views:

171

answers:

1

Hi everyone, if somebody could help with this please.

I am trying to incorporate ckeditor and ckfinder to an Asp.Net Mvc 1 project. SO far everything is working fine. The only thing I cann't get to work right is the Access Control for ckfinder.

For what I understand, in the file ckfinder/config.ascx, the variable string RoleSessionVar is used to assign the role to be restricted. The default value is:

RoleSessionVar = "CKFinder_UserRole";

I have tree roles in my project Administrators, Editors and Contributors. So in order to get my current user Role I replace it for:

    string currentRole= "";

    if(HttpContext.Current.User.IsInRole("Administrators"))
    {
        currentRole = "Administrators"; 
 }
    else
    {
        if (HttpContext.Current.User.IsInRole("Editors"))
            currentRole = "Editors";
        else
        {
            if (HttpContext.Current.User.IsInRole("Contributors"))
            {
                currentRole = "Contributors";
            }
        }
    }


    RoleSessionVar = currentRole;

The variable gets assigned with the correct Role for the current user. The next part in the config.ascx file are the ACL settings. The default one are:

 AccessControl acl = AccessControl.Add();
    acl.Role = "*";

acl.ResourceType = "*"; acl.Folder = "/";

    acl.FolderView = true;
    acl.FolderCreate = true;
    acl.FolderRename = true;
    acl.FolderDelete = true;

    acl.FileView = true;
    acl.FileUpload = true;
    acl.FileRename = true;
    acl.FileDelete = true; 

With these settings there are not any problems the ckfinder, it lists all the folders and files, but there with full permissions for everyone. I want to restrict deleting permissions to different Roles. Anyway just as a test I tried to give full permissions to Administrators' Role

    AccessControl acl = AccessControl.Add();
    acl.Role = "Administrators";

acl.ResourceType = "*"; acl.Folder = "/";

    acl.FolderView = true;
    acl.FolderCreate = true;
    acl.FolderRename = true;
    acl.FolderDelete = true;

    acl.FileView = true;
    acl.FileUpload = true;
    acl.FileRename = true;
    acl.FileDelete = true; 

But ckfinder will not show any folder or file even though RoleSessionVar = "Administrators".

I'll be very thankful for any ligh to the solution of this problem.

Byron

A: 

You need to do

Session["RoleSessionVar"] = currentRole;

nabeelfarid