Bug #16519

BE-User is able to delete forbidden types of page content

Added by Nele almost 13 years ago. Updated over 1 year ago.

Status:
Closed
Priority:
Should have
Assignee:
Category:
-
Target version:
-
Start date:
2007-04-10
Due date:
% Done:

0%

TYPO3 Version:
4.0
PHP Version:
5.1
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

Example:

For a BE-Usergroup I disallowed to use the page content type "Sitemap" (Explicitly allow/deny field values: [Deny] Menu/Sitemap). A BE-User who is assigned to this group is not able to add a Sitemap or to edit an existing sitemap, but unfortunately he is able to delete this type of page content ...

Don't know, whether this is a desired TYPO3 behaviour, but this really makes no sense to me.

Templavoila 1.3.0

BE-Usergroup additional info:
Allowed excludefields:
Page: Content
Pagecontent: Content
(issue imported from #M5386)


Related issues

Related to TYPO3 Core - Bug #17203: Access Check for Content Elements before drawing the Interface Closed 2007-04-12

History

#1 Updated by Steffen Kamper almost 13 years ago

As Dmitry told this is solved in newer versions of TV.
With classic Page Module it started in #17203

#2 Updated by Chris topher almost 10 years ago

I just rechecked that with the classic page module:
The forbidden element cannot be deleted; you can click the recycle bin, but than you get an error message.

It does not make sense to show control buttons, which cannot be used (like the recycle bin which is shown for all elements, regardless if permissions are set or not).
That does not make sense and should be changed.

#3 Updated by Chris topher almost 10 years ago

Resolved, the problem of this issue is not reproducable in current versions.

For the "Hide button if element not allowed" problem see #17203.

#4 Updated by Benni Mack over 1 year ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF