Bug #72404
closed
Epic #83669: Improve file list / file browser
misleading information while creating files in filelist module
Added by Bernd Wilke over 8 years ago.
Updated almost 5 years ago.
Description
While you can create a textfile in the filelist module you are shown a list of file extensions with the hint these are 'allowed'. the text could be interpreted as: 'you are allowed to create files with one of these extensions only', but it should be: '(afterwards) you are allowed to edit only files with one of these file extensions'
Create new textfile
File name:
[______________________________]
Allowed file extensions:
TXT TS TYPOSCRIPT HTML HTM CSS TMPL JS SQL XML CSV XLF
But isn't the real bug that it is possible to create any file type regardless the list of allowed types?
Edit: And that you can rename any file to have any type you like. Where is the point in denying the editor to edit e.g. php files but allow to create a php file, rename it into .txt, edit it and rename it back to .php?
depending on the interpretation of the message / or the interpretation of the whitelist.
if that whitelist should handle all file actions: the creation of other files is an error.
if that extensionlist should verify an editor can edit/modify content of these files the message is faulty.
I would prefer a clear blacklist for each user/usergroup to have individual rights: one usergroup may edit html-files, others only should be allowed to upload/rename/delete images. but that would be another feature.
- Parent task set to #83669
- Related to Bug #86765: Error: when creating disallowed textfile type in filelist module added
- Status changed from New to Under Review
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
- Status changed from Resolved to Under Review
- Status changed from Under Review to Resolved
- Status changed from Resolved to Closed
Also available in: Atom
PDF