I have laravel filemanager v1.7 in my project, and it works fine in administrator side, also images works fine in front-side. but my problem when any registered user (non-admin) or visitor can access laravel-filemanager page by when click on image right-click and open it in new window like:
http://domain/laravel-filemanager/photos/1/593e3d9f3d8fb.jpg
if remove (photos/1/593e3d9f3d8fb.jpg) he can access file manager.
i tried to change config/lfm.php in middlewares but i failed.... how i can disable LFM from any user not admin?
Note: I've middleware called checkRole that check role_id in users table. I tried to put it in lfm middlewares but it is not work
any help or suggestion?
Regards Sami
Thanks @btl
I edited (vendor/unisharp/laravel-filemanager/src/routes.php)
from // Show LFM
until // delete,
i put all of them inside:
Route::group(['middleware' => ['auth', 'roles'], 'roles' => ['admin', 'supervisor']], function() {
...
});
The problem is solved :)