Regards: IT HIT CalDAV / CardDAV server.
It seems when opening the IT HIT Ajax File Browser the logged in user can see all content off all users.
How can we set permission so a user can only see his own content?
You can filter the folder content in IItemCollection.GetChildren method implementation. This method returns list of child items in a folder. Depending on user permissions you can filter items visible for the loged-in user.
The sample CalDAV/CardDAV server and sample code generated by IT Hit CalDAV/CardDAV Server Wizard contain GetChildren method in DavFolder class implementation in DavFolder.cs.
Note that in case you store data in Windows file system and rely on Windows file system permissions, all users always see the same folder content regardless of their permissions on sub-folders and files. This is how Windows file system permissions work. So there is no simple way to filter visible folder content only manipulating file system permissions. (Users however can not for example navigate to subfolders or open files if they do not have enough permissions)
Related
I am trying to read a spreadsheet from a shared location folder. using
<cfparam name="xlfilepath" type="string" default="\\file02\OP\!FILE STRUCTURES and FORMS\Agreements\Tracker.xls" />
<cfspreadsheet action="read" src="#xlfilepath#" excludeHeaderRow="true" query="MsaDataSheet1" sheet="1" />
"OP" is the shared folder.
I got "java.io.FileNotFoundException:".Then I try to display the directory listing using cfdirectory tag.
<cfdirectory action="list" directory="\\file02\OP\" recurse="false" name="myList">
<cfdump var="#myList#"><cfabort>
I see that there is no list displayed although there are subdirectories and folders and files in the OP directory.
Does the folder needs any specific permissions to be read by any application or any other mapping required?
Here I will explain by using cf16. The ColdFusion runs in Windows as a service and if we look into all the services of the machine we will find as follow:
Here, you can notice that for ColdFusion service the LogOnAs value is "LocalSyatem". It means ColdFusion service is started as "LocalSystem" login and this login doesn't have enough permission to do any operation on network. So, in order to make the required file operation in the Shared Directory we will have to change the LogOnAs value for ColdFusion service.
Please follow the below step to enable it,
Right Click on the ColdFusion Service then click on "properties".
Click on "Log On" tab. Then you will see a screen like this
Select "This account" radio button .Then click on "Browse" button
and select the user by which you want to start the service. You
should choose the user who have sufficient permission to create file
on the shared directory and also have required permission in local.
But we have to restart the ColdFusion Service for the changes to effect.
Let me know if this work to you or not. Or correct me if I'm wrong understood.
I have an ASP.NET 2.0 application under IIS 8.5 in Classic mode where a page needs to write uploaded files to a folder outside the root of the app. When I first tired this I got something like
Access to the path 'D:\events\uploads\myfile.txt' is denied.
In the Security tab of D:\events I added "IIS AppPool/MyAppPool" and activated the Write permission. Everything worked fine then - as it should.
However, after removing the MyAppPool from D:\events again the same page was still able to write files under D:\events. Scary. A few experiments showed that that the page can now write files everywhere except C:\ C:\Windows C:\Users and D:.
UPDATE: To check which user or group might give access to IIS/ASP.NET I have created a folder C:\TestIISAccess disabled permission inheritance and gradually removed users and groups. Well, there are none left now, I can not even look inside the folder as admin. But my .aspx upload page reports it can still write files there. I have stopped & restarted IIS after all users were removed, makes no difference.
Can some please explain this behaviour and tell me how to cancel the write permission?
In an application I'm working on, the users are prompted for the path of a file. This path will always point to a network drive, which the server has access to.
Currently, we use an asp:FileUpload control to accomplish this, drawing the path from the FileUpload's PostedFile.FileName property.
The problem is that the files the user is selecting from are locked down pretty severely. While the server has full access to them, the user only has permission to view the directory contents... They can't even open the files. This has worked fine up until now... But Windows 7 won't display these files in the file picker generated by FileUpload, so we need an alternative.
Notes:
Looking for a way to get UI similar to the file open dialog already in place.
The ability to view the client's local files (including the shared network drives) is a bonus, although listing the files through the server is acceptable.
I think the problem is the permissions on these files. If the users can't even open them, how can their terminal possibly upload them to a website?
I'm surprised this has ever worked.
If the user is simply supplying a path and not actually uploading the file you could have the server display the contents of the folder (in a list or whatever) and the user selects from that.
So how about creating a file browser in a window, such that a user clicks "Pick File" which opens a new window showing the root contents of the network drive. The user can then navigate round the directories to the file they want, finally clicking the file to "upload".
Use System.IO Directory.GetFiles to get the files in a directory.
I think you need to separate out the two things. Here's an example prompt to convey the idea:
Select a (file from your computer) OR (file from the server)
Client Files
You can use the standard file-upload control, that is fine.
Server Files
No user should be selecting files from your sever with the upload-file dialog. (Keep in mind that these dialog boxes allow right-click menus delete, copy, properties, etc and locked down or not, the user should not think they have this ability).
I don't think there are any controls that will "do-it-all" for you in this manner. I think your best bet is to make your own interface here.
I need very advanced and effective method of Preventing Users from Downloading file from website directly in asp.net.
Method should -
limit downloads,
limit time,
limit requests,
etc.
but should be downloadable by active login users
Delete the file from the server.
Any user trying to download it will not longer succeed.
You can put your files into a directory and configure that directory as not accessible by public users.
Store the files in a folder which is not accessible via IIS (i.e., not underneath your web application's root)
Create an .ashx generic handler which takes a file identifier (either filename, or ID of some sort) as a QueryString parameter.
In that .ashx, perform whatever checks you want to perform: is the user logged in? have they downloaded too many files? etc.
Then, if you decide that they should be allowed to download it, set the response headers appropriately and write the file out to Response.OutputStream
I am finishing up a Drupal site and I have attached a word document on one of my page nodes. I want anonymous people to be able to download it, but they don't even see the document. I do as a logged in user.
Any Ideas?
You need to give anonymous users permission to view uploaded files.
I'm guessing that you used the upload module.
The permissions page is at /admin/user/permissions and under the group "upload module" you are looking for "view uploaded files".
-Ed
Assuming you only want to enable this one particular file to anonymous users, you can do it without touching permissions, which would affect your whole site.
The simplest way, assuming you have configured downloads as "public" instead of "private" is to just add a link to the document in your page node, like Download myfile.doc