0

My concrete5 website is open for some limited member of an organization. each organization member is assigned to a user group according to their department on the organization. I'm giving them (their user group to be exact) access to add their own special content, and of course they are allowed to upload and attach their own images/files on their own page.

Now, regarding this images/files, I don't want them to be able to access all the previously uploaded files (by anyone). They can only access the file that belongs to them (or at least belongs to their user group).

the latest Concrete5 (5.6) has quite versatile ability to set permission for every single file. But that's not exactly what I want. Setting permission for all the files one by one wouldn't be practical. I want it all set automatically. So that when they upload their file, that file permission automatically assigned exclusively accessible only for them, no other user should be able to access their file, except super admin of course.

This is the closest forum discussion I got about this issue, but unfortunately, the discussion ends up without real solution.

What should I do to get this functionality? does concrete5 really has this functionality? if not, is there some kind of add on out there with this functionality? or if I should get my hands dirty altering concrete5 core code, where should I start? what file(s) can I override?

Kamal
  • 1,922
  • 2
  • 23
  • 37

1 Answers1

0

I dug concrete5 core code myself and after a lot of test here and there, I've found the solution

The easiest way to achieve this is by adding more if conditional on elements\files\search_results.php

following the overriding structure, copy \concrete\elements\files\search_results.php to elements\files\search_results.php

This file used by concrete5 to show the file listing (based on the search criteria) on the file manager. Go check out the code, you'll know what to edit in there according to your own requirement.

In my case, I add this conditional on the foreach loop

$u = new User();

if($u->inGroup(Group::getByName("Administrators")) || $u->getUserName() == "admin" || 
$f->getUserID() == $u->getUserID()){
    $pf = new Permissions($f);
    if (!isset($striped) || $striped == 'ccm-list-record-alt') {
         $striped = '';
    } else if ($striped == '') { 
        $striped = 'ccm-list-record-alt';
    }
    $star_icon = ($f->isStarred() == 1) ? 'star_yellow.png' : 'star_grey.png';
    $fv = $f->getApprovedVersion(); 
    ... cut ...
    <?php  } ?>

    </tr>
    <?php 
} ?>
Kamal
  • 1,922
  • 2
  • 23
  • 37