TYPO3 Core

I can confirm the issue.

Checked all avaiable permissions without success. "Select & Upload" never appeared.

Please give us more details on your setup, so we can figure it out.

What permissions are set for the user and for the group?
What is the configuration of the assigned filemounts? (assigned storage? selected subpath?)

I dont know exactly, what informations you need, but I try my best:

I used typo3 6.2.3 after an upgrade from 4.5.32.

The user was a non-admin member of a single group (Editor)

Group Editor has the following non-Exclude-Fields:

sys_file_metadata:categories,sys_file_metadata:title,sys_file_reference:alternative,sys_file_reference:description,sys_file_reference:link,sys_file_reference:title,sys_file_collection:hidden,sys_file_collection:sys_language_uid,sys_file_collection:starttime,sys_file_collection:endtime,sys_file_collection:l10n_parent,pages:backend_layout_next_level,pages:backend_layout,pages:description,pages:mount_pid_ol,pages:nav_hide,pages:abstract,pages:nav_title,pages:hidden,pages:subtitle,tt_content:altText,tt_content:imagecaption_position,tt_content:image_compression,tt_content:imagewidth,tt_content:select_key,tt_content:image_effects,tt_content:hidden,tt_content:table_bgColor,tt_content:imageheight,tt_content:sectionIndex,tt_content:image_noRows,tt_content:image_zoom,tt_content:longdescURL,tt_content:layout,tt_content:image_link,tt_content:table_border,tt_content:imageborder,tt_content:image_frames,tt_content:recursive,tt_content:rte_enabled,tt_content:colPos,tt_content:starttime,tt_content:endtime,tt_content:subheader,tt_content:titleText,tt_content:l18n_parent,tt_content:table_cellspacing,tt_content:table_cellpadding

and table_select and table_modify:

pages,sys_file,sys_file_collection,sys_file_metadata,sys_file_reference,sys_file_storage,tt_content

Only one File storage was available: fileadmin/ (auto-created); I changed nothing there

Filemount selected storage fileadmin and an existing subfolder.

If you need more info... I could also attach a db dump. Please specify what you need...

Thanks Nicolai!

Is the user able to upload files in the filelist module?

Yes, this is perfectly possible. It is the workaround, that I have suggested to my clients.

I'll look into this tonight again. The must be some subtle difference between new installations and upgrades.

This is my impression, too

Hi!

Can you please check, how your storage is configured, especially what checkboxes are enabled in the storage record?

I have the same problem, my sys_file_storage is configured as following (CSV):
"1","0","1403872510","1403816278","0","0","0","fileadmin/","This is the local fileadmin/ directory. This storage mount has been created automatically by TYPO3.","Local","
<T3FlexForms>
<data>
<sheet index=\"sDEF\">
<language index=\"lDEF\">
<field index=\"basePath\">
<value index=\"vDEF\">fileadmin/</value>
</field>
<field index=\"pathType\">
<value index=\"vDEF\">relative</value>
</field>
<field index=\"caseSensitive\">
<value index=\"vDEF\">1</value>
</field>
</language>
</sheet>
</data>
</T3FlexForms>","1","1","1","1","1",NULL

Here is how my sys_file_storage is configured:

"1","0","1402088472","1402088472","0","0","0","fileadmin/ (auto-created)",
"This is the local fileadmin/ directory. This storage mount has been created 
automatically by TYPO3.","Local",
"<?xml version=\"1.0\" encoding=\"utf-8\" standalone=\"yes\" ?>
<T3FlexForms>
    <data>
        <sheet index=\"sDEF\">
            <language index=\"lDEF\">
                <field index=\"basePath\">
                    <value index=\"vDEF\">fileadmin/</value>
                </field>
                <field index=\"pathType\">
                    <value index=\"vDEF\">relative</value>
                </field>
                <field index=\"caseSensitive\">
                    <value index=\"vDEF\">1</value>
                </field>
            </language>
        </sheet>
    </data>
</T3FlexForms>",
"1","1","1","1","1",NULL

The button "Select & upload files" is only available if the backend user has a file mount to the folder "user_upload".
It's been a default behaviour that uploaded files directly from the local machine were saved in the uploads folder.

It works! If I add "user_upload" to the filemounts of my BE-Users, the buttons are shown. Thanks!

We should find a proper place to add this information to the documentation.

I had a look at the code now here. It should actually suffice to have the folder "user_upload" in one of the filemounts assigned to the user.

I have the same problem described here. In my case, the file storage mounts „fileadmin/“ and then the (non-admins) editors are restricted to my folder „content/“ in the file mount where the editors have access to their own file structure. Even if I create the folder „user_upload“ in there, „Select & Upload“ never showed up to the editors. Only If I change the file mount to „/“ (fileadmin then) or „/user_upload“ the „Select & Upload“ is shown to them.

For my projects it is impossible to give the backendusers access to the user_upload folder.
I have created many homepages in one Typo3 instance.
The backendusers are restricted to their own subproject and shouldn't have the possibility,
to influence the other homepages. Each homepage has an subfolder in the user_upload folder.
If I assign a filemount to this subfolder, „Select & Upload“ won't be available.

How can I solve the problem, without disregarding to the required access rights?

Hi Sonja,

just turn the structure around. Make a folder for each site and add a user_upload folder within each site folder.
Please ask such questions on the forums, you'll have more readers there.

Hi Everybody,

A possible solution would be setting the options.defaultUploadFolder for every BE-Group in TSConfig. For example if your storage has the id=1 and the upload folder for the specific group is /00000/ then the TSCONFIG would be the following:

options.defaultUploadFolder=1:/00000/

*https://github.com/TYPO3/TYPO3.CMS/blob/f371f1dc906edc1869a298b3b5fbc327358eec2c/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php -> getDefaultUploadFolder()
*http://stackoverflow.com/questions/18616851/what-is-the-directory-user-upload-in-typo3-6-1-installs-for

Regards,
Pouyan

Pouyan A wrote:

A possible solution would be setting the options.defaultUploadFolder for every BE-Group in TSConfig.

that's a great workaround for this issue, and I think flexible enough for most installations.

Is the Workaround enough or do we need to change something to get this issue fixed?

This workaround fixes the issue for me, although a more intuitive solution would be preferable. And I'm not sure what happens if someone belongs to more than one backend groups, each one with different upload folders.

For anyone stumbling into this, here again the workaround:

In the backend group of your user(s), in the Options tab, set something like the following
options.defaultUploadFolder=1:/PATH_TO/_uploads/

The folder is relative to fileadmin, and of course must exist. So you must create such a folder for each backend group

I guess the problem is the default upload folder which is returned for the user. The storages are ordered by name. So if your first storage returns a default folder which is not writable, the button isn't shown. As the upload folder is used for file uploading a proper access should be checked before.

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/37481

We have the same problem in an installation and I tracked down the bug to the following backtrace:

1. In "InlineElement.php" the BE_USER default upload folder gets retrieved [1]
$folder = $GLOBALS['BE_USER']->getDefaultUploadFolder();

2. In "BackendUserAuthentication.php" it is checked whether a default folder is configured via TS-Config. Thats why "options.defaultUploadFolder" works. If no default folder is configured via TS-Config the first accessible (readable) default folder gets retrieved from the assigned storages. [2]

3. In "ResourceStorage.php" the method "getDefaultFolder" calls "getDefaultFolder" on its driver and then call "getFolder" to create a folder instance. The method "getFolder" then fails if the foler isn't accesible by the user. [3]

The reason is that the storage - driver just returns the default folder of the storage which usually is "user_upload". But "getDefaultFolder" of the storage doesn't take the filemount into account.

So the whole issue can get tracked down to filemounts or rather: The "getDefaultFolder" method of ResourceStorage.php doesn't know about filemounts. So to reproduce this issue just do the following:

• Create a directory "editor" within your default storage.
• Create a filemount "editor-files" and assign it the default storage and the newly created "editor" folder
• Create a backend user and assign him just this "editor-files" storage
• Voila. The "Select & upload files" button doesn't appear because the editor has only access to "1:/editor/" but not to "1:/user_upload/"

I do not really know what the proposed solution should be. A work around would be to create an additional storage pointing to the "editor" subdirectory and a filemount using "/" of this storage and assign this to the users file-mounts.

A proper fix should eventually take place in BackendUser.php [2]. In the loop the Filemounts should get traversed instead of the storages. The default storage should then get located within the filemount. But here the whole concept of the "defaultFolder" in ResourceStorage doesn't make sense. As the ResourceStorage doesn't know about filemounts it can't return a default folder for the current user ...

Ideas?

[1] https://git.typo3.org/Packages/TYPO3.CMS.git/blob/HEAD:/typo3/sysext/backend/Classes/Form/Element/InlineElement.php#l993
[2] https://git.typo3.org/Packages/TYPO3.CMS.git/blob/HEAD:/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php#l1836
[3] https://git.typo3.org/Packages/TYPO3.CMS.git/blob/HEAD:/typo3/sysext/core/Classes/Resource/ResourceStorage.php#l2031

Related issue #65507

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/37481

Patch set 1 for branch TYPO3_6-2 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/38151