Old Forums
Search:
Portal Engine Questions on portal engine and web parts.
Version 7.x > Portal Engine > ClassName Macro for Current Document View modes: 
User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 6/11/2013 9:34:15 AM
   
ClassName Macro for Current Document
I feel foolish asking this but how do I get the CurrentDocuments class in a macro? I want to check if 
{% CurrentDocument.ClassName == "cms.event" || CurrentDocument.ClassName == "custom.cta" @%}
I've tried CurrentDocument.NodeClass.ClassName and receive this error:
Security check of the expression ' if(CurrentDocument.NodeClass.CodeName == "custom.cta" || CurrentDocument.NodeClass.CodeName == "cms.event") {CurrentDocument.Parent.NodeAliasPath}else{CurrentDocument.NodeAliasPath} ' didn't pass. The expression was signed by user ''. Remove the signature and re-save the expression by a user with proper permissions.
User avatar
Kentico Support
Kentico Support
kentico_janh - 6/12/2013 1:48:16 AM
   
RE:ClassName Macro for Current Document
Hello,

The {%CurrentDocument.NodeClass.CodeName%} returns the class name, however it seems to me that you haven't placed that macro as a global administrator. Could you please remove the hash sign from the end of a macro and resave it as a global administrator?

Best regards,
Jan Hermann

User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 6/12/2013 7:03:59 AM
   
RE:ClassName Macro for Current Document
Thanks Jan. I've attempted with both {% @%} and {% %} and they both fail with the same message. I'm on 7.0.36.

User avatar
Kentico Support
Kentico Support
kentico_jurajo - 6/17/2013 1:37:39 AM
   
RE:ClassName Macro for Current Document
Hi,

Where and how are you using the macro? I just used the Jan's macro in an editable region on a Page tab for a quick test and it is working fine.
What is the output of the macro debug?

btw. I am on 7.0.39 - but there should not be any difference, I hope :-)

Best regards,
Juraj Ondrus

User avatar
Member
Member
Boolean - 6/17/2013 4:08:31 PM
   
RE:ClassName Macro for Current Document
We are on 7.0.39 and getting this same problem.

We have three servers - Dev, QA and Stage. If we add a macro to our before/after content using:

{%if (CurrentDocument.NodeClass.CodeName == "CMS.MenuItem") { "<ul>" } else { "<div>" }%}

We get the same error as above:

Security check of the expression 'snip' didn't pass. The expression was signed by user 'dave'. Remove the signature and re-save the expression by a user with proper permissions.

The strange thing is that it works fine on Dev and QA, but not our stage.

User avatar
Member
Member
Boolean - 6/17/2013 4:10:12 PM
   
RE:ClassName Macro for Current Document
(Wish you could edit posts)

I should clarify that when I say it's working fine on Dev and QA, we are content staging our page template to those servers. It works fine on those, but content staging from QA to Stage causes it to break.

User avatar
Kentico Support
Kentico Support
kentico_jurajo - 6/18/2013 2:12:47 AM
   
RE:ClassName Macro for Current Document
Hi,

You need to re-sign the macros or do not use the signature. Please see the macro security - at the bottom.

Best regards,
Juraj Ondrus

User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 6/27/2013 10:51:47 AM
   
RE:ClassName Macro for Current Document
I'm using the macro in the path field of a CMS Repeater web part.

So the documentation reads that it uses the connection string as a salt hash and I'm assuming macro security is enabled by default. So hypothetically speaking, if I'm creating the site in my dev environment with a dev database (db=KenticoDB;user=KenticoDbo;pw=abcd1234) and I go to publish my site live and remember my password isn't strong and change it, I need to update all the macro signatures?

What if I've changed the server name from a simple server name to a fully qualified domain name? How about if I've made 5 changes to my connection string during my development process and created macros throughout the process? Do I have to go back and update the macro signatures with each of those 5 changes and use my new salt even though I unchecked the sign all macros option?

Why isn't there an option to simply remove the signatures OR even better, not have that option turned on by default?

I've got this macro below that keeps erroring on me and I've attempted everything even removing and recreating it and still get a securty error stating to remove and resave with a user who has permissions. I don't want to worry about security on this macro...
{%if(CurrentDocument.NodeClass.ClassName == "custom.cta" || CurrentDocument.NodeClass.ClassName == "cms.event"){CurrentDocument.Parent.NodeAliasPath}else{CurrentDocument.NodeAliasPath}@%}
I should also mention the pages I'm using this on inherit the parent page. So my structure looks like this:

-Page1
--Sub Page1 (inherits Page1 template)
---custom.cta (inherits Page1 template)

It's not working on level 2 or 3 (Sub Page1 or custom.cta) even though when I debug the macro on the page it returns the correct result nothing displays except the macro security error.

User avatar
Kentico Support
Kentico Support
Accepted solutionAccepted solution
kentico_jurajo - 6/28/2013 1:05:18 AM
   
RE:ClassName Macro for Current Document
Hi,

Answers to all your question is YES :-)

Why is it turned on by default? It is because of the security - it is a high security risk - better safe than sorry. With the new macro engine, you can get pretty sensitive information.

You can re-sign the macros (macros security) but, as you can see from the documentation, you can use the CMSHashStringSalt key - so, you can set your own salt on every environment to be the same, so it is connection string independed and since it is the same on all your environments, you won't have to re-sign the macros each time something in the connection string is changed.

Best regards,
Juraj Ondrus

User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 6/28/2013 1:13:47 AM
   
RE:ClassName Macro for Current Document
So then since I just learned about this, I will need to do 1 update for every change to my connection string I made correct? Believe me I will have that salt in my web.config from now on.

User avatar
Kentico Support
Kentico Support
kentico_jurajo - 6/28/2013 1:22:16 AM
   
RE:ClassName Macro for Current Document
Hi,

I am not sure I am following. If you will use the salt key, you do not need to re-sign the macros anymore. I am not sure what update you mean.

Best regards,
Juraj Ondrus

User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 6/28/2013 7:16:56 AM
   
RE:ClassName Macro for Current Document
What I was asking is what about the macros that were signed with the previous salt key? Or are they only signed when they are used/needed on a page? Are they stored in the database with the salt key?

User avatar
Kentico Support
Kentico Support
Accepted solutionAccepted solution
kentico_jurajo - 7/1/2013 1:10:10 AM
   
RE:ClassName Macro for Current Document
Hi,

Once you will set the new salt, in the UI there is a button "Update macro signatures" - so, this will re-sign all the macros, including existing macros with the new hash signature.

Best regards,
Juraj Ondrus

User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 7/17/2013 3:08:03 PM
   
RE:ClassName Macro for Current Document
So I've attempted this yet once again and still receive the same error with this one particular macro. All the others work as expected.

Also, there is a in regards to re-signing all the macros, it clearly states if I hover over the "Sign all macros" checkbox that if is enabled it will skip the signature interity check. To me this means that if I don't have a valid "old salt" I can't update it with a new salt. There were a lot of changes to our connection string during development as we moved servers and changed databases several times so I'm positive this is where the problem is coming into play. AND I don't want to sign all the macros because this has caused problems when moving from test to live if the user doesn't exist.

I've escaped all my macros with {% @%) and still receive the error. I've even went as far as deleting the macro, saving the webpart with a null value and re-entering the macro. I've even logged in as administrator (and someone with global admin rights) and resaved the macro and still receive the error. Its causing problems on the page and not displaying the proper values and content.

Here is the error again
EventDescription: Security check of the expression 'if(CurrentDocument.NodeClass.ClassName == "myclass.cta" || CurrentDocument.NodeClass.ClassName == "cms.event"){CurrentDocument.Parent.NodeAliasPath}else{CurrentDocument.NodeAliasPath}|(user)bpk23186|(hash)229c1309c148388e880dbeedeeaddfdd4be3cec81afc219e36ecb2d06ee1462f' didn't pass. The expression was signed by user 'bpk23186'. Remove the signature and re-save the expression by a user with proper permissions.

User avatar
Kentico Support
Kentico Support
kentico_jurajo - 7/18/2013 1:16:44 AM
   
RE:ClassName Macro for Current Document
Hi,

I would still try to re-sing all the macros.
Otherwise, as you can see from the error - there is still the hash signature in the macro. Are you editing correct macro? Have you tried using the macro debug?
Does this error occur even if you remove the macro you mentioned in your web part?

Best regards,
Juraj Ondrus

User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 7/18/2013 1:20:10 AM
   
RE:ClassName Macro for Current Document
I ended up modifying my macro to simply use {% ClassName %} and it worked without an issue. So there must be permission issues with accessing the class name the other way. At any rate, I got it to work.

User avatar
Kentico Support
Kentico Support
kentico_jurajo - 7/18/2013 1:32:31 AM
   
RE:ClassName Macro for Current Document
That is strange. I tried using both and it is working fine - signed and not signed. Basically the {%ClassName%} is an abbreviation of the CurrentDocument.NodeClass.ClassName.


Best regards,
Juraj Ondrus

Top