Feedback
 
Did this article resolve your question/issue?

   

Your feedback is appreciated.

Please tell us how we can make this article more useful. Please provide us a way to contact you, should we need clarification on the feedback provided or if you need further assistance.

Characters Remaining: 1025

 


Article

Exception when uploading documents

« Go Back

Information

 
Article Number000076976
EnvironmentProduct: Sitefinity
Version: 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, 11.x
OS: All supported OS versions
Database: All supported Microsoft SQL Server versions
Question/Problem Description
When trying to upload a document using the API, an exception is thrown when the user is not logged in.
When trying to upload a document or file in a library through the backend an error pops up.
Steps to Reproduce
Clarifying Information
Error MessageTelerik.Sitefinity.Libraries.Model.DocumentLibrary, Telerik.Sitefinity.Model was not granted ManageDocument in Document for principals with IDs .....
Defect/Enhancement Number
Cause
The exception means that the current user who is trying to perform the action does not have proper rights.
Resolution
1. One way to overcome this is to elevate the security context and skip the security checks by using the SuppressSecurityChecks property of the manager's provider. The SuppressSecurityChecks is set for the different managers that are instantiated. After the custom logic is executed the SuppressSecurityChecks property of the manager can be set to false again. Here is an example:
LibrariesManager librariesManager = LibrariesManager.GetManager();
librariesManager.Provider.SuppressSecurityChecks = true;

// custom code goes here

librariesManager.Provider.SuppressSecurityChecks = false;
When the SuppressSecurityChecks is set to true all security checks/demands/filtering will be turned off and this allows the code to be executed by anonymous users without the need to be logged in Sitefinity with an admin account or an account that has the permissions to perform the actions (created, edit or delete).

2. Another option is to wrap the code in ElevatedModeRegion() method and pass the Sitefinity manager to this method. 

Here is a sample code for reference demonstrating this for the Libraries manager:
LibrariesManager librariesManager = LibrariesManager.GetManager();
  
using(new ElevatedModeRegion(librariesManager))
{
      // custom code goes here
}
In cases when the code does not use an instance of the Manager, use SystemManager Run with elevated privileges.

For example for the WorkflowManager use the below approach:
SystemManager.RunWithElevatedPrivilege(d => { WorkflowManager.MessageWorkflow(...); });
Another option is to use:
SystemManager.RunWithElevatedPrivilege(DoWork);

public void DoWork(object[] parameters)
{
}

3. If the file is uploaded through the backend check what roles can "Modify library and manage document" by going to  Content >> Documents & Files >> MyLibrary >> Actions >> Set permissions and grant the user some of these permissions.


 
Workaround
Notes
References to Other Documentation:

Sitefinity Documentation, Implement security - http://docs.sitefinity.com/for-developers-implement-security
Sitefinity Documentation, Users and roles - http://docs.sitefinity.com/for-developers-users-and-roles#add-user-to-roles
Sitefinity Documentation, CRUD operations with documents and files - http://docs.sitefinity.com/for-developers-crud-operations-with-documents-and-files
Attachment 
Last Modified Date10/8/2018 6:52 AM