Project

General

Profile

Actions
Copy link

Bug #39949

closed

Local file not editable (as admin) - User right 'edit' vs. 'update'

Added by Andreas Kiessling over 11 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Must have
Assignee:
Andreas Wolf
Category:
File Abstraction Layer (FAL)
Target version:
6.0.0-beta2
Start date:
2012-08-19
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
6.0
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

When editing a local file (as admin user without any rights set up), there is a mismatch between the granted defaults and the checked permission. This results in an exception when trying to save a text file.

In t3lib_file_Storage the permission to 'update' is checked

    public function setFileContents(t3lib_file_AbstractFile $file, $contents) {

            // Check if user is allowed to update
        if (!$this->checkUserActionPermission('update', 'File')) {
            throw new t3lib_file_exception_InsufficientUserPermissionsException('Updating file "'
                . $file->getIdentifier() . '" not allowed for user.', 1330121117);
        }

But the default permissions in t3lib_beUserAuth->getFilePermissions do not include 'update', only 'edit'

if (!isset($this->filePermissions)) {
            $defaultOptions = array(
                'addFile'  => TRUE,    // new option
                'readFile' => TRUE,    // new option, generic check of the user rights
                'editFile' => TRUE,    // new option
                'writeFile' => TRUE,    // new option, generic check of the user rights
                'uploadFile' => TRUE,
                'copyFile' => TRUE,
                'moveFile' => TRUE,
                'renameFile' => TRUE,
                'unzipFile' => TRUE,
                'removeFile' => TRUE,
                'addFolder' => TRUE,
                'browseFolder' => TRUE, // new option,, generic check of the user rights
                'moveFolder' => TRUE,
                'renameFolder' => TRUE,
                'writeFolder' => TRUE,    // new option, generic check of the user rights
                'removeFolder' => TRUE,
                'removeSubfolders' => TRUE    // was "delete recursively" previously
            );

Related issues 1 (0 open1 closed)

Is duplicate of TYPO3 Core - Bug #37812: Admin has no rights to update a fileClosedAndreas Wolf2012-06-07

Actions
Actions
Copy link
 #1

Updated by Andreas Wolf over 11 years ago

  • Project changed from 1401 to TYPO3 Core
Actions
Copy link
 #2

Updated by Andreas Wolf over 11 years ago

  • Category set to File Abstraction Layer (FAL)
  • TYPO3 Version set to 6.0
Actions
Copy link
 #3

Updated by Andreas Wolf over 11 years ago

  • Status changed from New to Accepted

Patch for this is pending at #37812.

Actions
Copy link
 #4

Updated by Andreas Wolf over 11 years ago

  • Status changed from Accepted to Under Review
Actions
Copy link
 #5

Updated by Gerrit Code Review over 11 years ago

Patch set 2 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/14257

Actions
Copy link
 #6

Updated by Gerrit Code Review over 11 years ago

Patch set 3 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/14257

Actions
Copy link
 #7

Updated by Steffen Ritter over 11 years ago

  • Assignee set to Andreas Wolf
Actions
Copy link
 #8

Updated by Steffen Ritter over 11 years ago

  • Target version set to 6.0.0-beta2
Actions
Copy link
 #9

Updated by Gerrit Code Review over 11 years ago

Patch set 4 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/14257

Actions
Copy link
 #10

Updated by Anonymous over 11 years ago

  • Status changed from Under Review to Resolved
Actions
Copy link
 #11

Updated by Riccardo De Contardi over 6 years ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF