Subject: permission in CKEditor

Posted on: 15/08/19 08:14am

In the image properties dialog of CKEditor, there is a Browse Server button.
It seems users with less access rights could not use the service and geeklog displays error pane like: "geeklog you do not have access to this administration page. Please note that all attempts to access unauthorized features are logged."

What privilege is required to use this feature? I tried give him story.admin and it worked. But I don't know whether it is just enough or too much.

Another question is, when users are allowed to access image folders via Browse Server button, each user should be allowed to access only their own images. How can I restrict that?


Re: permission in CKEditor

Posted on: 15/08/19 10:37am
By: Laugh

I had the same questions late last year and made some fixes for the upcoming version of Geeklog that removes editor buttons that users don't have access to use.

BTW it is File Management permissions that the user needs (which you would only give to select users).

See the issue:

for more information and how to manually remove buttons if you need too.

Re: permission in CKEditor

Posted on: 15/08/19 08:02pm

Can I get files with the fix if I download files from there ,right?

The 10 month ago timestamp of files in the editor folder looks like fixed.

Re: permission in CKEditor

Posted on: 16/08/19 06:56am
By: Laugh

Yes you can but you need to be careful and check what changes the files you want have (look at the history). At that point in the repository the files could contain other unrelated fixes that could cause bugs or even prevent Geeklog from working since you would not be downloading the new files required for these different fixes as well.

PHP Formatted Code

Looking at the changed files for this fix I see that lib-common.php was updated. That has a lot of changes previously so I would just take the changes for this fix and update your own lib-common.php manually. Then test and make sure things work as expected.

Re: permission in CKEditor

Posted on: 22/08/19 09:17am

I have trouble to deal with logged-in status in the editor.

I can't get the uid for a log-in user.
It is weird that I can easily get it when I put a simple php page under public_html to access uid.
It's like this:
1. I log in the geeklog site.
2. I open another tab or window in the web browser, and visit a simple php page which is like:
PHP Formatted Code
echo $_USER('uid');

3. I can access my uid on the page.
But on the popup window of ckeditor-ckfinder ingegration, I could not do that.

Do you have any ideas?

Re: permission in CKEditor

Posted on: 22/08/19 04:01pm
By: Laugh

Hard to say without seeing the code.. if it is within a function of your integration you would have to define a global scope of the variable $_USER to access it.

Re: permission in CKEditor

Posted on: 24/08/19 04:22am

I found a solution.
First, to prevent illegal access, ckfinder.js script is included inside the admin-article.php, that means after login.
I also deleted all html files including samples in ckfinder folder.

As for getting info about current user, I found a solution with php Session function.
It would be a little problem that how and when I destroy all parametters about the session. Just "session_destroy()" is not enough I think.

It would be good if there is any built-in function in GL for this purpose.

Geeklog - Forum