dekyfin / RichFilemanager-NODE

A nodejs connector for RichFilemanager
MIT License
12 stars 11 forks source link

multiple users access control to FM nodejs #5

Open hathemi opened 5 years ago

hathemi commented 5 years ago

in my app i have x group of users and you want to give different rights, for example :

User : can access to the FM, select or download a file. Admin : all above + upload/delete files + zip Super admin : all above + unzip files (by default, the actual case, user has all roles ) is it possible to do something like that with filemanage.js node connectors? I have decided to add a database using Kinex. i have prepared my api router and still can't figure out a solution on how to launch a login/register page when the application starts. any guidelines will be appreciated .

dekyfin commented 5 years ago

You should be able to implement a middleware which does the access control before the file manager route. I'm writing this sample code from my phone's mail client, so it's not tested: it'll most likely contain errors as well. But something like this should work


// Access control middleware
app.use("/filemanager", function (req, res, next){

  // mode is the action to be performed
  var mode=req.query.mode;

  // You can match the mode with the access control code to determine if user is allowed to perform the action. I'm using an array of permissions in this example for simplicity.

  var perm = ["initiate","readfolder"];

  if( perm.indexOf(mode) > -1 ){
    next();
  }
  else{
    res.status(403).send("you don't have the permission to perform this action");
  }

});

// Filemanager route
app.use("/filemanager", filemanager("/path/to/dir", config));
hathemi commented 5 years ago

Thanks for your respond, but still can't figure out how this can be done if i don't have a database, !!! Like i montiened in my first comment, i have create a database with knex with users and roles as table, then i have call login.html before launching RFM. My problem now is is how can i get access to FM an display a specific folder according to user.?,

dekyfin commented 5 years ago

It seems to me that you're creating an entire app which will handle user login/authenticarion, access control, and possibly user registration. I can give you some hints on how to go about it, but any detailed implementation is beyond what i can do on this platform.

There are different ways to create a system with each group having different permissions.

You can create three tables: users, groups, acl. The acl table will store the various actions/permissions each group can perform.

When a user logs in, you fetch the user's permissions and store it into a session array. You can then check the user's action against the permissions stored in the session array before allowing the user to perform the requested action in the filemanager

hathemi commented 5 years ago

yes that's exactly what i'am trying to do,.. it seems to be a lot of work to handle. Thanks alot, and i will contact you, if you don't mind, for any other details.

hathemi commented 5 years ago

Hi again @dekyfin . i'm trying to change root path of FM to be like like this ttp://localhost:5000/Filemanager, but nothing works for me. i have tried a lot of property in options configuration. for example: "fmSrcPath": "/Filemanager", or "exclusiveFolder": "/Filemanager", none of theme works for me. i thinks i'am missing something. Thanks in advance.

dekyfin commented 5 years ago

Hello @Hadhemi, If you're using the demo, you'll need to change the routing in order to access the FM from /Filemanager instead of /.

It appears to me that you're not familiar with routing and middlewares in Express Js. I would recommend you get familiar by going through the 'Getting Started' as well as the routing and middleware guide at https://expressjs.com

On Fri, 28 Dec 2018, 07:42 Hadhemi, notifications@github.com wrote:

Hi again @dekyfin https://github.com/dekyfin . i'm trying to change root path of FM to be like like this ttp://localhost:5000/Filemanager, but nothing works for me. i have tried a lot of property in options configuration. for example: "fmSrcPath": "/Filemanager", or "exclusiveFolder": "/Filemanager", none of theme works for me. i thinks i'am missing something. Thanks in advance.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/dekyfin/RichFilemanager-NODE/issues/5#issuecomment-450309620, or mute the thread https://github.com/notifications/unsubscribe-auth/AH1NPh768xgj-Z4b2uUM9YU7g20LDrDLks5u9ctbgaJpZM4ZijHf .

hathemi commented 5 years ago

yeah, i'm new in nodejs and still learning a lot of stuff. Sorry, i ask you a silly questions.

Hadhemi commented 5 years ago

@dekyfin , wrong mention , please use @ hathemi not hadhemi , thanks!

hathemi commented 5 years ago

@dekyfin hi again. is it possible to make a file server with RFM for each user logged in a system. Something similar to google drive. any example, guide lines, advices will be very appreciated. And thank you.

hathemi commented 5 years ago

Hi there. i'am back working on route. i still didn't get a solution for this. it's really frustrating. so, where should i change route path, in filemanager.config.json inside options{ } or api { }, or in app.js ???? Thanks in advance.

dekyfin commented 5 years ago

Hello @hathemi, It's possible, but it's not something trivial if you're new to node; especially when you don't already have significant experience in developing a system with a user base. I can give you some guidelines if you're interested, but you'll need to learn a lot