Bug #70812
closededit user or usergroup > cannot remove every permission on file/directories
100%
Description
Steps to reproduce:
1) System > backend user module (or root > list)
2) click + to create a new user
3) remove EVERY permission
4) on the tab "Mounts and workspaces" > "Fileoperation permissions:" uncheck everything both on "directory" and "files" list.
5) save
Result: "directory" and "files" lists still have checked options (the one you unchecked before) that is:
Directory: Read
Directory: Write
Directory: Add
Directory: Rename
Directory: Move
Directory: Delete
Files: Read
Files: Write
Files: Add
Files: Rename
Files: Replace
Files: Move
Files: Delete
(see attached file)
- you have to remove EVERYTHING from both to have this situation: if you keep at least one setting in one of the lists, the result is saved and not reverted
- this issue does not seem present on 6.2.15
Files
Updated by Riccardo De Contardi about 9 years ago
- Subject changed from create a new user > cannot remove every permission on file/directories to edit user or usergroup > cannot remove every permission on file/directories
the issue affects also usergroups, not only users. See also #71020
Updated by Riccardo De Contardi almost 9 years ago
This issue is still valid for the latest 8.0-dev master
Updated by Markus Klein over 8 years ago
- Status changed from New to Accepted
- Priority changed from Should have to Must have
- Target version set to Candidate for patchlevel
- Sprint Focus set to Stabilization Sprint
Updated by Daniel Windloff about 8 years ago
I had the same problem on an own TCA configuration.
I think this bug has the following reason:
In
typo3/sysext/backend/Classes/Form/Element/SelectCheckBoxElement.phpline 114 the default value for an empty list is defined as "".
$html[] = '<input type="hidden" class="select-checkbox" name="' . htmlspecialchars($parameterArray['itemFormElName']) . '" value="">';
In
DataHandler::castReferenceValuethe value "" would be replaced by the default value defined in TCA.
Changing the return of castReferenceValue or the default value could be breaking change in some scenarios.
Updated by Riccardo De Contardi almost 8 years ago
Still affects both 7.6.15 and the latest master.
Updated by Josef Glatz over 7 years ago
- Has duplicate Bug #81506: formEngine: fileoperation permissions not possible to persist if no permission ist selected added
Updated by Josef Glatz over 7 years ago
- TYPO3 Version changed from 7 to 8
- Sprint Focus deleted (
Stabilization Sprint)
8LTS and 9-dev (master) still affected
Updated by M S about 7 years ago
Thats a really hard bug since a few years. Would be nice if somebody could fix this.
Updated by Markus Klein about 7 years ago
I took a look already some time ago. It is also super hard to fix this!
I wasn't yet able to figure out if this would result in a major breaking change of DataHandler.
Updated by M S about 7 years ago
Markus Klein wrote:
I took a look already some time ago. It is also super hard to fix this!
I wasn't yet able to figure out if this would result in a major breaking change of DataHandler.
Would it be able to add a temoporary checkbox like "no permissions"?
Updated by Riccardo De Contardi almost 6 years ago
- Related to Bug #80279: Default language can't be selected/stored added
Updated by Susanne Moog over 5 years ago
- Related to Bug #65573: File operation permissions are not correctly inherited from group when field in user is NULL added
Updated by Gone With the Wind over 5 years ago
- Related to Bug #88312: User group definitions not saved properly added
Updated by Riccardo De Contardi almost 5 years ago
- Related to Bug #89643: file permissions cannot not both be empty added
Updated by Riccardo De Contardi almost 5 years ago
As reported by on #89643 from Robert Wildling, this issue still affects TYPO3 9.5.x
Updated by Riccardo De Contardi over 4 years ago
Still present on latest master (10.4.0-dev)
Updated by Riccardo De Contardi over 4 years ago
I was thinking: the issue is still present, but... does it make sense to remove every permission from the file or directory operations? If I don't want let a group do anything on a filemount - not even read it - I should not give it to the group, am I right? I hope I explained myself.
Or is there some scenario that I am not considering?
My suggestions
1) Make the "Read" always checked and readonly - later we can even remove it from the view maybe.
I think that this would even prevent some "odd" config like Read: deny; Write: allow
or
2) print out an error or warning message if I try to remove everything and save (It could even be something like "you can't remove every permission from the directory / file; permissions reverted to the previous selection"
Updated by Jonas Eberle over 4 years ago
I think 1) is a very practical choice.
Updated by Felix Rauch over 4 years ago
Riccardo De Contardi wrote:
I was thinking: the issue is still present, but... does it make sense to remove every permission from the file or directory operations? If I don't want let a group do anything on a filemount - not even read it - I should not give it to the group, am I right? I hope I explained myself.
Or is there some scenario that I am not considering?
Well not technically in this case, but doesn't the underlying Form Engine issue still exist?
I remember wrangling this issue for a while with a project because the requirements stated some form should have a multi-checkbox list with default selection and possibility to select nothing.
I think if this issue would be closed with a workaround, the TCA documentation should be adjusted to give some indication that the behaviour I described is out of spec for that field type (which I could understand, the underlying issue is a nightmare to fix, at least it was when I attempted some years back)
Updated by Riccardo De Contardi over 4 years ago
@Felix Rauch I got your point, you are right;
I feel that multiple checkboxes on FormEngine are a bit misfortunate; there is another issue: it is not possible to mark them as required ;)
Anyway, so there are two separate issues here
- the technical one about FormEngine and multiple checkboxes
- the conceptual one about permissions on files and folder
Updated by Gerrit Code Review about 2 years ago
- Status changed from Accepted to Under Review
Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76491
Updated by Gerrit Code Review about 2 years ago
Patch set 2 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76491
Updated by Gerrit Code Review about 2 years ago
Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76512
Updated by Gerrit Code Review about 2 years ago
Patch set 3 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76491
Updated by Gerrit Code Review about 2 years ago
Patch set 2 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76512
Updated by Gerrit Code Review about 2 years ago
Patch set 4 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76491
Updated by Gerrit Code Review about 2 years ago
Patch set 3 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76512
Updated by Gerrit Code Review about 2 years ago
Patch set 5 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76491
Updated by Gerrit Code Review about 2 years ago
Patch set 6 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76491
Updated by Gerrit Code Review about 2 years ago
Patch set 7 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76491
Updated by Gerrit Code Review about 2 years ago
Patch set 8 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76491
Updated by Gerrit Code Review about 2 years ago
Patch set 9 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76491
Updated by Gerrit Code Review about 2 years ago
Patch set 10 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76491
Updated by Gerrit Code Review about 2 years ago
Patch set 11 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76491
Updated by Gerrit Code Review about 2 years ago
Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76523
Updated by Gerrit Code Review about 2 years ago
Patch set 2 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76523
Updated by Gerrit Code Review about 2 years ago
Patch set 3 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76523
Updated by Gerrit Code Review about 2 years ago
Patch set 4 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76523
Updated by Gerrit Code Review about 2 years ago
Patch set 1 for branch 11.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76497
Updated by Anonymous about 2 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 4507410ad398d5f38aae5e4d089fbaf001a7f8c5.
Updated by Gerrit Code Review about 2 years ago
- Status changed from Resolved to Under Review
Patch set 2 for branch 11.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/76497
Updated by Anonymous about 2 years ago
- Status changed from Under Review to Resolved
Applied in changeset 740f8c0649250d83ee751a0edbc2a0ca85bb60b0.
Updated by Benni Mack almost 2 years ago
- Status changed from Resolved to Closed