1

Closed

Allow secure file system files to be used for xml and xsl source files

description

Currently the module allows secure file system files to be selected in the module settings but the files are not found and loaded correctly when the module executes.
 
A possible solution, that I'm using on a live site, is to utilize the DotNetNuke.Common.Utilities.FileSystemUtils.GetFileStream(FileInfo objFile) method. This method test the StorageLocation property of the FileInfo object to correctly locate the file. I used the DotNetNuke.Services.FileSystem.FileController.GetFileById(), to get the FileInfo object and DotNetNuke.Services.FileSystem.FileController.ConvertFilePathToFileId() method to get the file id.
 
In the code for the XmlSource property in XmlController.vb, I replace the following (line 79):
 
Return XmlReader.Create(GetMappedPath(xmlsrc), XmlReaderSettingsWithoutValidation)
 
with
 
Dim filecontroller As DotNetNuke.Services.FileSystem.FileController = New DotNetNuke.Services.FileSystem.FileController()
Dim xmlFileInfo As DotNetNuke.Services.FileSystem.FileInfo = filecontroller.GetFileById(filecontroller.ConvertFilePathToFileId(xmlsrc, PortalId), PortalId)
Return XmlReader.Create(DotNetNuke.Common.Utilities.FileSystemUtils.GetFileStream(xmlFileInfo))
 
Something similar could be done for GetXslTransform() by passing an XmlReader to the Load() method.
 
This may work for secure database files too since the XmlReader.Create method simply takes a stream object as input and the DNN method GetFileStream() seems to return a stream for all three FileStorage types. I did not test this though.
 
One issue I could see with implementing this feature is whether or not to impose the actual permissions of the secure file. And what those permission should be checked against, the identity of the the page editor modifying the module setting or the identity of the person viewing the page. In my case, from the business point of view, the permission on the page using the XML module are the same as the permission set on the secure folder containing the source xml file, and I'm the only editor.
Closed Mar 20, 2011 at 11:25 PM by SCullmann

comments

wrote Mar 20, 2011 at 11:25 PM

Resolved with changeset 58959.

wrote Feb 14, 2013 at 1:44 AM

wrote May 16, 2013 at 9:10 AM

wrote Jul 12, 2015 at 1:36 PM