Bug #70812

edit user or usergroup > cannot remove every permission on file/directories

Added by Riccardo De Contardi about 4 years ago. Updated about 2 years ago.

Status:
Accepted
Priority:
Must have
Assignee:
-
Category:
Backend User Interface
Start date:
2015-10-17
Due date:
% Done:

0%

TYPO3 Version:
8
PHP Version:
5.6
Tags:
Complexity:
Is Regression:
Yes
Sprint Focus:

Description

Steps to reproduce:

1) System > backend user module (or root > list)
2) click + to create a new user
3) remove EVERY permission
4) on the tab "Mounts and workspaces" > "Fileoperation permissions:" uncheck everything both on "directory" and "files" list.
5) save
Result: "directory" and "files" lists still have checked options (the one you unchecked before) that is:

Directory: Read
Directory: Write
Directory: Add
Directory: Rename
Directory: Move
Directory: Delete

Files: Read
Files: Write
Files: Add
Files: Rename
Files: Replace
Files: Move
Files: Delete

(see attached file)

- you have to remove EVERYTHING from both to have this situation: if you keep at least one setting in one of the lists, the result is saved and not reverted
- this issue does not seem present on 6.2.15

Schermata 2015-10-17 alle 17.12.39.png View (52.7 KB) Riccardo De Contardi, 2015-10-17 17:18


Related issues

Related to TYPO3 Core - Bug #71020: Backendgroups / Rights for fileoperations Closed 2015-10-26
Related to TYPO3 Core - Bug #76033: Invalid default value for be group/user file permissions Closed 2016-05-03
Related to TYPO3 Core - Bug #77705: No observance for the permissions for fileoperations Closed 2016-08-31
Related to TYPO3 Core - Bug #77704: Permissions for fileoperations Closed 2016-08-31
Related to TYPO3 Core - Bug #80279: Default language can't be selected/stored New 2017-03-14
Related to TYPO3 Core - Bug #65573: File operation permissions are not correctly inherited from group when field in user is NULL Closed 2015-03-06
Related to TYPO3 Core - Bug #88312: User group definitions not saved properly Closed 2019-05-09
Duplicated by TYPO3 Core - Bug #76035: Unable to remove all directory and file permissions for be users or groups Closed 2016-05-03
Duplicated by TYPO3 Core - Bug #81506: formEngine: fileoperation permissions not possible to persist if no permission ist selected Closed 2017-06-07

History

#1 Updated by Riccardo De Contardi about 4 years ago

  • Subject changed from create a new user > cannot remove every permission on file/directories to edit user or usergroup > cannot remove every permission on file/directories

the issue affects also usergroups, not only users. See also #71020

#2 Updated by Riccardo De Contardi almost 4 years ago

This issue is still valid for the latest 8.0-dev master

#3 Updated by Markus Klein over 3 years ago

  • Status changed from New to Accepted
  • Priority changed from Should have to Must have
  • Target version set to Candidate for patchlevel
  • Sprint Focus set to Stabilization Sprint

#4 Updated by Daniel Windloff about 3 years ago

I had the same problem on an own TCA configuration.
I think this bug has the following reason:

In

typo3/sysext/backend/Classes/Form/Element/SelectCheckBoxElement.php
line 114 the default value for an empty list is defined as "".
$html[] = '<input type="hidden" class="select-checkbox" name="' . htmlspecialchars($parameterArray['itemFormElName']) . '" value="">'; 

In

DataHandler::castReferenceValue
the value "" would be replaced by the default value defined in TCA.

Changing the return of castReferenceValue or the default value could be breaking change in some scenarios.

#5 Updated by Frans Saris about 3 years ago

  • Is Regression changed from No to Yes

#6 Updated by Riccardo De Contardi over 2 years ago

Still affects both 7.6.15 and the latest master.

#7 Updated by Josef Glatz over 2 years ago

  • Duplicated by Bug #81506: formEngine: fileoperation permissions not possible to persist if no permission ist selected added

#8 Updated by Josef Glatz over 2 years ago

  • TYPO3 Version changed from 7 to 8
  • Sprint Focus deleted (Stabilization Sprint)

8LTS and 9-dev (master) still affected

#9 Updated by M S about 2 years ago

Thats a really hard bug since a few years. Would be nice if somebody could fix this.

#10 Updated by Markus Klein about 2 years ago

I took a look already some time ago. It is also super hard to fix this!
I wasn't yet able to figure out if this would result in a major breaking change of DataHandler.

#11 Updated by M S about 2 years ago

Markus Klein wrote:

I took a look already some time ago. It is also super hard to fix this!
I wasn't yet able to figure out if this would result in a major breaking change of DataHandler.

Would it be able to add a temoporary checkbox like "no permissions"?

#12 Updated by Riccardo De Contardi 10 months ago

  • Related to Bug #80279: Default language can't be selected/stored added

#13 Updated by Susanne Moog 8 months ago

  • Related to Bug #65573: File operation permissions are not correctly inherited from group when field in user is NULL added

#14 Updated by Robert Wildling 6 months ago

  • Related to Bug #88312: User group definitions not saved properly added

Also available in: Atom PDF