Class PortalSecurity
Inheritance
Namespace: DotNetNuke.Security
Assembly: DotNetNuke.dll
Syntax
public class PortalSecurity : objectFields
| Improve this Doc View SourceInstance
Declaration
public static readonly PortalSecurity InstanceField Value
| Type | Description |
|---|---|
| PortalSecurity |
Methods
| Improve this Doc View SourceCheckAllPortalFileExtensionWhitelists(String)
This function loops through every portal that has set its own AllowedExtensionWhitelist and checks that there are no extensions there that are restricted by the host
The only time we should call this is if the host allowed extensions list has changed.
Declaration
public void CheckAllPortalFileExtensionWhitelists(string newMasterList)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | newMasterList | Comma separated list of extensions that govern all users on this installation. |
CreateKey(Int32)
This function creates a random key.
Declaration
public string CreateKey(int numBytes)Parameters
| Type | Name | Description |
|---|---|---|
| System.Int32 | numBytes | This is the number of bytes for the key. |
Returns
| Type | Description |
|---|---|
| System.String | A random string. |
Remarks
This is a public function used for generating SHA1 keys.
Decrypt(String, String)
Decrypts the provided string data using a supplied key.
Declaration
public string Decrypt(string strKey, string strData)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | strKey | The encryption key. |
| System.String | strData | The encrypted data. |
Returns
| Type | Description |
|---|---|
| System.String | The decrypted string. |
DecryptString(String, String)
Decrypts a string using a provided passphrase.
Declaration
public string DecryptString(string message, string passphrase)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | message | The encrypted message. |
| System.String | passphrase | The passphrase. |
Returns
| Type | Description |
|---|---|
| System.String | The decrypted string. |
Encrypt(String, String)
Encrypts the specified key.
Declaration
public string Encrypt(string key, string data)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | key | The key. |
| System.String | data | The data. |
Returns
| Type | Description |
|---|---|
| System.String | The encrypted string. |
EncryptString(String, String)
Encrypts a string using a provided passphrase.
Declaration
public string EncryptString(string message, string passphrase)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | message | The message. |
| System.String | passphrase | The passphrase. |
Returns
| Type | Description |
|---|---|
| System.String | The encrypted string. |
ForceSecureConnection()
Forces the secure connection.
Declaration
public static void ForceSecureConnection()GetCookieDomain(Int32)
Gets the cookie domain for the portal group or from web.config.
Declaration
public static string GetCookieDomain(int portalId)Parameters
| Type | Name | Description |
|---|---|---|
| System.Int32 | portalId | The portal identifier. |
Returns
| Type | Description |
|---|---|
| System.String | Cookie domain for the portal group or from web.config. |
InputFilter(String, PortalSecurity.FilterFlag)
This function applies security filtering to the UserInput string.
Declaration
public string InputFilter(string userInput, PortalSecurity.FilterFlag filterType)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | userInput | This is the string to be filtered. |
| PortalSecurity.FilterFlag | filterType | Flags which designate the filters to be applied. |
Returns
| Type | Description |
|---|---|
| System.String | Filtered UserInput. |
IsDenied(UserInfo, PortalSettings, String)
Determines whether the specified user is denied for the given roles.
Declaration
public static bool IsDenied(UserInfo objUserInfo, PortalSettings settings, string roles)Parameters
| Type | Name | Description |
|---|---|---|
| UserInfo | objUserInfo | The user information. |
| PortalSettings | settings | The settings. |
| System.String | roles | The semicolon separated list of roles. |
Returns
| Type | Description |
|---|---|
| System.Boolean |
|
IsDenied(String)
Determines whether the current user is denied for the given role(s).
Declaration
public static bool IsDenied(string roles)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | roles | The semicolon separated list of roles. |
Returns
| Type | Description |
|---|---|
| System.Boolean |
|
IsFollower(Int32)
Determines whether the specified user is a follower of the current user.
Declaration
public static bool IsFollower(int userId)Parameters
| Type | Name | Description |
|---|---|---|
| System.Int32 | userId | The user identifier. |
Returns
| Type | Description |
|---|---|
| System.Boolean |
|
IsFriend(Int32)
Determines whether the specified user is a friend of the current user.
Declaration
public static bool IsFriend(int userId)Parameters
| Type | Name | Description |
|---|---|---|
| System.Int32 | userId | The user identifier. |
Returns
| Type | Description |
|---|---|
| System.Boolean |
|
IsInRole(String)
Determines whether the current user belonds to the specified role.
Declaration
public static bool IsInRole(string role)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | role | The role name. |
Returns
| Type | Description |
|---|---|
| System.Boolean |
|
IsInRoles(UserInfo, PortalSettings, String)
Determines whether the provided user belongs to the specified roles.
Declaration
public static bool IsInRoles(UserInfo objUserInfo, PortalSettings settings, string roles)Parameters
| Type | Name | Description |
|---|---|---|
| UserInfo | objUserInfo | The user information. |
| PortalSettings | settings | The settings. |
| System.String | roles | The semicolon separated list of roles. |
Returns
| Type | Description |
|---|---|
| System.Boolean |
|
IsInRoles(String)
Determines whether the current user belongs to the specified roles.
Declaration
public static bool IsInRoles(string roles)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | roles | The semicolon separated list of roles. |
Returns
| Type | Description |
|---|---|
| System.Boolean |
|
IsOwner(Int32)
Determines whether the specified user is an owner.
Declaration
public static bool IsOwner(int userId)Parameters
| Type | Name | Description |
|---|---|---|
| System.Int32 | userId | The user identifier. |
Returns
| Type | Description |
|---|---|
| System.Boolean |
|
Remove(String, PortalSecurity.ConfigType, String, PortalSecurity.FilterScope)
Removes profanity words in the provided input string.
Declaration
public string Remove(string inputString, PortalSecurity.ConfigType configType, string configSource, PortalSecurity.FilterScope filterScope)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | inputString | The string to search the words in. |
| PortalSecurity.ConfigType | configType | The type of configuration. |
| System.String | configSource | The external file to search the words. Ignored when configType is ListController. |
| PortalSecurity.FilterScope | filterScope | When using ListController configType, this parameter indicates which list(s) to use. |
Returns
| Type | Description |
|---|---|
| System.String | The original text with the profanity words removed. |
Remarks
The words to search could be defined in two different places:
- In an external file. (NOT IMPLEMENTED)
- In System/Site lists. The name of the System List is "ProfanityFilter". The name of the list in each portal is composed using the following rule: "ProfanityFilter-" + PortalID.
Replace(String, PortalSecurity.ConfigType, String, PortalSecurity.FilterScope)
Replaces profanity words with other words in the provided input string.
Declaration
public string Replace(string inputString, PortalSecurity.ConfigType configType, string configSource, PortalSecurity.FilterScope filterScope)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | inputString | The string to search the words in. |
| PortalSecurity.ConfigType | configType | The type of configuration. |
| System.String | configSource | The external file to search the words. Ignored when configType is ListController. |
| PortalSecurity.FilterScope | filterScope | When using ListController configType, this parameter indicates which list(s) to use. |
Returns
| Type | Description |
|---|---|
| System.String | The original text with the profanity words replaced. |
Remarks
The correspondence between the words to search and the words to replace could be specified in two different places:
- In an external file. (NOT IMPLEMENTED)
- In System/Site lists. The name of the System List is "ProfanityFilter". The name of the list in each portal is composed using the following rule: "ProfanityFilter-" + PortalID.
SignIn(UserInfo, Boolean)
Signs the provided user in and sets a persistent login cookie if needed.
Declaration
public void SignIn(UserInfo user, bool createPersistentCookie)Parameters
| Type | Name | Description |
|---|---|---|
| UserInfo | user | The user info. |
| System.Boolean | createPersistentCookie | if set to |
SignOut()
Signs the current user out.
Declaration
public void SignOut()ValidateInput(String, PortalSecurity.FilterFlag)
This function applies security filtering to the UserInput string, and reports whether the input string is valid.
Declaration
public bool ValidateInput(string userInput, PortalSecurity.FilterFlag filterType)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | userInput | This is the string to be filtered. |
| PortalSecurity.FilterFlag | filterType | Flags which designate the filters to be applied. |
Returns
| Type | Description |
|---|---|
| System.Boolean | true if the input is valid, otherwise false. |