Need to Disable Uploading/Browsing

Last post 01-10-2008, 3:22 PM by Adam. 1 replies.
Sort Posts: Previous Next
  •  01-09-2008, 7:00 PM 36228

    Need to Disable Uploading/Browsing

    Hi,


    For the tool we're building, we're not wanting users to be able to upload or browse for any files on our server. It's a shared environment, and we don't want to build in separation of uploaded content.


    Is there a way to fully disable the uploading and browsing features? We're using version 6 for .Net.


    I've already disabled some by setting display for uploads to none in the InsertImage.aspx dialog, leaving the ability to add images that are elsewhere online. However, I just noticed that I was able to get to a browse for images dialog by opening the image properties...


    I can keep testing and stopping things as I find them, but I'm hoping there's a setting that will accomplish what I'm after.


    Any help would be appreciated.


    Thanks!


  •  01-10-2008, 3:22 PM 36255 in reply to 36228

    Re: Need to Disable Uploading/Browsing

    cphillips,

    Here are my suggestions:
     
    1. Detect your user's role.
     
    2. For admin level user, you should allow them to upload/delete/create.
     
    3. For the guest level user, you can show a limited toolbar and disable the upload/delete/create funtions.
     
    3. For the registered user, you can disable the upload/delete/create funtions.
     
    You have two methods to achieve this:
     
    1.
     
    Please edit the security policy file (default.config, admin.config and guest.config).

    The security policy file (default.config, admin.config and guest.config) can be found in the /CuteEditor/Configuration/Security folder.
     
    For admin level users, you can let them using admin.config.
    For registered  users, you can let them using default.config.
    For guest users, you can let them using guest.config.
     
     
    Editor.SecurityPolicyFile Property
    Specify the Security Policy File which contains a configurable set of rules called security policy. 
     
    <configuration>
     <security name="RestrictUploadedImageDimension">true</security>
     <security name="OverWriteExistingUploadedFile">false</security>
     <security name="UseTimeStampRenameUploadedFiles">true</security>
     <security name="AutoResizeUploadedImages">true</security>
     <security name="MaxImageWidth">400</security>
     <security name="MaxImageHeight">768</security>
     <security name="MaxImageSize">200</security>
     <security name="MaxMediaSize">10000</security>
     <security name="MaxFlashSize">1000</security>
     <security name="MaxDocumentSize">10000</security>
     <security name="MaxTemplateSize">1000</security>
     <security name="ImageGalleryPath">~/uploads</security>
     <security name="MediaGalleryPath">~/uploads</security>
     <security name="FlashGalleryPath">~/uploads</security>
     <security name="TemplateGalleryPath">~/templates</security>
     <security name="FilesGalleryPath">~/uploads</security>
     <security name="MaxImageFolderSize">102400</security>
     <security name="MaxMediaFolderSize">102400</security>
     <security name="MaxFlashFolderSize">102400</security>
     <security name="MaxDocumentFolderSize">102400</security>
     <security name="MaxTemplateFolderSize">102400</security>
     <security name="ThumbnailWidth">80</security>
     <security name="ThumbnailHeight">80</security>
     <security name="ThumbnailColumns">5</security>
     <security name="ThumbnailRows">3</security>
     <security name="AllowUpload">true</security>
     <security name="AllowModify">true</security>
     <security name="AllowRename">true</security>
     <security name="AllowDelete">true</security>
     <security name="AllowCopy">true</security>
     <security name="AllowMove">true</security> <!-- this is rename too -->
     <security name="AllowCreateFolder">true</security>
     <security name="AllowDeleteFolder">true</security>
     <security name="ImageFilters">
      <item>.jpg</item>
      <item>.jpeg</item>
      <item>.gif</item>
      <item>.png</item>
     </security>
     <security name="MediaFilters">
      <item>.avi</item>
      <item>.mpg</item>
      <item>.mpeg</item>
      <item>.mp3</item>
     </security>
     <security name="DocumentFilters">
      <item>.txt</item>
      <item>.doc</item>
      <item>.pdf</item>
      <item>.zip</item>
      <item>.rar</item>
      <item>.avi</item>
      <item>.mpg</item>
      <item>.mpeg</item>
      <item>.swf</item>
      <item>.jpg</item>
      <item>.jpeg</item>
      <item>.gif</item>
      <item>.png</item>
      <item>.htm</item>
     </security>
    </configuration>
     
    This property can be programmingly set as well.
     
    Editor1.Setting["security:AllowUpload"]= false;
    Editor1.Setting["security:AllowDelete"]= false;
    Editor1.Setting["security:AllowCreateFolder"]= false;
    Editor1.Setting["security:AllowDeleteFolder"]= false;
    Editor1.Setting["security:AllowMove"]= false;
    Editor1.Setting["security:AllowCopy"]= false;
     
    Hope it helps.
     
    Let me know if you have any further questions.
     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

View as RSS news feed in XML