More granular security

Last post 05-05-2010, 3:18 AM by Kenneth. 3 replies.
Sort Posts: Previous Next
  •  05-02-2010, 5:49 PM 60619

    More granular security

    I know that CuteEditor allows to specify if the user is authorized to upload files, delete files, rename files, etc.
     
    However, I would like even more granular control. Let me explain: I would like to be able to authorize the user to upload new images but prevent him from uploading media files, allow user to delete images but prevent him from deleting templates, allow him to create folders for images but not for templates.
     
    Is this possible?
  •  05-04-2010, 2:48 AM 60660 in reply to 60619

    Re: More granular security

    Hi frjericho,
     
    authorize the user to upload new images but prevent him from uploading media files
     
    hide the upload control in Insert media dialog only
     
    Open file "CuteSoft_Client\CuteEditor\Dialogs\InsertMedia.aspx"
     
    Find section below
     
    <CE:Uploader id="InputFile" InsertText="ffff" runat="server"></CE:Uploader>
     
    Change to
     
    <div style="visibility: hidden">
            <CE:Uploader ID="InputFile" InsertText="ffff" runat="server">
             </CE:Uploader>
    </div>
     
    allow user to delete images but prevent him from deleting templates
     
    hide the delete button in Insert template dialog only
     
    Open file "CuteSoft_Client\CuteEditor\Dialogs\InsertTemplate.aspx"
     
    Find section below
     
    <asp:ImageButton ID="Delete" runat="server" AlternateText="[[Deletefiles]]" ImageUrl="../Load.ashx?type=image&file=s_cut.gif"
                                                OnClick="Delete_Click" />
     
    change to
     
    <div style="visibility: hidden">
                  <asp:ImageButton ID="Delete" runat="server" AlternateText="[[Deletefiles]]" ImageUrl="../Load.ashx?type=image&file=s_cut.gif"
                                                OnClick="Delete_Click" />
      </div>
     
    allow him to create folders for images but not for templates
     
    Hide the create folder button in Insert template dialog only
     
    Open file "CuteSoft_Client\CuteEditor\Dialogs\InsertTemplate.aspx"
     
    Find section below
     
    <asp:ImageButton id="CreateDir" BorderWidth="1" Runat="server" AlternateText="[[Createdirectory]]"
           ImageUrl="../Load.ashx?type=image&file=newfolder.gif" OnClick="CreateDir_Click" />
     
    Change to
     
     <div style="visibility:hidden">
          <asp:ImageButton id="CreateDir" BorderWidth="1" Runat="server" AlternateText="[[Createdirectory]]"
           ImageUrl="../Load.ashx?type=image&file=newfolder.gif" OnClick="CreateDir_Click" />
         </div>
     
    Regards,
     
    ken
  •  05-04-2010, 11:00 AM 60675 in reply to 60660

    Re: More granular security

    Thank you for the workaround. That will be fine.
     
    However, I would like to suggest that you include this in a future version: the ability to programatically set these permissions without having to edit some of your source files. What I imagine is something like the following:
     
    1. cm_htmlcontent.SetSecurityAllowModifyTemplate(false);
    2. cm_htmlcontent.SetSecurityAllowModifyImage(true);
    3. cm_htmlcontent.SetSecurityAllowModifyFlash(false);
    4. cm_htmlcontent.SetSecurityAllowDeleteTemplate(false);
    5. cm_htmlcontent.SetSecurityAllowDeleteImage(true);
    6. cm_htmlcontent.SetSecurityAllowDeleteFlash(true);
     
  •  05-05-2010, 3:18 AM 60704 in reply to 60675

    Re: More granular security

    frJericho:
    Thank you for the workaround. That will be fine.
     
    However, I would like to suggest that you include this in a future version: the ability to programatically set these permissions without having to edit some of your source files. What I imagine is something like the following:
     
    1. cm_htmlcontent.SetSecurityAllowModifyTemplate(false);
    2. cm_htmlcontent.SetSecurityAllowModifyImage(true);
    3. cm_htmlcontent.SetSecurityAllowModifyFlash(false);
    4. cm_htmlcontent.SetSecurityAllowDeleteTemplate(false);
    5. cm_htmlcontent.SetSecurityAllowDeleteImage(true);
    6. cm_htmlcontent.SetSecurityAllowDeleteFlash(true);
     
     
    We will add more options in future versions. Thanks for your advice.
     
    Regards,
     
    ken
View as RSS news feed in XML