Jump to:

10930 Posts in 2613 Topics by 1810 members

All other Modules

SilverStripe Forums » All other Modules » Secured Files and dataobject_manager

Discuss all other Modules here.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 652 Views
  • ingedman
    Avatar
    Community Member
    1 Post

    Secured Files and dataobject_manager Link to this post

    Hello Guys,

    I'm trying to apply some security to a files into files loaded using dataobject_manager.
    Looks like everything is working fine, because I can list them and the users can only access their files, the problem is than the list include all the files, and some of those are not allowed for that user fortunately the link is broken for all the not allowed files.

    My question is, How to list only files allowed for the user ?.

    Template

    <% if URLSegment = Security %>
    <% else %>
    <% control Resources %>
    <h3><a href="$Attachment.GetURL" target="_blank">$Title </a></h3>                                 
    <p>$Description</p>
    <% end_control %>

    Model

    <?php
    class ResourcePage extends Page
    {
       static $has_many = array (
          'Resources' => 'Resource'
       );
       
       public function getCMSFields()
       {
          $f = parent::getCMSFields();
          $manager = new FileDataObjectManager(
             $this, // Controller
             'Resources', // Source name
             'Resource', // Source class
             'Attachment', // File name on DataObject
             array(
                'Name' => 'Name',
                'Description' => 'Description',
                'Category' => 'Category'
             ), // Headings
             'getCMSFields_forPopup' // Detail fields (function name or FieldSet object)
          );

          $manager->setFilter(
             'Category', // Name of field to filter
             'Filter by Category', // Label for filter
             singleton('Resource')->dbObject('Category')->enumValues() // Map for filter (could be $dataObject->toDropdownMap(), e.g.)
          );
          
          $manager->setAllowedFileTypes(array('pdf','doc','xls'));
          $manager->setBrowseButtonText("Upload (PDF, DOC and XLS only)");
          $manager->setGridLabelField('Name');
          $manager->setPluralTitle('Resources');
                
          $f->addFieldToTab("Root.Content.Resources", $manager);

          return $f;
       }

    }

    class ResourcePage_Controller extends Page_Controller
    {
    }
    ?>

    Thanks in advanced for your great work.

  • Hamish
    Avatar
    Community Member
    712 Posts
    652 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.