Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Valery2013-08-30 10:22:41
symfony
Valery, 2013-08-30 10:22:41

How to close TinyMCE in Symfony2.3 from unauthorized users?

Good afternoon,

I have Symfony 2.3

Installed github.com/stfalcon/TinymceBundle (slightly modified to work with AngularJS)
Used as a file manager: github.com/2b3ez/FileManager4TinyMCE

The question is that TinyMCE4 itself is available via direct links, and everything would nothing, let them use it, but the file manager is also available via direct links, like site.ru/bundles/stfalcontinymce/vendor/tinymce/plugins/filemanager/dialog.php

How can this loophole be closed? Ideally, of course, check if the user has a role for any access to TinyMCE.
I would not want to dig into the sources and rewrite links to "controller"

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
Sergey, 2013-08-30
@Akuma

Symmony entry point enabled? no... so the symphony can't help here. The only option is to transfer the dialog code to the controllers and tweak the paths and security.yml a little bit, or make crutches.

Similar questions
M
MasterCopipaster2021-02-23 23:11:41
Any idea how to dispatch events in WS ratchet server? 1Reply
A
Anton B.2021-02-24 09:08:01
PHPUnit Exception messages in the console - is it normal? 1Reply
A
Alexander Evgenievich2015-02-26 16:19:28
How to get classpath from namespace in Symfony2? 2Reply
R
Rodion Yurchenko2017-03-03 18:12:59
How to make a login form before logging into a site in Symfony 3? 1Reply
D
d999992021-03-01 22:59:16
Why does Google authentication API throw an Invalid state error? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question