ACL in CKFinder and Imposing Folder Size Limit and Number of Files Per User

Before we start, i suggest you to see my previous two post about CKFinder here and here. In this post i will show how you can manage ACL and also how you can limit you user to on folder size and number of files. For example you web app let user to upload file using CKFinder. Now you want to limit you user to upload 10 files not more. also you want keep the folder size to 10m. then this post is very useful you (i hope). ACL is very easy in CKFinder.

Let’s say you have 3 types of user

admin with add edit delete option on folder and files

paid with add edit delete option on files and add, edit on folders

free Only add option on files

Now in you web apps, you set the user_type_id which will accessible in CKFinder’s session. To see how look here.

Now setting ACL. here i am using user_type_id=1 as admin, user_type_id=2 as paid and user_type_id=3 as free.

For admin users

$config['AccessControl'][] = Array(
'role' => '1',
'resourceType' => '*',
'folder' => '/',

'folderView' => true,
'folderCreate' => true,
'folderRename' => true,
'folderDelete' => true,

'fileView' => true,
'fileUpload' => true,
'fileRename' => true,
'fileDelete' => true);

For paid users

$config['AccessControl'][] = Array(
		'role' => '2',
		'resourceType' => '*',
		'folder' => '/',

		'folderView' => true,
		'folderCreate' => true,
		'folderRename' => true,
		'folderDelete' => false,

		'fileView' => true,
		'fileUpload' => true,
		'fileRename' => true,
		'fileDelete' => true);

for free users

$config['AccessControl'][] = Array(
		'role' => '3',
		'resourceType' => '*',
		'folder' => '/',

		'folderView' => true,
		'folderCreate' => false,
		'folderRename' => false,
		'folderDelete' => false,

		'fileView' => true,
		'fileUpload' => true,
		'fileRename' => false,
		'fileDelete' => fals);
function CheckAuthentication()
{
	//WARNING : DO NOT simply return "true". By doing so, you are allowing
	//"anyone" to upload and list the files in your server. You must implement
	//some kind of session validation here. Even something very simple as...

	if(!empty($_SESSION['User']) )
	{
                $_SESSION['CKFinder_UserRole'] = $_SESSION['User']['user_type_id'];
		if(!is_dir('/home/yoursite/public_html/app/webroot/files/'.md5($_SESSION['User']['email'])))
			mkdir('/home/yoursite/public_html/app/webroot/files/'.md5($_SESSION['User']['email']), 0777);
		return true;
	}
	else
	{
		return false;
	}

	//... where $_SESSION['IsAuthorized'] is set to "true" as soon as the
	//user logs in your system.

	//return true;
}

Now comes the folder size limitation. To do this you have change couple of files. First create a folder size calculation function and put it in config.php.

function current_folder_size()
{
	$baseDir = '/home/yoursite/public_html/app/webroot/files/'.md5($_SESSION['User']['email']).'/';
	$folder_size = 0;
	$folder_file_num = 0;
	if ($handle = opendir($baseDir."images")) {

		while (false !== ($file = readdir($handle))) {
			if($file != '.' and $file != '..')
			{
				$folder_size = (int)$folder_size + filesize($baseDir."images/".$file);
				$folder_file_num++;
			}
		}
		closedir($handle);
	}

	if ($handle = opendir($baseDir."files")) {

		while (false !== ($file = readdir($handle))) {
			if($file != '.' and $file != '..')
			{
				$folder_size = (int)$folder_size + filesize($baseDir."files/".$file);
				$folder_file_num++;
			}
		}
		closedir($handle);
	}

	if ($handle = opendir($baseDir."flash")) {

		while (false !== ($file = readdir($handle))) {
			if($file != '.' and $file != '..')
			{
				$folder_size = (int)$folder_size + filesize($baseDir."flash/".$file);
				$folder_file_num++;
			}
		}
		closedir($handle);
	}

	$folder_size = $folder_size / 1048576;
	return array('folder_size'=>$folder_size,'folder_file_num'=>$folder_file_num);
}

I am using php5 as server connector. Go to this folder ckfinder\core\connector\php\php5\CommandHandler and open FileUpload.php file. In sendResponse() function put the following line.

    public function sendResponse()
    {
		$folder_details = current_folder_size();

        if ($folder_details['folder_size'] >= $_SESSION['UserFileStorage'] ) {
            $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_EXCEEDS_QUOTA);
        }

        if ($folder_details['folder_file_num'] >= 1000 ) {
            $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_EXCEEDS_NUM_FILE_QUOTA);
        }

notice $_SESSION[‘UserFileStorage’]. You can set it on your web app according to your need.

Now you have to define CKFINDER_CONNECTOR_ERROR_EXCEEDS_QUOTA and CKFINDER_CONNECTOR_ERROR_EXCEEDS_NUM_FILE_QUOTA. open ckfinder\core\connector\php\constants.php file and put the following lines

define('CKFINDER_CONNECTOR_ERROR_EXCEEDS_QUOTA', 502);
define('CKFINDER_CONNECTOR_ERROR_EXCEEDS_NUM_FILE_QUOTA', 503);

open ckfinder\core\lang\en.js file and put the following lines

502 : 'You reach your file storage limit.',
503 : 'You reach your number of files limit.'

open ckfinder\core\connector\php\lang\en.php file and put the following lines

		502 => 'You reach your file storage limit.',
		503 => 'You reach your number of files limit.'

About Zakir Hyder

This entry was written by .

07. February 2011 by Zakir Hyder
Categories: ACL, CakePHP, CKFinder, General, PHP, Web Development | Comments

Comments

  1. Benson says:

    How do I setting the folder?
    I set the folder, but didn’t work.

  2. Zakir Hyder says:

    Benson,
    I dont understand which folder is you taking about. Can you elaborate what is the problem you are facing?