-
- 79 Posts
Is there a way in MODx to ensure the privacy of uploaded files?
It looks as though any user who has been granted access to the MODx file manager can see the entirety of the upload area and any file that has been uploaded to it (as from an OS perspective, it’s Apache looking at files owned by apache, and the MODx userid doesn’t seem to come into it, other than whether their role allows them access to the file manager or not).
I’d like the upload area to work in such a way that a user only has access to their own uploaded files (or those of their user group) unless granted broader permissions. This would mean that the user couldn’t sneakily see other files (intended to be private) when using the MODx file manager to upload files.
Similarly, for downloading/viewing files (once uploaded), the logged-in user should only be able to access uploaded files that they have been granted permission to access (or which are defined as accessible to all).
Is there a way to configure MODx to do this, or alternatively a snippet that would do this?
Thanks for any advice.
Please don't PM me unless it's absolutely essential: if a technical question is worth asking, it's worth asking in public, so that others can share their experience, and so that all can learn from the answers.
-
- 535 Posts
CTRL+SHIFT+U - Clear Cache
CTRL+SHIFT+H - Hiding Heft Panel
CTRL+SHIFT+N - Fast Create Resource
CTRL+ALT+P - Preview Recource (in edit resorce window)
CTRL+ALT+S - Save