Navigation

    APPDRAG Community

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Popular

    REMINDER

    Please be respectful of all AppDragers! Keep it really civil so that we can make the AppDrag community of builders as embracing, positive and inspiring as possible.

    Trigger resource manager manually?

    Cloud Backend (Cloud DB, API Builder)
    2
    4
    271
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      Thomas D last edited by

      Is it possible to manually open the resource manager?

      Would love to use it for custom apps, easily upload files and get the path via JS.

      1 Reply Last reply Reply Quote 0
      • Wassim
        Wassim last edited by

        Hello,
        Do you mean the PageBuilder feature available in your frontend?
        If yes, this would be a huge security threat as people would be available unauthentified to upload content to your website.

        What you can do is create a CloudAPI function and use Cloud Backend inputs (file type) to easily achieve that.

        T 1 Reply Last reply Reply Quote 0
        • T
          Thomas D @Wassim last edited by Thomas D

          @wassim

          I of course meant to use it within the admin, as a custom-admin feature.

          Since we're already authenticated, I thought it would make sense to re-use the feature already implemented for managing assets.

          I can setup an example to how this would work and we can take it from there.

          1 Reply Last reply Reply Quote 0
          • T
            Thomas D last edited by Thomas D

            Though, conceptually it's quite easy.

            • Add custom link to menu in admin
            • When link is clicked, it opens an iframe URL in a modular window.
              • The URL contains an encrypted payload in the URL parameter.
            • The receiving back-end then decrypt the payload using a secret key.
            • The payload contains basic JSON that contains a session key.
              • The session key can be verified by POSTin to an Appdrag Endpoint to verify it's still valid (encrypted payload here too).

            Since we're encrypting the payload using a secret, no man-in-the-middle can temper with the content and since we're posting only a current session key, the session lifetime can be limited and verified even on the back-end side.

            Not what I had in mind for the asset manager though.

            Update: You're right, for it to be usable it would need to be it's own library and you'd need to make "custom apps" as mentioned above, available, which I expect you don't have plans for.

            1 Reply Last reply Reply Quote 1
            • First post
              Last post