Select the search type
  • Site
  • Web
Search
You are here:  Support/Forums
Support

Bring2mind Forums

Forums > Document Exchange > API
DMXWebService bug in SimpleDeleteEntry (with path)
Last Post 06/02/2010 7:40 PM by Peter Donker. 5 Replies.
Sort:
PrevPrev NextNext
You are not authorized to post a reply.
Author Messages
Walter Nicholls
New Member
New Member
Posts:8


--
05/13/2010 1:21 AM

Hi Peter,

I'll make this quick: SimpleDeleteEntry fails (with "Entry not found.") because it fails to check credentials.

From 5.2.6 part source, DMXService.asmx.vb  around line 97 - add the line in bold:

  _
  Public Sub SimpleDeleteEntry(ByVal EntryId As Integer, ByVal HardDelete As Boolean)
    Authenticate()
   '$$ Public Sub SimpleDeleteEntry(ByVal EntryId As Integer)

   Dim Entry As EntryInfo = EntriesController.GetEntry(_portalId, EntryId)
   ......

Looks like similar problem in CopyOrMoveEntry() and LockEntry() - but I'm not using those so I

If you're able to incorporate this fix in an updated DMX reasonably soon (weeks) then it'll save me the bother of trying to work out how to deploy a patched version myself!

Also - DMXService fails in numerous ways if you try to log in as super user. This is because it doesn't set PortalID from the passed-in credentials, using -1 instead.  The way I'm using the webservice, this almost always results in silent failures, when things like GetCollectionContents return empty datasets. I can't see the logic in this, since super users can log into any portal and a portalID is given with the login request.
Walter Nicholls
New Member
New Member
Posts:8


--
05/13/2010 1:22 AM
Title of the thread is supposed to say "with PATCH" !
Peter Donker
Veteran Member
Veteran Member
Posts:4536


--
05/31/2010 2:57 PM
Hi Walter,
Thanks.
Peter
Peter Donker
Veteran Member
Veteran Member
Posts:4536


--
05/31/2010 3:03 PM
Hi Walter,

Indeed the superuser has no way of using the service as he/she has no portal. But I was under the impression that the login correctly set the portal ID though. Do you see any error messages?

Peter
Walter Nicholls
New Member
New Member
Posts:8


--
05/31/2010 11:55 PM

It's the other way round - the superuser can log in to any portal, but then nothing works!  From DMXService.asmx.vb line 489

UserInfo = UserController.ValidateUser(Credentials.PortalId, Credentials.Username, Credentials.Password, ...)

This succeeds.  But then later on ...

   If Not objUser Is Nothing _
   AndAlso Not objUser.IsSuperUser _
   AndAlso objUser.Membership.Approved = True _
   AndAlso objUser.Membership.LockedOut = False Then
    'everything is fine.
    _portalId = Me.Credentials.PortalId
   End If

It explicitly does not copy the portal ID from the passed in credentials if the superuser has logged in.  _portaID remains with its initialized value - _portalId As Integer = -1

I think you probably intended to throw a security exception at this point - most of those checks are redundant, locked out and unapproved have already.  Actually you could probably just quietly remove the line "AndAlso Not objUser.IsSuperUser" if you wanted and it would start working.

Anyway, the result is that any webservice call that uses the portalid is stuffed. As I said, in most cases that means 0 results returned from queries,  for example GetEntry() effectively becomes..

select ... from dnn_DMX_Entries where portalID=-1 and entryID= @ENTRYID

.. which will never find anything.

 

 

 

 
Peter Donker
Veteran Member
Veteran Member
Posts:4536


--
06/02/2010 7:40 PM
Hi Walter,

I see it now! Sorry. Yes ... that will be dealt with forthwith. Expect that fixed in 5.2.8.

Peter
You are not authorized to post a reply.
Forums > Document Exchange > API
© 2024 Bring2mind Terms Of UsePrivacy Statement