Introduction

This lab will give you a step-by-step walk through on the new features in DotNetNuke x.3.4. I will discuss using the new Roles grouping, show you how to secure content and files using roles while also covering topics new to the x.3.4 release of the DotNetNuke framework.

PLEASE NOTE:

This lab assumes that you have followed the instructions in the blog entry entitled Creating a "Test Browser" for a True Preview without the Logout/Log-back-in Pain If you haven't, please follow this link to prepare this: More Info

Security and Role Management

Public Roles

• Log in as the Admin user
• Navigate to Admin > Security Roles
• Click “Add New Role Group”
• Name it “Newsletter Roles”
• Edit the description to say: “These roles allow the user to subscribe to different newsletters offered through this website.”
• Click Update to save your changes
• Next, Click Add New Role
• Create a role named “Free Newsletter”
• Select the Newsletter role group from the drop down box.
• By checking “Public Role” we will allow users to have the ability to add themselves without payment.
• Click Update to save your changes.
• Log in with the test browser
• Log in as your test user.
• Click on your name to access your Profile page.
• Click on Manage Services
• Click the Subscribe link to add yourself to this public role.
• Navigate back to Manage Services to confirm your changes.

Public Roles (Paid)

• Log back n as the Admin user
• Navigate to Admin > Security Roles
• Create a new role name it “Paid Newsletter”
• Select the Newsletter role group from the drop down box.
• Check “Public Role”
• Drill into Advanced Settings
• Enter a service fee of 25.00
• Enter a Period of 1 and choose year from the dropdown box.
• Enter an RSVP code of hello2
• Choose the book_dummies1.jpg as the icon
• Click Update to save your changes.
• Now go to your Admin>Site Settings page
• Update your advanced>payment settings to have your email address in the processorid field.
• Click Update to save your changes.
• Switch back to the test browser
• Log in as your test user.
• Click on your name to access your Profile page.
• Click on Manage Services
• Click the Subscribe link to add yourself to the paid role.
• Since this is a paid role, it is going to try to send you to the Paypal website.
• This would work if we had it hooked up – since we are using a non-existant account (most likely) then this should ask us to log in.
• Click back to go back to the portal.
• Navigate back to Manage Services and type in the hello2 code to add yourself to the role using a pre-sent RSVP code.
• Go to the Manage Services Link and check to see if you are, in fact, added to the Paid Newsletter Role.

Using Roles to Manage Content

• Log back in as the Admin user
• Navigate to Admin > Security Roles
• Click “Add New Role Group”
• Name it “Editing Roles”
• Click Update to save your changes
• Create a new role
• This time, don’t make it public
• Name the role “Home Page Editor”
• Make it a part of the Editing Roles group
• Click Update to save your changes
• Click the dropdown next to filter by role group and choose Editing Roles
• Click the Pencil next to Home Page Editor
• Click Manage User in this Role
• Click the dropdown under Username to choose your test user
• Click Add to assign this user to the Home Page Editor Role
• Now – we are going to grant this user, and all home page editors, the ability to edit the home page.
• Navigate to the Home page.
• Edit the settings for the page.
• Click the down arrow to filter the available roles by Editing Roles and check the box under Edit Page for the Home Page Editor role.
• Click Update to save your changes.
• Now let’s use our test browser to view what the home page looks like as a page admin.
• Notice that edit permission is not inherited for the modules on a page based upon the page edit settings. We are able to still edit the containers for the modules and other settings like that, but are not able to edit the actual content of a page unless we have edit rights for each module.
• Notice that the Add Page link is still enabled – this is a new feature in the x.3 framework – let’s try to add a page and see what happens.
• Click Add Page
• Notice that the Parent Page is preselected and not able to be edited – this is because the pages are using inherited permissions based upon the premise of using this new page as a child page of the editable parent page. WOW – that’s a really advanced feature for a free CMS, huh?
• Since we already know how to add a page, let’s cancel out of that and go back to the main home page as the test user.

File Manager Permissions

• Continuing with the test user, edit the HTML Welcome content using the edit text option. Using the image gallery popup, try to upload pictures to the image gallery.
• Did it let you upload any images?
• It would have been nice to have at least gotten a message that you don’t have permissions, but we got inherited page permissions earlier, so I think we can be okay with this shortcoming for now.
• Switch back to the admin browser.
• Click the Files link in the top-right corner of the Control Panel.
• Scroll to the bottom
• Notice that the default settings in this version of DNN are to grant all users view permissions to the root folder. Let’s remove that permission and see what happens to our image gallery using the test browser.
• Notice that now it just shows that there are no images at all in the portal. Again, I would rather that the user get a message, but this will do.
• Switch back (I know, again…) to the admin browser.
• On the same file manager page, scroll to the bottom to see the folder permissions
• Choose Editing Roles from the filter by group dialog
• Grant the Home Page Editor View and Write rights.
• Go back and try to upload an image now.
• What happens?

I hope you enjoyed this lab. This lab is a free excerpt from the newly expanded DotNetNuke class. If you are interested in getting an entire development staff up-to-speed in five days with on-site instructor-led training, click here to learn more.