zydronium/websitepanel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

This change allows you to specify which role is allowed to login to the panel

Browse source 
Add the element ExcludedRolesToLogin tp the SiteSettings.config and specify
comma separate which roles are not allowed to login to the panel. e.g.:

<ExcludedRolesToLogin>Administrator,Reseller</ExcludedRolesToLogin>

By doing this you can eliminate the attack surface by publishing the portal
twice. One for the organization administrators and an internal one for the
adminsitrators and reseller admins
This commit is contained in:
robvde 2012-07-11 20:28:33 +04:00
parent 37af5eceac
commit 80672a555f
4 changed files with 41 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

8
WebsitePanel/Sources/WebsitePanel.WebPortal/WebsitePanel.WebPortal.csproj
View file

@ -221,8 +221,12 @@
<None Include="App_Data\SupportedThemes.config" />
<None Include="App_Data\Countries.config" />
<None Include="App_Data\CountryStates.config" />
<None Include="App_Data\WebsitePanel_Modules.config" />
<None Include="App_Data\WebsitePanel_Pages.config" />
<None Include="App_Data\WebsitePanel_Modules.config">
<SubType>Designer</SubType>
</None>
<None Include="App_Data\WebsitePanel_Pages.config">
<SubType>Designer</SubType>
</None>
<None Include="App_Data\Ecommerce_Modules.config" />
<None Include="App_Data\Ecommerce_Pages.config" />
<None Include="App_Data\SupportedLocales.config" />