Advanced file sharing

This is a forum to suggest new features for mojoPortal. 

This thread is closed to new posts. You must sign in to post in the forums.
1/2/2011 10:20:40 AM
paiman
Gravatar
Total Posts 192
View Posts

Advanced file sharing

There are two things I need with the file sharing module...

1. I need to limit the total upload size for site users. currently specifying a size limit for a role suffices for me.

2. I want a special role to be able to upload files. but they must not have perfect permission. they must just be able to upload upto the permitted limit, they must be able to delete their own files. but they  mustn't be able to delete other users uploaded files.

(instead of limiting upload size, having workflow available would also be good. for example uploaded  files need to be approved by admin, and if not approved they will be removed after 3 days from server.)

I thought about cloning file sharing and developing my own.

maybe the changes are useful for others too.

suggestions?

(and how can I send the extended file sharing to you after it's available?)

1/3/2011 2:28:31 PM
paiman
Gravatar
Total Posts 192
View Posts

Re: Advanced file sharing

Where are these settings used?

<add key="UserFolderDiskQuotaInMegaBytes" value="300"/>

<add key="UserFolderMaxNumberOfFiles" value="1000"/>

1/3/2011 2:59:15 PM
Asad Samarian
Gravatar
Total Posts 550
View Posts

Re: Advanced file sharing

Hi,
In the site settings under Securiy ->Permission  you can  specify roles that can browse and upload files but only in a user specific user folder. Those setting apply to user specific user.

Hope Helps,

Asad

1/3/2011 3:39:28 PM
Jamie E
Gravatar
Total Posts 1203
View Posts
Proud member of the mojoPortal team

Help support mojoPortal!
Add-on modules

Re: Advanced file sharing

Paiman, you can add those keys to your user.config file, then override the values. Use Asad's tip to set up per-user upload directories for quota enforcement.

1/4/2011 6:34:20 AM
paiman
Gravatar
Total Posts 192
View Posts

Re: Advanced file sharing

I have set those permissions to the roles. but how can they access the file manager?

they are not allowed to access site/Dialog/FileManagerDialog.aspx and neither site/Dialog/FileManagerAltDialog.aspx

how are they supposed to access the filemanager itself?

and those permissions are not applied to file sharing module.

what am I doing wrong?

1/4/2011 6:50:24 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Advanced file sharing

Those settings do not apply to the Shared Files module.

The Shared Files feature is not intended for user specific files nor for files used in html content such as images, it is designed for sharing files by roles and protecting those files so they cannot be downloaded by users who are not in allowed roles. It does this by storing the files on disk with a guid for the name and with the extension .config and the real file name is stored in the database. .config extension is protected so it cannot be downloaded from an url even if you can guess the correct file name and location.

Roles specified under Roles That Can Browse and Upload but only in a user specific location can browse and upload files such as images using the wysiwyg editor (if they also have some edit permissions in content or in forums). 

In order for users to have access to the file manager, they also need to be in "Roles that Can Delete Files Using The File Browser in the Editor". This is because the File Manager does allow deleting files so in order to allow use of it the user must be allowed to delete files. Of course they still can only delete file sin the user specific location.

Files in file manager are meant for use in html content and as such they are not protected by a .config extension so if someone knows the url path to the file it can be downloaded, it is not protected in any way.

Hope it helps,

Joe

1/4/2011 8:08:00 AM
paiman
Gravatar
Total Posts 192
View Posts

Re: Advanced file sharing

Thanks.

now I have a problem!

I want users to be able to upload pdf files as well as doc and docx and some other files.

I added this to user.config:

<add key="AllowedLessPriveledgedUserUploadFileExtensions" value=".gif|.jpg|.jpeg|.png|.zip|.pdf|.doc|.docx|.xls|.xlsx|.ppt|.pptx|.csv|.txt"/>

now in the editor for upload, when a less priveledged user wants to upload a pdf file, neat upload is shown and seems it finished it's job.

but nothing will be added to the user folder.

(there is no problem with the jpg file)

editor is: TinyMCE

 

1/4/2011 8:10:00 AM
paiman
Gravatar
Total Posts 192
View Posts

Re: Advanced file sharing

it happens with CKEditor too.

1/4/2011 8:56:39 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Advanced file sharing

Are you trying to upload files that are not images from the image dialog in the editor? You can only upload images there. To upload other file types you need to use the link button in the editor, ie highlight some text to be the link then click th elink button then you can browser the server and upload file and link to it.

Hope it helps,

Joe

1/8/2011 6:10:10 AM
paiman
Gravatar
Total Posts 192
View Posts

Re: Advanced file sharing

ok. uploading from the editor is not what I wanted. so I will make changes to sharedFiles feature.

I will make these changes to it:

add three more setting options to sharedfiles:

  • allow all authenticated users to upload files
  • User quota
  • allow users to delete the files they uploaded themselves

(the first could later be changed to allow specific roles, and also the second to specify disk quota for roles)

currently only the roles which can edit are allowed to upload files. and they also can edit the page.

in a more advanced way, could add a single option whether to follow global file upload settings or not; later.

for these three, none of them require a DB change.

if implemented, will you integrate it to the existing feature, or I must consider cloning it first?

(and I don't still know how to send changes to you)

(also how can I directly contact you? I guess there are security issues with sharedfiles feature that I can't post here)

 

1/8/2011 12:45:56 PM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Advanced file sharing

If you add users to roles that can upload to user location and also add them to roles that can delete files in the editor, then they will be able to use the real file manager that is intended for users and will see the file manager link in the toolbar at the bottom of most skins.

Shared Files feature is not meant for user files and I don't want to make it for user files so if you want to customize it you should clone it into a separate independent feature then you can modify it as a custom feature as much as you like with no problems and still be able to upgrade.

Small code changes can be submitted here in the forums and if I agree I will integrate them. Larger changes require a contributor agreement, see contribution guidelines here:

http://www.mojoportal.com/contribute.aspx

Best,

Joe

1/9/2011 6:06:32 AM
paiman
Gravatar
Total Posts 192
View Posts

Re: Advanced file sharing

well, Anyways, I have implemented the features I needed.

I wanted users just to be able to delete the files they had uploaded themselves, and not have global delete permission.

and I think either stylshout-coolwater skin didn't support this; filemanager would be shown only if you had editor permission on the page, or maybe I was mistake.

Thanks.

additional work in my task list for cloning. :)

1/9/2011 6:28:34 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Advanced file sharing

just a note that the delete permissions are not global if the user can only upload to a user specific location then he can only delete the files he uploaded. The wysiwyg editor has no delete ability by default but the file manager does that is why users must also be allowed to delete files or they are not allowed to use file manager at all. The link should show up if the user has a role with both upload permissions and delete permissions

In any case if you clone the shared files feature and make it meet your needs that is fine.

Best,

Joe

1/13/2011 9:24:05 AM
paiman
Gravatar
Total Posts 192
View Posts

Re: Advanced file sharing

1. I wanted to limit the total size of files uploaded for a specific user. I could do it, but the problem is that size of files is checked when file is on server. the user first uploads the file to server and waits some time, then he understands he can't upload a file with that size and file is not saved on server. I prefer to tell the user he can't upload the file before sending it to server. some help please.

2. there is a problem with filesharing.

in \mojoPortal.Features.UI\SharedFiles\SharedFilesModule.ascx.designer.cs with .net 3.5 (i use visual studio 2010 on win7 32bit)

when trying to change something on the user control, auto generated code will produce this code on line 69:
protected global::Microsoft.Web.Preview.UI.Controls.UpdatePanel upFiles;

but it produces an error.

changing it to:

protected global::System.Web.UI.UpdatePanel upFiles;

will make the error go away. don't know what's wrong.

3. I couldn't show my error messages in lblError. how can I use it?

1/13/2011 10:13:39 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Advanced file sharing

1. I have no solution for you and it is not on me to come up with a solution for you. Server side code can only know the size of a file after it is uploaded so we can enforce disk space quotas but not prevent a user from trying to upload a file that might be too large. It is a difficult problem to find a way to determine the file size on the client machine before uploading, if you google for "asp.net determine file size before uploading" you can learn about the problem and various approaches to the problem none of which are easy or ideal.

2. I've just pushed a change that corrected a mistake in mojoPortal.Features.UI/Web.net35.config you will need to get the latest changes and then to use .NET 3.5 you need to copy the contents from the file mojoPortal.Features.UI/Web.net35.config into the corresponding Web.config.

This will solve the problem about the Update panel in the designer file.

Once you modify any mojoPortal code it is on you to solve your own problems and make it work, you should clone it not modify it directly and then the same applies, it is on you to understand the code in your clone and how to solve your own problems, I'm not here to do that for you and am not interested in supporting your clone or your modifications to mojoPortal code. I have enough to do supporting the official code and the features I ship. You may ask for help but I am under no obligation to help with every problem or goal you may have so do not have the expectation that I will help. If it is something I can easily help with I may help but I am very busy with my own work.

Best,

Joe

1/14/2011 8:29:04 AM
paiman
Gravatar
Total Posts 192
View Posts

Re: Advanced file sharing

I don't expect you to answer all my questions, and thank you for all the great works you have done. but sometimes you and maybe others can help. I just ask my questions. and thank you whether you answer them or not.

 

You must sign in to post in the forums. This thread is closed to new posts.