I need to customize the EPiServer File Managaer based on user access rights in EPiServer CMS 6 R2. Basically, I want to limit the folders/files based on user logged in. (detail requirements below)
1- On my website an annoymous user can browse a custom "user registration" page and register himself by using his email address.
2- When the person is registered, some EPiServer pages are created programmatically. The tree structure created is. (Note the below tree structure show two clients)
3- Now, For each client we need to create one folder page in "Global Files" in file manager. The requirements are
a) "Client1" should only be able to see his/her folder within "Global Files" folder.
b)"Client1" should not be able to see "Client2" folder. (not even view)
c)"Client1" should be able to use any files within "Client1 Folder" on to Client1, Page1,Page2 and Page3 pages.
4- All the pages (Client1, Page1,Page2 and Page3) are accessible to anonymous users, so you can't remove "Everyone" access from "Client1" folder in "Global Files".
One simple way is to implement something like this, but I would prefer using the default EPiServer file manager and filter the files based on some access rights.
Is there any event like EditPanel.LoadedPage? that I can hooked into and filter out the folders? Or Is there any other better way to implement this?
I don't think there are event for listing files and directories. But there are events on UnifiedFile, like UnifiedFileTransmitting, UnifiedFileCheckedIn and so on.
Like you said, if the directories needs anonymous access everyone can see them. Maybe you could do your own virtual role and use that one instead of the everyone role. Or why not use the anonymous role and give that role viewing access and then add a role for your client.
I guess your client is not anonymous and that anonymous users can't access these pages?
All the pages (Client1, Page1,Page2 and Page3) are accessible to anonymous users.
Clients are not annonymouse. I only want to restrict the access in EPiServer edit/mode so e.g. If a client is loggedin and is accessing the "File manager" he should only see his folders/files.
if an annonymouse or loggedin user knows the exact url of the file for any of the clients, he can access it in edit/view mode as the files are accessible to annoymous users.
I just want to avoid "Client 1" to see all the files of other clients in File manager, but if he knows the exact url of the file you can't really stop him from browsing the file as the files are accessible to everyone.
Well, then can you remove the Everyone role in Global files and use Anonymous instead for view access. And then give each client group read-, edit- admin- access and so on.
Thanks Johan. The idea solved my problem. There is an article on EPiServer world that explains all this.
Thanks once again...