Note: This tutorial covers the basics of CKFinder initialization and does not explain how to set up more complex projects. For more detailed configuration options please refer to the classes reference.
This section describes how to configure the connector through code, which allows for dynamic changes to the configuration. If you prefer to configure the connector through static configuration files, please refer to Configuration.
Note: If CKFinder was installed using the ZIP package, you can define your dynamic configuration in the App_Data/ConnectorConfig.cs file. This file has a special purpose and does not require manual compilation — the configuration defined here will be compiled and applied during runtime.
Building the Connector
The CKFinder connector can be built with help of the ConnectorBuilder class.
The most important method of the ConnectorBuilder class is SetRequestConfiguration which defines the configuration for each request. This is the place where you add backends, resource types and ACL rules.
Note: A valid connector needs to have at least one backend, resource type and ACL rule.
Another method that needs to be invoked for correct connector setup is SetAuthenticator. CKFinder libraries do not provide any implementation of IAuthenticator. Please refer to Adding Authenticator for the description of an authenticator.
The basic setup may look like this:
public ConnectorBuilder ConfigureConnector()
{
var connectorBuilder = new ConnectorBuilder();
connectorBuilder
.SetRequestConfiguration(
(request, config) =>
{
config.AddProxyBackend("local", new LocalStorage(@"MyFiles"));
config.AddResourceType("Files", resourceBuilder => resourceBuilder.SetBackend("local", "files"));
config.AddAclRule(new AclRule(
new StringMatcher("*"), new StringMatcher("/"), new StringMatcher("*"),
new Dictionary<Permission, PermissionType>
{
{ Permission.FolderView, PermissionType.Allow },
{ Permission.FolderCreate, PermissionType.Allow },
{ Permission.FolderRename, PermissionType.Allow },
{ Permission.FolderDelete, PermissionType.Allow },
{ Permission.FileView, PermissionType.Allow },
{ Permission.FileCreate, PermissionType.Allow },
{ Permission.FileRename, PermissionType.Allow },
{ Permission.FileDelete, PermissionType.Allow },
{ Permission.ImageResize, PermissionType.Allow },
{ Permission.ImageResizeCustom, PermissionType.Allow }
}));
})
.SetAuthenticator(new MyAuthenticator());
return connectorBuilder;
}
This setup adds the following items for each request:
- A backend called
local with a LocalStorage adapter.
- A resource type named
Files with the local backend and the files root directory.
- An ACL rule that gives all permissions to everybody for all resource types and all paths.
Additionally, the example adds MyAuthenticator as an authenticator for all requests.
Adding Authenticator
CKFinder needs to know its users. You need to implement the IAuthenticator interface to inform CKFinder which users are allowed to access the interface and what roles they have.
A very simple implementation that grants access to all users and does not define any roles may look like this:
public class MyAuthenticator : IAuthenticator
{
public Task<IUser> AuthenticateAsync(ICommandRequest commandRequest, CancellationToken cancellationToken)
{
var user = new User(true, null);
return Task.FromResult((IUser)user);
}
}
You may use ICommandRequest.Principal in the implementation of this interface to get access to the principal in the current request. The AuthenticateAsync method is asynchronous, so it is safe to do IO operations inside. However, keep in mind that this method is called for every request and may have impact on overall CKFinder performance.
Final Steps
When you have defined your connectorBuilder it is time to build the connector and use it in your pipeline. The Build method accepts an implementation of IConnectorFactory. Currently CKFinder libraries provide only one connector factory: OwinConnectorFactory for use with Owin pipeline.
The simplest implementation of the Configuration method for your Owin's Startup class may look like this:
public void Configuration(IAppBuilder appBuilder)
{
var connectorBuilder = ConfigureConnector();
var connector = connectorBuilder.Build(new OwinConnectorFactory());
appBuilder.Map("/CKFinder/connector", builder => builder.UseConnector(connector));
}
Note: The mapped path (/CKFinder/connector) is where the JavaScript part of CKFinder expects to find the connector. If you want to map the connector under a different route, keep it in sync with the CKFinder JavaScript client connectorPath.
Self-hosted Application Example
Prerequisites
- Create an empty
Console Application project with .NET framework 4.5 or newer.
- Install the following NuGet packages:
Code
Replace your Program.cs code with the following:
namespace Example
{
using System;
using System.Collections.Generic;
using System.Threading;
using System.Threading.Tasks;
using CKSource.CKFinder.Connector.Core;
using CKSource.CKFinder.Connector.Core.Acl;
using CKSource.CKFinder.Connector.Core.Authentication;
using CKSource.CKFinder.Connector.Core.Builders;
using CKSource.CKFinder.Connector.Host.Owin;
using CKSource.FileSystem.Local;
using Microsoft.Owin.FileSystems;
using Microsoft.Owin.Hosting;
using Microsoft.Owin.StaticFiles;
using Microsoft.Owin.StaticFiles.ContentTypes;
using Owin;
public class Program
{
/*
* Custom content provider with JSON support.
*/
private class MyContentTypeProvider : FileExtensionContentTypeProvider
{
public MyContentTypeProvider()
{
Mappings.Add(".json", "application/json");
}
}
/*
* Simple authenticator that allows access to all users and does not define any roles.
*/
private class MyAuthenticator : IAuthenticator
{
public Task<IUser> AuthenticateAsync(ICommandRequest commandRequest, CancellationToken cancellationToken)
{
var user = new User(true, null);
return Task.FromResult((IUser)user);
}
}
/*
* Application entry point.
*/
public static void Main(string[] args)
{
var program = new Program();
/* Run application under the http://localhost:9000 path. */
WebApp.Start("http://localhost:9000", program.Configuration);
Console.ReadKey();
}
/*
* Simple configuration of the connector.
*/
public ConnectorBuilder ConfigureConnector()
{
var connectorBuilder = new ConnectorBuilder();
connectorBuilder
.SetRequestConfiguration(
(request, config) =>
{
/* Add a local backend. */
config.AddProxyBackend("local", new LocalStorage(@"MyFiles"));
/* Add a resource type that uses the local backend. */
config.AddResourceType("Files", resourceBuilder => resourceBuilder.SetBackend("local", "files"));
/* Give full access to all resource types at any path for all users. */
config.AddAclRule(new AclRule(
new StringMatcher("*"), new StringMatcher("/"), new StringMatcher("*"),
new Dictionary<Permission, PermissionType>
{
{ Permission.FolderView, PermissionType.Allow },
{ Permission.FolderCreate, PermissionType.Allow },
{ Permission.FolderRename, PermissionType.Allow },
{ Permission.FolderDelete, PermissionType.Allow },
{ Permission.FileView, PermissionType.Allow },
{ Permission.FileCreate, PermissionType.Allow },
{ Permission.FileRename, PermissionType.Allow },
{ Permission.FileDelete, PermissionType.Allow },
{ Permission.ImageResize, PermissionType.Allow },
{ Permission.ImageResizeCustom, PermissionType.Allow }
}));
});
/* Set the authenticator. */
connectorBuilder.SetAuthenticator(new MyAuthenticator());
return connectorBuilder;
}
/*
* Owin configuration.
*/
public void Configuration(IAppBuilder appBuilder)
{
/* Configure the connector builder. */
var connectorBuilder = ConfigureConnector();
/* Build connector middleware. */
var connector = connectorBuilder.Build(new OwinConnectorFactory());
/* Map connector middleware to the /CKFinder/connector route. */
appBuilder.Map("/CKFinder/connector", builder => builder.UseConnector(connector));
/* Configure access to local files for JavaScript files. */
var options = new FileServerOptions();
options.StaticFileOptions.ContentTypeProvider = new MyContentTypeProvider();
options.FileSystem = new PhysicalFileSystem("../../CKFinderScripts");
/* Map local files at the root path. */
appBuilder.UseFileServer(options);
}
}
}
Note: This example runs at the http://localhost:9000 path. You may need to have elevated privileges or reserve this path for your user using the netsh add useracl shell command.
