1

In my CMS , I am using Zizaco/entrust/ as an ACL manager and laravel-elfinder as a file manager and uploader.

Both work fine and do not have any problem.

Now, I want to limit access of users that have Specified roles and Permissions to folders that elfinder manage them to upload or list files.

Globally in elfinder configuration file, we can set The dir where to store the images (relative from public) like this :

return array(
    'dir' => ['upload']
);

In this case, All users by any Roles can access it and upload or other commom file operations.

But I want , after user login , if he wants to elfinder , only can access to folder same name as her username and he can not see or access other user folder.

is it possible? if Yes please guide me.

Ahmad Badpey
  • 6,348
  • 16
  • 93
  • 159
  • 1
    The piece of code is from laravel config? If yes, (not 100% good aproach). But you can always change this config for each user, in middlware. Like `if($user->admin){ Config::set('dir', 'admin_folder') }` but still as I know Elfinder saves files in Public, so if they now url they can access it, so you need to save them somewhere in storage an create an Controller that based on Permission will show files. – SergkeiM Apr 25 '16 at 12:55
  • That is from elfinder configuration file. see at : https://github.com/barryvdh/laravel-elfinder/blob/master/config/elfinder.php#L13.of course With your guidance , I could solve problem that I posted it as answer. – Ahmad Badpey Apr 25 '16 at 18:41

1 Answers1

2

According @Froxz guidance, I could solve the problem like this:

In Middleware that allow only admin user work with CMS, I wrote :

$username   =   Auth::user()->username;

if (!File::exists(public_path('upload').'/'.$username)) {
    File::makeDirectory(public_path('upload').'/'.$username,0775);
}
Config::set('elfinder.dir',["upload/$username"]);

First , I created a directory same username of user , then set dir option of elfinder configuration to that folder path.

Ahmad Badpey
  • 6,348
  • 16
  • 93
  • 159