Contents
Access Control List Examples
Have a look at the following examples that present various permission configurations in order to learn more about using Access Control Lists in CKFinder.
Example 1
If you want to restrict the upload, renaming, or deletion of files in the Logos
folder of the resource type Images
, use the following ACL settings.
{{{example1}}}
This example only refers to file operations in the /Logos
folder. It does not restrict operations on the folder, so the user can delete or rename it. In order to limit users' ability to modify the folder itself (not its contents), you should change permissions in the parent folder.
Example 2
The following settings restrict folder operations for the Images
resource type.
{{{example2}}}
Now a user can view and create a folder, but he will be unable to rename or delete it.
Explaining Folder Path for Example 1
In the first example above the /Logos
path was used in ACL definition. It is rather obvious that this is not an absolute path to folder on the server.
Let us assume that the absolute path on server to the application folder is /sites/example.com/
and the path to userfiles folder is /sites/example.com/userfiles/
.There is also "Images"
resource type which in this case points to /sites/example.com/userfiles/images/
.
Knowing the above let's define correct path for the Logos
folder located in /sites/example.com/userfiles/images/Logos
. The key is to define path relative to resource type (In this case resource type is "Images"
pointing to /sites/example.com/userfiles/images/
), thus the value that needs to be assigned to ACL folder property is /Logos/
.
Please also note that:
- Folder path has to start from slash character.
- If you use a wildcard for resource type (acl.ResourceType = "*";), CKFinder will look through all resource types and apply ACL to every folder that matches the rule, for example Files:/Logos, Flash:/Logos.