CKFinder autentificated user only

[nazakar]

How to prevent link /backend/assets/a8d6d970/browse.php?opener=ckeditor&type=files&CKEditor=ed&CKEditorFuncNum=203 to be opened from non authorized users? Like 'disabled' => false. Can you give me some integration examples? Thanks in advance

[execut]

Create bootstrap class and add it to application config:

class Bootstrap implements BootstrapInterface
{
    public $allowedRole = '@';

    public function bootstrap($app)
    {
        $this->registerKCFinderSessionSettings($app);
    }

    protected function registerKCFinderSessionSettings($app) {
        $kcfOptions = array_merge(KCFinder::$kcfDefaultOptions, [
            'uploadURL' => '@web/upload',
            'access' => [
                'files' => [
                    'upload' => true,
                    'delete' => false,
                    'copy' => false,
                    'move' => false,
                    'rename' => false,
                ],
                'dirs' => [
                    'create' => true,
                    'delete' => false,
                    'rename' => false,
                ],
            ],
        ], $this->kCFinderOptions);
        if ($this->allowedRole !== false) {
            if (!(!$app->user->isGuest && $this->allowedRole === '@') && !$app->user->can($this->allowedRole)) {
                $kcfOptions['disabled'] = true;
            }
        }

        $kcfOptions['uploadURL'] = \yii::getAlias($kcfOptions['uploadURL']);
        $app = \yii::$app;
        $app->session->set('KCFINDER', $kcfOptions);
    }
}