Bug #39805
Editors do not have rights to edit file metadata
| Status: | Resolved | Start date: | 2012-08-14 | |
|---|---|---|---|---|
| Priority: | Must have | Due date: | ||
| Assignee: | Steffen Ritter | % Done: | 100% |
|
| Category: | File Abstraction Layer (FAL) | |||
| Target version: | 6.0.0-RC1 | |||
| TYPO3 Version: | 6.0 | Complexity: | medium | |
| PHP Version: | 5.3 | |||
| Votes: | 0 |
Related issues
| related to File Abstraction Layer - Bug #33254: Test everything with non-admins | Resolved | 2012-01-17 | ||
| related to TCA Reference - Feature #42741: New section $TCA['ctrl]['table']['security'] | Closed | 2012-11-06 |
Associated revisions
[TASK] Editors do not have rights to edit file metadata
File records are stored in PID 0. In TYPO3 non-admins do not
have access to anything stored in PID 0. As FAL won't work
without granting access to file-meta-data for non-admins,
A new TCA control configuration allows to ignore those
permission restrictions for sys_file and sys_file_reference:
- TCA/<table>/ctrl/security/ignoreWebMountRestriction
Allows users to access records that are not in their
defined web-mount and by-passes this restriction.. - TCA/<table>/ctrl/security/ignoreRootLevelRestriction
Allows users (non-admins) to access records that are
stored on the root-level (page-id 0) and by-passes this
restriction.
Change-Id: If92b07b0ba63a0d544a337ddf4f55973fafcd345
Fixes: #39805
Releases: 6.0
Reviewed-on: http://review.typo3.org/13658
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
Reviewed-by: Stefan Neufeind
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
History
Updated by Gerrit Code Review 9 months ago
Patch set 1 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/13658
Updated by Gerrit Code Review 9 months ago
Patch set 2 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/13658
Updated by Steffen Ritter 9 months ago
- Target version changed from 6.0 beta1 to 6.0 beta 2
Updated by Steffen Ritter 9 months ago
- Project changed from File Abstraction Layer to Core
- Category deleted (
Cleanup) - Target version deleted (
6.0 beta 2)
Updated by Steffen Ritter 9 months ago
- Category set to File Abstraction Layer (FAL)
Updated by Steffen Ritter 9 months ago
- Target version set to 6.0.0-beta2
Updated by Gerrit Code Review 8 months ago
- Status changed from Accepted to Under Review
Patch set 3 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/13658
Updated by Steffen Ritter 7 months ago
- Target version changed from 6.0.0-beta2 to 6.0.0-RC1
Updated by Gerrit Code Review 6 months ago
Patch set 4 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/13658
Updated by Gerrit Code Review 6 months ago
Patch set 5 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/13658
Updated by Oliver Hader 6 months ago
- Subject changed from Non-Admin can not edit meta data to Editors do not have rights to edit file metadata
- PHP Version set to 5.3
- TYPO3 Version set to 6.0
Updated by Oliver Hader 6 months ago
- Complexity set to medium
Updated by Steffen Ritter 6 months ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset c79bddac3eb000626b99c207a505f939a9015ef1.
Updated by Gerrit Code Review 6 months ago
- Status changed from Resolved to Under Review
Patch set 1 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/16280
Updated by Gerrit Code Review 6 months ago
Patch set 2 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/16280
Updated by Francois Suter 6 months ago
This issue has been reopened by an improperly related patch submission. I guess it can be set to "Resolved" again, right?
Updated by Steffen Ritter 6 months ago
- Status changed from Under Review to Resolved