Posted on: 08/15/19 08:14am
By: OMAL
In the image properties dialog of CKEditor, there is a Browse Server button.
It seems users with less access rights could not use the service and geeklog displays error pane like: "geeklog you do not have access to this administration page. Please note that all attempts to access unauthorized features are logged."
What privilege is required to use this feature? I tried give him story.admin and it worked. But I don't know whether it is just enough or too much.
Another question is, when users are allowed to access image folders via Browse Server button, each user should be allowed to access only their own images. How can I restrict that?
Thanks.
Re: permission in CKEditor
Posted on: 08/15/19 10:37am
By: Laugh
I had the same questions late last year and made some fixes for the upcoming version of Geeklog that removes editor buttons that users don't have access to use.
BTW it is File Management permissions that the user needs (which you would only give to select users).
See the issue:
https://github.com/Geeklog-Core/geeklog/issues/890[*1]
for more information and how to manually remove buttons if you need too.
Re: permission in CKEditor
Posted on: 08/15/19 08:02pm
By: OMAL
Re: permission in CKEditor
Posted on: 08/16/19 06:56am
By: Laugh
Yes you can but you need to be careful and check what changes the files you want have (look at the history). At that point in the repository the files could contain other unrelated fixes that could cause bugs or even prevent Geeklog from working since you would not be downloading the new files required for these different fixes as well.
Text Formatted Code
https://github.com/Geeklog-Core/geeklog/commit/438494c939f792248d5281894dae632dfb61b9da
Looking at the changed files for this fix I see that lib-common.php was updated. That has a lot of changes previously so I would just take the changes for this fix and update your own lib-common.php manually. Then test and make sure things work as expected.
Re: permission in CKEditor
Posted on: 08/22/19 09:17am
By: OMAL
I have trouble to deal with logged-in status in the editor.
I can't get the uid for a log-in user.
It is weird that I can easily get it when I put a simple php page under public_html to access uid.
It's like this:
1. I log in the geeklog site.
2. I open another tab or window in the web browser, and visit a simple php page which is like:
Text Formatted Code
require_once path.to.lib-common.php;
echo $_USER('uid');
3. I can access my uid on the page.
But on the popup window of ckeditor-ckfinder ingegration, I could not do that.
Do you have any ideas?
Re: permission in CKEditor
Posted on: 08/22/19 04:01pm
By: Laugh
Hard to say without seeing the code.. if it is within a function of your integration you would have to define a global scope of the variable $_USER to access it.
Re: permission in CKEditor
Posted on: 08/24/19 04:22am
By: OMAL
I found a solution.
First, to prevent illegal access, ckfinder.js script is included inside the admin-article.php, that means after login.
I also deleted all html files including samples in ckfinder folder.
As for getting info about current user, I found a solution with php Session function.
It would be a little problem that how and when I destroy all parametters about the session. Just "session_destroy()" is not enough I think.
It would be good if there is any built-in function in GL for this purpose.