Cute Editor for ASP

Apply security to control user access to resources

Apply security to control user access to resources


Cute Editor allows developers to assign a pre-defined set of permissions by group or individual. This prevents a normal user to access the administration functionality.


The details of permissions are specified by an XML security policy file. Each level maps to a specific file. The default mappings:

Example:
  1. <?xml version="1.0" encoding="utf-8" ?>  
  2. <configuration>  
  3.     <security name="MaxImageSize">1000</security>  
  4.     <security name="MaxMediaSize">100000</security>  
  5.     <security name="MaxFlashSize">1000</security>  
  6.     <security name="MaxDocumentSize">1000</security>  
  7.     <security name="MaxTemplateSize">1000</security>  
  8.     <security name="ImageGalleryPath">/uploads</security>  
  9.     <security name="MediaGalleryPath">/uploads</security>  
  10.     <security name="FlashGalleryPath">/uploads</security>  
  11.     <security name="TemplateGalleryPath">/templates</security>  
  12.     <security name="FilesGalleryPath">/uploads</security>  
  13.     <security name="AllowUpload">true</security>  
  14.     <security name="AllowCreateFolder">true</security>  
  15.     <security name="AllowRename">true</security>  
  16.     <security name="AllowDelete">true</security>  
  17.   <security name="ImageFilters">  
  18.     <item>.jpeg</item>  
  19.     <item>.gif</item>  
  20.     <item>.png</item>  
  21.   </security>  
  22.   <security name="MediaFilters">  
  23.     <item>.mpg</item>  
  24.   </security>  
  25.   <security name="DocumentFilters">  
  26.     <item>.txt</item>  
  27.     <item>.doc</item>  
  28.     <item>.pdf</item>  
  29.     <item>.zip</item>  
  30.     <item>.rar</item>  
  31.   </security>  
  32.   <security name="TemplateFilters">  
  33.     <item>.html</item>  
  34.     <item>.htm</item>  
  35.   </security>  
  36. </configuration>  

You can customize and extend each policy file by editing the XML security policy file. You can also create your own policy files that define arbitrary permission sets.


Comparison of the sample security policy file

Permissions/Resource Setting Admin Default Guest
AllowUpload Marked Marked
AllowDelete Marked
AllowCopy Marked
MaxImageSize 10000 100 100
MaxMediaSize 10000 100 100
MaxFlashSize 10000 100 100
MaxDocumentSize 10000 100 100
ImageGalleryPath ~/uploads ~/uploads/member ~/uploads/guest
MediaGalleryPath ~/uploads ~/uploads/member ~/uploads/guest
FlashGalleryPath ~/uploads ~/uploads/member ~/uploads/guest
FilesGallaryPath ~/uploads ~/uploads/member ~/uploads/guest
ImageFilters .jpg
.jpeg
.gif
.png		 .jpg
.jpeg
.gif
.jpg
.jpeg
.gif
MediaFilters .avi
.mpg
.mpeg
.mp3		 .avi
.mpg
.mpeg
.avi
.mpg
.mpeg
DocumentFilters .txt, .doc
.pdf, .zip
.rar, .avi
.mpg, .mpeg
.mp3, .jpg
.jpeg,.gif
.png 		.pdf, .doc
 .txt, .doc
.pdf, .zip

Send comments on this topic.

© 2003 - 2024 Richscripts Inc. All rights reserved.