Task #55416

Epic #55070: Workpackages

Epic #54260: WP: FAL Missing Issues / Features / API

Story #54267: As an Editor I want to use a FAL withouth bugs

Accessing the root folder of a file mount is not possible for non-admins

Added by Lorenz Ulrich over 6 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Must have
Assignee:
-
Category:
File Abstraction Layer (FAL)
Target version:
Start date:
2014-01-29
Due date:
% Done:

100%

TYPO3 Version:
6.2
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

The change "[!!!][TASK] Driver API has too many crosscutting concerns" f83eddd5027b74d7f4d28a845521bff3b2dd603d breaks filemounts for non-admins (or changes the configuration needed?). After this change, a non-admin cannot access the root folder of a filemount. Sub-folders of a filemount work.

The error message is: "You are not allowed to access the given folder."


Related issues

Related to TYPO3 Core - Task #54230: Refactor Driver API Closed 2013-12-06 2013-12-31
Related to TYPO3 Core - Task #54231: The Driver Registry should check for the implementation of the Interface Closed 2014-01-01 2014-01-01
Related to TYPO3 Core - Bug #55740: Storage root folders not accessible by filemounts Closed 2014-02-06

Associated revisions

Revision 2015d65f (diff)
Added by Alexander Stehlik over 6 years ago

[BUGFIX] Allow access to filemount directories

Currently a backend user can only access files within filemounts
but not the filemount directory itself.

After that fix LocalDriver::isWithin returns true, if the folder
itself is requested.

Resolves: #55416
Releases: 6.2
Change-Id: I455664359ec620c413bfc01787bda8766462fbab
Reviewed-on: https://review.typo3.org/27120
Reviewed-by: Ingo Schmitt
Tested-by: Ingo Schmitt
Reviewed-by: Wouter Wolters
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter

History

#1 Updated by Michiel Roos over 6 years ago

Confirmed!

#2 Updated by Ernesto Baschny over 6 years ago

  • Target version set to 6.2.0
  • Parent task set to #54267

#3 Updated by Gerrit Code Review over 6 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#4 Updated by Gerrit Code Review over 6 years ago

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#5 Updated by Gerrit Code Review over 6 years ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#6 Updated by Gerrit Code Review over 6 years ago

Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#7 Updated by Gerrit Code Review over 6 years ago

Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#8 Updated by Gerrit Code Review over 6 years ago

Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#9 Updated by Gerrit Code Review over 6 years ago

Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#10 Updated by Alexander Stehlik over 6 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100

#11 Updated by Markus Kasten over 6 years ago

Since the patch was committed, non-admin users can't access files in filemounts that are using the folder of a filestorage. Filemounts using a subfolder of a filestorage are accessible for non-admin users.

I have a filemount "fileadmin-all" that is using the fileadmin storage and the root folder "/". When the filemount uses for example "/test/" as the folder, everythings seems to work fine.

When reverting commit 2015d65fcca95202766ffc2734235c0b6c8c5cd6, everything (from my point of view) is working fine again.

Can this behaviour be confirmed? Tested with latest master (179675e1f442cf75babe7a921bc874cc714b0ec6) and beta5.

#12 Updated by Alexander Stehlik over 6 years ago

You're right. The root folder is only accessible in read-only mode when I apply the patch. Really strange.

#13 Updated by Alexander Stehlik over 6 years ago

@Markus: Can you please test and review #55740?

#14 Updated by Markus Kasten over 6 years ago

The patch in #55740 seems to fix the problem for me.

#15 Updated by Riccardo De Contardi over 2 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF