Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

No Public Access - Mobile site login page calling to menu without permission #1359

Closed
CompleteCoders opened this issue Jan 22, 2018 · 2 comments
Assignees
Milestone

Comments

@CompleteCoders
Copy link

CompleteCoders commented Jan 22, 2018

Turn off all public access to the store so that login is requested first.

_Document.cshtml makes a call to a function in public.offcanvas-menu.js. this seems to make a call to pull down menu items. The function seems to keep calling to get the menu items but because guest access it turned off, it doesn't allow the call to go through. It get blocked in "PublicStoreAllowNavigationAttributes.cs"

This loop on my iPhone 7 makes logging in impossible. Now I think the correct fix is to NOT get the menu when the Guest Access to public store is turned off and the user is not logged in.. But I'm not 100% positive I understand why it is calling for the menu.

@CompleteCoders
Copy link
Author

Here is how we fixed for our site. We just excluded the login page from the ajax call to get the menu. I doubt this is how you would want it fixed long term in the system but it fixed it for us for now.

public.offcanvas-menu.zip

@Michael-Herzog
Copy link
Contributor

Thanks for reporting!

dalhyncarrillo added a commit to dalhyncarrillo/SmartStoreNET that referenced this issue Mar 10, 2018
* x-editable DateTime: removed class datetimefield (is obsolete too)

* x-editable DateTime: removed embedded bootstrap datepicker

* x-editable DateTime: removed CSS not used anymore

* x-editable DateTime: finalize

* AmazonPay: Added option to specify the authorization method

* ABS4: module list

* Updated AutoPrefixer browser definitions list

* ABS4: Buttons & various other minor css stuff

* ABS4: provider & module list styling

* Eliminates bug which could lead to ambiguous actions calls

* ABS4: Plugin DiscountRules

* ABS4: Plugin Clickatell

* ABS4: Plugin DevTools

* Closes smartstore#1367 forms in modal dialogs weren't rendered

* More Javascript encoding

* More Javascript encoding

* ABS4: Plugin Amazon

* ABS4: ExternalAuthFacebook, GoogleAnalytics, OfflinePayment; PayPal

* JsText must not append delimiters

* The tax value per tax rate was not updated when adding\removing a product to\from the order

* Fixes weird validation error

* ABS4: Dropdowns, Tabs, Navbar

* ABS4: FileUploader component

* ABS4: new FileUploader for import file upload (more to come)

* AmazonPay: Added information on registration

* AmazonPay: Added PaymentMethodNotAllowed decline handling

* AmazonPay: Refund and payment void have not changed the payment status

* Added missing string resource

* Fixes System.NullReferenceException in SmartStore.Core.Caching.DisplayControl.<GetCacheControlTagsFor>.MoveNext()

* Localization: implemented JsText with IHtmlString which already return the requested string with delimiters

* Fixed select2 for WidgetZoneChooser

* Minor change

* Fixes Microsoft.CSharp.RuntimeBinder.RuntimeBinderException in order export

* Changed some URLs

* ABS4: MinimalTaskWidget

* ABS4: Import upload

* ABS4: Import > New Profile > FileUploader

* SendManually ignored in QueuedMessagesSendTask (has been lost in refactoring)

* ABS4: 'Download' EditorTemplate

* Attribute file upload now uses new FileUploader component

* ABS4: Plugin Shipping

* ABS4: Plugin ShippingByWeight

* ABS4: Minor fixes

* ABS4: 'Download' EditorTemplate (minor fixes)

* MessageTemplates > test mailing (work in progress)

* Avatar upload now uses new FileUploader component.
Fixes avatar upload couldn't work because it had used an admin authorized backend URL.
Fixes updating the avatar did not remove it from cache.

* ABS4: Plugin Tax

* Shipping Plugins: added some notifications

* ABS4: updated alert boxes

* Removed obsolete code

* ABS4: FileUploader .d-none > .hide

* Updated credits.txt

* ABS4: Avatar and Choice.FileUploader .d-none > .hide

* Minor improvements to my last commit

* Changed some setting defaults

* MessageTemplates & Comapaigns > test mailing (finished)

* ABS4: select2 option rendering should be explicit

* ABS4: "Create Export Profile" combos

* Fixes the limited store IDs are not selected on the edit page

* Resolves smartstore#1143 Make shipping methods suitable for multi-stores

* ABS4: removed obsolete css

* Minor corrections

* Fixed message template class naming

* Message Templates: fixed some Outlook issues

* ABS4: MessageTemplates

* ABS4: defined new CI colors

* Updated credits

* ABS4: ChoiceBox

* ABS4: .input-group-btn >  .input-group-append

* ABS4: Product (work in progress)

* ABS4: changed markup of some more alerts

* Resolves smartstore#528 LimitedToStores is required on payment provider rather than plugin level

* Fixed typo

* ABS4: styling for filter plugin views which are loaded via ajax

* ABS4: postfix for attribute combination popup

* DisableBuyButton and DisableWishlistButton should also be taken into account on the cart and wishlist page

* ABS4: MultiStore setting overrides

* Minor change

* ABS4: Discount rules

* ABS4: Product (work in progress)

* Replace SettingOverrideCheckbox in settings views

* Replace SettingOverrideCheckbox in plugins

* PayPal: Fixed transaction mode setting was not saved

* PayPal: Removed the not required security protocol setting

* Replaced some CheckBoxFor by SettingEditorFor

* Resolves smartstore#729 Option for automatic order amount capturing when the shipping status changed to "shipped"

* ABS4: List filter

* ABS4: Tabified currency list view

* Applied commit a3581cd to English templates (fixed some Outlook issues)

* Fixes broken unit tests

* ABS4: some select UI fixes

* ABS4: select2 > equal height for single and multi select containers

* ABS4: DateTimePicker dropdown should not initialize with current date

* ABS4: fixed grid filter dropdown positioning

* ABS4: Dashboard tweaks

* ABS4: "smoother" product bulk edit

* ABS4: List filter

* Fixed issue with duplicate ID tags

* ABS4: minor fixes

* ABS4: minor CSV configuration fix

* ABS4: migrating select2 of import column mapping (in progress)

* ABS4: consolidating asset files (work in progress)

* ABS4: consolidating asset files (work in progress)

* ABS4: consolidating asset files (work in progress)

* ABS4: consolidating asset files (work in progress)

* ABS4: consolidating asset files (work in progress... frontend runs but is partially broken)

* ABS4: GMC

* ABS4: migrating select2 of import column mapping

* Resolves smartstore#1320 Image import: Find out the content type of image URLs by response header rather than file extension (which is sometimes missing)

* BS4F: fixes megamenu display

* BS4A: filter fixes

* ABS4: moved adding of reward points to a modal dialog

* Topics: Fixes a form element must be readonly instead of disabled to get posted to the server

* Resolves smartstore#1368 Admin > Cms > Topics: Chrome console reports an error because of duplictae dom ids of localized editor

* Minor change

* Resolves smartstore#1219 Recently viewed products list should respect setting to hide manufacturer names

* Updated change log

* ABS4: grids part1

* ABS4: ABS4: consolidating asset files (combined vendor assets into separate subfolders)

* ABS4: consolidating asset files (fixed button and alert styles in frontend)

* ABS4: nicer material tabs

* ABS4: .card-block > .card.body

* ABS4: .form-check

* ABS4: .input-group

* ABS4: removed $gray-* Sass shims

* ABS4: minor stuff

* Moved ~/Content/samples to ~/App_Data

* form-check with form-check-input and form-check-label

* Fixes display of discounts in product lists when using several currencies

* Fixes build error

* Fixed multistore settings for TaxSettings, ShippingSettings and RewardPointsSettings were never saved

* Setting for payment capturing should be multistore capable

* Fixed override checkbox never active when multistore setting is set to null

* Fixed minor issues in multistore search settings

* ABS4: grids part 2

* Minor change

* ABS4: minor changes

* ABS4: reorganized telerik component's asset file structure

* Delete obsolete folder "~/Content/files/exportimport"

* ABS4: Install UI

* Changed build property of _telerik.scss

* Colorpicker directory has changed

* Fixes localized settings for return request and action never loaded on settings page (Entity ID for localized property can be 0).

* ABS4: grids part 3

* Added missing template files to SmartStore.Web Project

* Fixed broken filter for queued email list

* Changed theme variables according to new BS4 class names

* Fixes discount badge in product lists shows wrong value (in progress)

* ABS4: Installation

* ABS4: removed obsolete LESS files

* Removed LESS file handling code

* Removed obsolete BundleTransformer.Less packages

* Revert "Changed theme variables according to new BS4 class names"

This reverts commit bc284c2.

* Changed theme variables according to new BS4 variable names (now correct)

* ABS4: CKEditor (in progress)

* ABS4: minor code cosmetic

* ABS4: Shifted form to add order notes to a modal dialog

* ABS4: Shifted upload control for product pictures above the grid

* Fixes discount badge in product lists shows wrong value (in progress)

* Added some resources which were never added through the V22Final migration

* ABS4: Updated TODOs

* Fixes discount badge in product lists shows wrong value

* ABS4: SummerNote & media stuff

* Improvement to my last commit

* BS4: Wrapped  all tables (.table) in div.table-responsive

* Added omega class to .admin-table where necessary

* Updated BSA4 todos: we've never used split buttons in combination with dropdown menus

* BS4: Added missing form-check-inline classes

* Resolves smartstore#1318 Disabled preselected attribute combination permanently hides the shopping cart button, even if another combination is selected

* Updated jquery.scrollTo to version 2.1.2

* Fixed footer problem in responsive display

* ABS4: fixed IE11 table display

* Added notification for successful adding of product pictures

* Resolves smartstore#1326 After saving plugin settings for the second store, the settings for all stores are no longer displayed anymore.

* Removed obsolete MediaController from backend. RoxyFileManagerController is now responsible for handling file uploads.

* RoxyFileManager & MediaController refactoring & enhancements (in progress)

* Fixes missing confirmation when using payment buttons on the order page

* Fixes missing confirmation when using onclick

* Updated outdated PayPal icon

* Permissions: Added header checkbox to toggle state of all checkboxes of one column

* Scripting: fixed positioning formula for openWindow() and added { id, backdrop } props to openPopup()

* * (Perf) Enhanced ImageHeader (image dimension resolution)
* (Perf) Roxy FM LISTDIRS and thumbnail creation way faster
* Roxy FM now opens in a modal popup

* WTF?!

* ABS4: Summernote is now the primary HTML editor

* Completely removed CKEditor from solution

* HtmlEditor: forgot to localize

* Made media public path configurable

* Resolves smartstore#1375 Duplicate setting records possible due to wrong setting cache scope
More usage of LoadSetting and SaveSetting attribute

* Restructured ModelTree editor template

* ABS4: Minor fixes

* Facebook authentication: Added logging and more admin instructions

* Fix to prevent default tax address and shipping origin address from being recreated every time you save

* Replaced fa-ok with fa-check

* ABS4: DateTimePicker UI tweaks

* RoxyFileManager: renamed all res files (.json > .js) and removed en file

* ILocalizationFileResolver: responsible for finding localization files for client scripts

* Resolve localization file: summernote

* Added VirtualPath property to PluginDescriptor

* Resolve localization file: summernote

* Resolve localization file: moment.js

* Minor fix

* Resolves smartstore#998 GMC: Find a way to map attribute combination values to feed export values

* Resolves smartstore#1377 Make method 'ShoppingCartService.OrganizeCartItems' virtual

* Fixes option sets grid is loaded infinitely often, never gets refreshed, tries inline editing (ignores popup) and delete button generates a JavaScript error

* Removed an unused view model property

* ABS4: minor display fix

* Fixed problems with widget zone editor template (temp only, will be reworked again)

* New SmartStore branding

* Added accidentally deleted files again

* Summernote: custom LinkDialog with file browser

* ABS: Roxy skinning (in progress)

* Minor improvement

* Resolves smartstore#1359 PublicStoreNavigation permission denied access to offcanvas menu actions

* Offcanvas menu: fixes a display problem of sub menu items in service tab

* Fixes minor build problem

* Resolves smartstore#1031 Enable offline payment methods to have payment icons

* ABS4: more styling for dropdowns, icons etc.

* ABS4: Roxy, modal, ImageHeader

* Moved string resource for additional fee to core

* BS4: Replaced all modal html markups with SmartStore().Window()

* Nicer green for admin theme

* ABS4: Adapted class names for button types and category badges according to bs4

* BS4: Eliminated self defined spacer size 6

* Various fixes and enhancements (FileSystem, Imaging, HtmlEdit, Roxy etc.)

* Load RoxyLang in controller with LocalizationFileResolver

* ABS4: Roxy

* Minor fix

* Localized URLs: trim trailing slash

* ABS4: Fixes problem with loading of the parent category in edit view of categories

* ABS4: minor fix

* Removed obsolete setting class & corresponding settings

* ABS4: more Roxy stuff

* ABS4: more Roxy stuff

* Allow max. 20 notification items (trim start)

* ABS4: finalized (Roxy) file manager

* Resolves smartstore#1021 Added setting to enforce state region selection

* Refactored initialization code for onchange event of country controls

* .country-selector change event should be delegated

* ABS4: various FileManager fixes

* Summernote: extending LinkDialog

* Window component: minor fix

* Summernote: localized LinkDIalog

* Summernote: more work on LinkDialog

* x-editable now internally calls selectWrapper() to take advantage of all the sugar

* (Perf) lazy load attribute options in backend without cluttering output HTML with JSON data. Also fix init selection handling of select2.

* A lot of x-editable fixes

* x-editable: select2 with ArrayAdapter requires an empty option tag to display the placeholder

* x-editable & select2: fixed and enhanced placeholder, ajax & lazyload handling

* GMC: column chooser for edit grid

* Dev-Tools: Added a widget sample
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants