I have an ASP.NET Core 5 MVC project that I want the admin to be able to send a file to a specific person and the information in this file is formed through a form.
Suppose an academic advisor has to send a separate syllabus to each of their students, which is a photo file. I have problems for every student in all areas such as database, downloading, uploading and displaying that image. I hope I could have explained it well
Please anyone who can help me
you can use a table in your database and save address of each file for each user you want. also use GUID file name for files and if It Has secure thing you can use Webapi interface Download (disable directly download) that check permission every time api called
Related
I have a requirement to configure the user's authorization per module per screen per action. For example, one user should be able to Create/Save WorkOrders in WorkOrder Module, but another user should only able to View/Delete WorkOrders. Similarly, a third user should only be able to View WorkOrders. This is an example of one screen. Now there are many screens in the application. Let's keep the actions same for all i.e. View, New, Update, Delete.
There is a reports module also, in which the user will create reports on the fly and add it into the application. So authorization is required here too. For example, a user can View/Print WorkOrder reports. But another user can only view reports. Let's keep the actions in reports only View & Print.
I am not sure Asp.Net Core built-in authorization is capable of this or not. What I have looked so far, it is not possible. Please correct me if I am wrong.
Now question is, how should I do this? I had a similar kind of requirement in a previously built application where I used database tables to store rights against each user and each screen. And upon log-in, I used to fetch that data, and then while loading the web page; I used to show or hide the relevant buttons & menus based on user's rights. But here in Asp.Net Razor Pages, the action method matters (If I'm not wrong), and certain functionality can be accessed via route. I am looking for some attribute-based solution.
I found this link with more or less above mentioned implementation using database tables and route URL to determine action name. So the URLs are saved in the database and on runtime they are checked and matched with the current URL and the user is authenticated.
Another link here, where the developer has used attribute-based filtering on action methods. But URL Routes are not being saved in the database or anywhere.
Are these the only & best solution to my problem? I have no problem implementing them, they look logical. But I just want to use the best available approach. Can anyone assist me with any other more suitable approach?
Is it possible to retrieve drl ex:https://host:port /ewebtop/drl/objectId/0900a58e80970f7b of document via .net application?.So that when users clicks on this link they can be able to edit the document and when they close the document the document should be autosaved onto documentum.
First of all: a link is a link. What you decide to do with it I u to you. Default handler in browser will just redirect you to webtop application. If you have SSO you can have the document opened for edit. There are some extra arguments that can be provided (view/edit).
The object id is the only varying part of the URL, so you can easily construct this in code.
Secondly: what is your goal? There is no way to make the document upload itself into Documentum repo. You can write a plugin for every application to handle that, but it seems like a big task - especially dealing with security.
The problem is that upon check-in, user must provide some information - at least about the new version number...
If you're building a thick client in .net I would go with DFS - that's the only real option here.
I am building a Javascript Web application with a Domino back end, using the Domino DDS REST api to do POST, PUT, and GET operations against the database. I want to use Authors and Readers fields in documents to control which users can see which documents and to give users with Author access in the ACL the ability to edit documents they have created. When doing a POST of a new document (implemented by the save() method of a new Backbone model) is there a way to designate one or more fields as Readers or Authors?
Doing a GET on an existing document returns a JSON object with an attribute named '#authors' containing the names and roles in the Authors fields. Is this attribute read/write?
Can I populate #authors with the desired values before doing a POST to have these values control author access?
My colleague says the Domino REST api makes no provision for setting Authors and Readers fields, and that this functionality can only be done through Java servlets. Is this right?
I'm not familiar with the Domino DDS REST API, but from what I gather it is doubtfull that when POSTing a document, you get to chose the type of the fields. I suspect they all end up as text.
What you could do however is to link the action of your form to a Domino agent which, using the backend Java or LotusScript API, will be able to control precisely the final shape of your document, hereby allowing you to fully utilize the powerfull security model of Domino.
Nevertheless, keep in mind that at some point, your users will have to authenticate against the Domino Directory. Depending where your users originally log in, you may need to talk to your Domino administrator to sort out a Single Sing-On scheme linked to your other directory.
Alternatively, you could take advantage of the fact that Domino is also a web server and an application server : you can build your HTML form in there, starting with a Domino form (simple) or an xPage (a bit more complex).
You may want to have a look here.
Some would say that you could even build your whole application in Domino, as using it as a mere back-end data repository is akin to using a Rolls-Royce to ferry potatoes, but I suppose that you and your organization have good reasons to do so.
Finally you could also completely ditch Domino and use another nosql database like MongoDB, but that would only displace your access control problem.
You can post data back to Domino and nominate a form to use. If you use the 'computewithform=true' parameter and the form design includes the authors/reader fields you need, this will set the field flags correctly and automatically.
I have the need to add a licence field to the APIs published by the API manager.
It does not seems to be any extension point beyond the api.rxt file in the resource folder.
If I modify the file and run the application the carbon app correctly show the added field, but nor the publishe nor the store are able to get the field and there is no way to get it also with REST APIs since it calls a method of a class that (in later versions) outputted fields positionally.
Is it possible to add the field, without running the risk of crashing the API Manager?
Which is the correct way?
Thanks
This change cannot be done without modifying the code. When an API is created from the Publisher app, it gets stored in the registry. The api.txt you modified, only defines the structure of this stored artifact. It may add a new field to the artifact, but to correctly populate that field, you need to modify several methods in APIProviderHostObject and APIProviderImpl + several Jaggery scripts.
I am currently investigating the possibilities of different CMSs for a company-site.
Done quite a few projects in classical ASP, ASP.NET, Joomla etc..
I would like to use Umbraco 5 for the first time.
For that project we have a SQL-Table with Job-Opportunities:
like: JobName, Department, Description, etc..
These should be listed on a page. In ASP.NET I would use something like a Repeater, etc.. with PageSize option and automatic paging.
In the Backend (Backoffice in Umbraco, I assume) there has to be an Insert/Edit/Delete Page with the corresponding input boxes, which are maintained by the company employees, not by web-developers.
Which route should I look at? I am completely stuck, is there an example anywhere?
Can I use my own data-tables, or could/should I use the Umbraco content tables for this?
Thank you,
Reinhard
Welcome to Umbraco.
If you choose to use a pre-existing database, you're going to need the following pieces:
an ORM to access read/write the data
a custom hive provider for that data to allow for Umbrace to read it as an entity
a custom tree to allow for editing and adding data in the backoffice
a macro to display the content on the frontend.
http://web-matters.blogspot.com/2011/11/umbraco-5-hive-provider-tree-editor.html
is a great place to start.
As you're probably picking up on, this is a lot of work.. so, most importantly: Are you trying to maintain two applications?
If so, do you really need to be able to edit the list in both applications? Your task would be much simpler if you only allowed editing from the other application, and displayed the read-only list using web services.
If not, ditch the custom database. Umbraco 5 is a full EAV/CR system, so unlike some CMS products, you'll be able to represent any rdbs structure you can imagine. The simplest way would be to create a custom document type with those properties to represent a job opportunity, and store those job opportunities on a new node in the content tab.
About document types: http://our.umbraco.org/wiki/how-tos/working-with-document-types