFilter(objUser.Membership.Email, PortalSecurity.FilterFlag.NoScripting Or PortalSecurity.FilterFlag.NoMarkup), Nothing, Nothing, objUser.Membership.Approved, objStatus)

            Return objStatus

        End Function

The Stored Procedure is created in the following script:

SET QUOTED_IDENTIFIER ON
GO
SET ANSI_NULLS ON
GO

create  procedure {databaseOwner}{objectQualifier}User_SetSuperUser
@UserId         int,
@IsSuperUser    bit

as

update {databaseOwner}{objectQualifier}Users
set    IsSuperUser=@IsSuperUser
where  UserId = @UserId


GO
SET QUOTED_IDENTIFIER OFF
GO
SET ANSI_NULLS ON
GO

  • Share This Post:
  • Share on Twitter
  • Share on Facebook
  • Share on Technorati
posted @ Wednesday, March 15, 2006 5:59 PM
Print

Comments on this entry:

# re: DotnetNuke Changes to Promote User to SuperUser

Left by Michael Freidgeim at 8/8/2006 4:34 PM
Gravatar
Host user shourd be in aspnet_users for application "dnn_-1" (name from aspnet_Applications joined by ApplicationId) as well as in in aspnet_Membership and dnn_Users.

# DotNetNuke Changes to Promote User to SuperUser

Left by erwin at 3/23/2007 3:40 AM
Gravatar
Ternyata user biasa dapat di ubah menjadi SuperUser. Dengan memodifikasi ManagedUsers.ascx, dan menambahkan

# re: DotnetNuke Changes to Promote User to SuperUser

Left by sanpaco at 8/24/2009 3:12 PM
Gravatar
Woudl it be possible to update this post so that it works with the current version of DNN? I keep getting an error trying to use the GetRegistrationStatus method: Error 36 'DotNetNuke.Entities.Users.UserController' does not contain a definition for 'GetRegistrationStatus' and no extension method 'GetRegistrationStatus' accepting a first argument of type 'DotNetNuke.Entities.Users.UserController' could be found (are you missing a using directive or an assembly reference?) C:\inetpub\wwwroot\dev\DotNetNuke_Community_05.01.01_Source\Website\DesktopModules\Admin\Security\AdvancedManagement.ascx.cs 40 81 http://localhost/DotNetNuke_Community/

# re: DotnetNuke Changes to Promote User to SuperUser

Left by Michael Freidgeim at 8/27/2009 5:54 AM
Gravatar
Sorry ,sanpaco, I haven't work with DNN for a while.

Your comment:



(not displayed)


 
 
 
 
 

Live Comment Preview:

 
«February»
SunMonTueWedThuFriSat
2930311234
567891011
12131415161718
19202122232425
26272829123
45678910

About
Article Categories
Archives
Post Categories
Links
Syndication:

RSS ATOM