Jump to:

4873 Posts in 7242 Topics by 1471 members

Installing SilverStripe

SilverStripe Forums » Installing SilverStripe » Testers Required - SecureFiles 0.1.1 Module

Getting SilverStripe up and running on your computer and on your web server.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1 2 3 4
Go to End
Author Topic: 5221 Views
  • Hamish
    Avatar
    Community Member
    712 Posts

    Testers Required - SecureFiles 0.1.1 Module Link to this post

    THIS THREAD IS OBSOLETE. Please see new version updates here: http://silverstripe.org/all-other-modules/show/280202#post280202

    Hey all,

    Attached is an early build of a module I am working on - 'SecureFiles' allows content managers to set file access permissions on folders. Files within these folders will be subject to permission checks through sapphire.

    As you might not know, files uploaded to you SilverStripe site are open to the internet - that is, anyone who knows the right URL will be able to get to your files.

    Features:

    • New CMS tab 'Security' for folders, allows content editors to give specific users access to specific folders
    • Privileges are inherited from parent folders
    • Uses apache rewrite rules to direct secure folders through an optimized controller. Unsecured folders are still allowed direct access (so they will load at the same speed)
    • New permission code "Access to Secure Files" overrides folder specific privileges
    • Prevent Google indexing your private files!

    This is an early version, so documentation is still sparse, however it should be this easy to install:

    1. Extract to your SilverStripe directory

    2. Run dev/build?flush=1

    I would like to here about any bugs of feedback you might have, so please add to this thread.

    ----

    EDIT: this now lives at http://polemic.net.nz/secure-files-module/

    SVN: http://polemic.net.nz/svn/silverstripe/modules/SecureFiles/

    Log Tickets and feature requests: http://polemic.net.nz/trac/newticket?component=Secure%20Files

    Attached Files
  • Hamish
    Avatar
    Community Member
    712 Posts

    Re: Testers Required - SecureFiles 0.1.1 Module Link to this post

    ... I don't know how this ended up in this forum. Supposed to be in "All-other-modules". Oh well :/

  • Liam
    Avatar
    Community Member
    470 Posts

    Re: Testers Required - SecureFiles 0.1.1 Module Link to this post

    This is exactly what I needed on a project a long time ago!

    I can still use it, so I'll install and test. I need a few days at least, as I'm swamped with other work right now.

    Thanks a lot though. This is a really good module by the sounds of it. Will come in handy.

  • Hamish
    Avatar
    Community Member
    712 Posts

    Re: Testers Required - SecureFiles 0.1.1 Module Link to this post

    Hey LeeUmm, glad to have you trying it out.

  • sorich87
    Avatar
    Community Member
    14 Posts

    Re: Testers Required - SecureFiles 0.1.1 Module Link to this post

    I will test it also because I need similar functionnality for an ecommerce which will sell music.

  • slamby
    Avatar
    Community Member
    21 Posts

    Re: Testers Required - SecureFiles 0.1.1 Module Link to this post

    I installed and tested the module. It works like expected.

    There is a small issue with the member drop down box: When the select box opens the first two fields are blank. Could it be that DropdownField already brings the functionality to show $optionArray[0] as ' '?

    If I uncomment like:
    //   $optionArray = array( '0' => '');

    the select box behaves shows a blank field first and 2nd and so forth the users will be shown.

    Thanks for the good work.

    BTW: Did you ever thought about supporting group permissions instead of or in addition to members?

  • Hamish
    Avatar
    Community Member
    712 Posts

    Re: Testers Required - SecureFiles 0.1.1 Module Link to this post

    Yeah, group permissions are the next thing on the list. Basically, to be fully featured, I think it will need the following:

    1. Administrator override (existing - "Access secured files" permission level)

    2. User level permission management (existing functionality)

    3. Group level permission management (to do)

    ...and basically with precedence in that order, so that Admin overrides User level permissions which override group level permission.

    4. Hook into security auditing (to do)

  • weberho
    Avatar
    Community Member
    15 Posts

    Re: Testers Required - SecureFiles 0.1.1 Module Link to this post

    I'm currently evaluating the SecureFile extension (v.1.1.3); it works nicely but I get an error:

    "I can't handle sub-URLs of a SecureFileController object" when I try to access the URL listed below where the "Dokumente-Login" is set as secure Foder.

    http://staging.test.com/assets/Uploads/Dokumente-Login/SFF/Spppppp/Zur-Eignung-von-MultifingermessungenSpppppp.pdf

    Do you need more information to solve that problem?

    Best regards,
    Johannes

    5221 Views
Page: 1 2 3 4
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.