Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

All other Modules /

Discuss all other Modules here.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Secured Files and dataobject_manager


Reply


2 Posts   684 Views

Avatar
ingedman

Community Member, 1 Post

27 October 2010 at 11:44am

Edited: 27/10/2010 11:50am

Hello Guys,

I'm trying to apply some security to a files into files loaded using dataobject_manager.
Looks like everything is working fine, because I can list them and the users can only access their files, the problem is than the list include all the files, and some of those are not allowed for that user fortunately the link is broken for all the not allowed files.

My question is, How to list only files allowed for the user ?.

Template

<% if URLSegment = Security %>
<% else %>
<% control Resources %>
<h3><a href="$Attachment.GetURL" target="_blank">$Title </a></h3>                                 
<p>$Description</p>
<% end_control %>

Model

<?php
class ResourcePage extends Page
{
   static $has_many = array (
      'Resources' => 'Resource'
   );
   
   public function getCMSFields()
   {
      $f = parent::getCMSFields();
      $manager = new FileDataObjectManager(
         $this, // Controller
         'Resources', // Source name
         'Resource', // Source class
         'Attachment', // File name on DataObject
         array(
            'Name' => 'Name',
            'Description' => 'Description',
            'Category' => 'Category'
         ), // Headings
         'getCMSFields_forPopup' // Detail fields (function name or FieldSet object)
      );

      $manager->setFilter(
         'Category', // Name of field to filter
         'Filter by Category', // Label for filter
         singleton('Resource')->dbObject('Category')->enumValues() // Map for filter (could be $dataObject->toDropdownMap(), e.g.)
      );
      
      $manager->setAllowedFileTypes(array('pdf','doc','xls'));
      $manager->setBrowseButtonText("Upload (PDF, DOC and XLS only)");
      $manager->setGridLabelField('Name');
      $manager->setPluralTitle('Resources');
            
      $f->addFieldToTab("Root.Content.Resources", $manager);

      return $f;
   }

}

class ResourcePage_Controller extends Page_Controller
{
}
?>

Thanks in advanced for your great work.

Avatar
Hamish

Community Member, 712 Posts

29 October 2010 at 12:43pm

Have a read of [url]http://silverstripe.org/all-other-modules/show/14132[/url]