File Manager permissions

Permalink 1 user found helpful
Hey gang,

I'm hoping to limit file access to groups of people. Basically I have people signing up for a year membership through the eCommerce add-on, and it drops them in a group that is given access to view the forums. We'll call them Paid Membership group.

Additionally, I'm using John's Front End File Manager to let users upload files and share information.

However, a Paid Member in the front end file manager only has the options to search all files, just theirs, or none at all. I want them to only be able to view files uploaded by users in that group.

1. Does advanced permissions let me adjust file access specific to a group? Or, is there some way I can make it so all files uploaded by people go into a file Set and then people in that group can only see files in that Set?

The editing is set to Mine, which is perfect.

2. Secondly, I'd also like to deal with the absolute URL given once a file is uploaded, as it could be handed around... I'm thinking about just editing the core file manager appearance to get rid of that field so it simply isn't shown to the user. Or, does anyone know of some way to make sure all files either uploaded by a group/ stored in a specific folder require login... ?

Any links would be great. Google is failing me, and all I can seem to get from the forum is posts relating to actual errors/ stuff breaking. :)

I'm going to activate advanced permissions and play with that now. The video (http://www.concrete5.org/documentation/how-tos/designers/using-advanced-permissions/) looks a bit out-dated and doesn't cover much... ;)

Thanks for any input!

Joel

joelhansen
View Replies:
JohntheFish replied on at Permalink Reply
JohntheFish
Are you in a position to upgrade to 5.6? The permission system is much more flexible and easy to use.
joelhansen replied on at Permalink Reply
joelhansen
Yes!

I'm working on manually upgrading it as we speak.

However, viewing Andrew's hour long Youtube 'review' of them, I didn't see any more granular control of File permissions. I can think of a few ways of solving this problem, but I need things like Files uploaded from a user in a group go instantly to a predefined set, then users in that group only can search for files of a set.

I guess I'll find out after upgrading. I need advanced permissions for some of the cascading permissions related to how we are laying out the forum anyway...

Thanks John! :)

Joel
joelhansen replied on at Permalink Reply
joelhansen
Mmm, maybe I'm wrong about 5.6 not having what I need... lol
joelhansen replied on at Permalink Reply
joelhansen
According to Ryan:http://www.youtube.com/watch?feature=player_embedded&v=Ac7Z3x2R...

@ 30:10

"... there is no way to force files to go into different sets [by default], which is something we might address at some point..."

:(

K, plan B - Don't use the File Manager for Site Content. The client won't be editing the site themselves, just me... I can turn images into blocks later, once this functionality becomes available. *sigh*
joelhansen replied on at Permalink Reply
joelhansen
Looking athttp://www.concrete5.org/documentation/developers/files/metadata.... Going to see if I can give files uploaded by users in a certain group a file Attribute. Then make it so users in that group can only see files with that Attribute.

Also, there doesn't seem to be any way to control what people in the File Manager can Search/ View, Edit, nor Delete outside of No, Mine, and Yes in basic settings. Not sure if advanced gives me more, only one way to find out...
joelhansen replied on at Permalink Reply
joelhansen
K. This might actually work...

With advanced permissions I was able to add permissions to a File Set. So, I made an Admin file set for site-related files, which are NOT viewable to everyone else.

Only thing left is Sets. File Manager Permissions doesn't have a way for me to limit who can do what with Sets.

Currently anyone can edit the set in which a file belongs. Thinking about hiding the Sets option to everyone who's ID isn't admin. Ideally Users could view everyone's files (except those in Admin File Set), as well as edit and delete only there own, not mess with other people's sets...

Joel