Open nwaughachukwuma opened 7 years ago
That sounds a little too granular for this. The most I think you can easily achieve is to have folder access according to group membership, but it would be an all or nothing approach: you would have full access or not.
Hi @datashaman, even that would be an added feature, and it kind of will almost meet what I want to achieve. Thanks for your response
Haven't support this for now. @nwaughachukwuma can you describe more about your need? Maybe we can add this feature in the future.
Hi @g0110280 we need a file management system where access to each folder is based on permission. Take for instance, there is an organization with staff and management, where files, memos, reports and all what not, are available. In this type of organization, you want to determine who has access to what files, and do this based on levels/hierarchy. Reason been that some files are either too sensitive for lower staffs to access, or you just want a separation of concern where each person/unit/dept. can only access the files related to it.
If we are to implement these features using Unisharp, you know we'd need a Unisharp that can create groups, and add permissions to folders. Take a look at what's been done here https://github.com/sjarvela/kloudspeaker for a clearer understanding of what am describing.
Thanks!
@nwaughachukwuma Kloudspeakers looks interesting. What's the motiviation/selling point for that over existing OSS projects like https://owncloud.org/, https://github.com/ckan/ckan, and http://www.seeddms.org/?
@g0110280 I am in process of implementing this for a project I'm working on right now. Do you have preferences for how the entitlement checks should be wired up? I'm leaning towards a configurable middleware class so it can be used with laravel auth as well as entrust or sentry, but I'm open to suggestions.
@deardooley Using middlewares might be the easiest way, you can create one and fill it into middlewares
column in config/lfm.php
. View files, which locate in resources/views/vendor/laravel-filemanager/
are also fully customizable. You can apply syntax of your permission package into them.
@g0110280 And what about play with getFile or getImage controllers. I mean, if an user with a role tries to acces by url to a files or image out of his access, how we can prevent this action to redirect him ?
Now, I manage this by : 1 / Overwrite route
Route::group(['middleware' => ['web']], function () {
Route::get('/' . config('lfm.url_prefix') . '/' . config('lfm.files_folder_name') . '/{base_path}/{file_name}', 'fileController@getFile')->where('file_name', '.*');
Route::get('/' . config('lfm.url_prefix') . '/' . config('lfm.images_folder_name') . '/{base_path}/{file_name}', 'fileController@getImage')->where('file_name', '.*');;
});
2/ Overwrite controller
public function getFile(Request $request, $base_path, $file_name)
{
if(preg_match('/\bprivate\b/', $file_name)) {
if(Auth::check()) {
if(Auth::user()->role == 'admin') {
$request->request->add(['type' => 'Files']);
return $this->responseImageOrFile();
}
} else {
return 'Vous n\'avez pas les privilèges !';
}
} else {
$request->request->add(['type' => 'Files']);
return $this->responseImageOrFile();
}
}
But is there a better way ?
Please let me know, how to write permission, user can see folder permission access like editor role can see editor image folder
Hi @datashaman and everyone I am developing an application where users in the system have permissions and roles, and on this basis, the users can only view the files or folder which their permissions or privilege grants them. Is it possible to achieve it with this or is there another package I may need to install on this one?