Project

General

Profile

Actions
Copy link

Bug #77855

closed

FAL replace not possible for non-admin user

Added by Heinz Schilling about 8 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
File Abstraction Layer (FAL)
Target version:
-
Start date:
2016-09-05
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
7
PHP Version:
5.6
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

As a non-admin user I upload a file in filelist. Then I use button «replace» and want to upload the same file. Get strange error message:

Extension of file name "image001.jpg" is not allowed in "/xyz/qwe/image001.jpg"!
Environment
  • .jpg is allowed because the same user can upload it.
  • Fileoperation permissions: Files: Replace is set in backend usergroup
Maybe
  • «Replace» ignores permission from backend usergroup
  • Maybe «replace file» test file extension with other list than «upload file»
Actions
Copy link
 #1

Updated by Heinz Schilling about 8 years ago

In my installation I have this configuration:

$GLOBALS['TYPO3_CONF_VARS']['BE']['fileExtensions']['webspace']['allow'] = 'png,gif,jpg,jpeg,pdf,tif,tiff,bmp,doc,docx,xls,xlsx,csv';
$GLOBALS['TYPO3_CONF_VARS']['BE']['fileExtensions']['webspace']['deny'] = '*';

This works in TYPO3 6.2.x.
In TYPO3 7.6.11 upload of .pdf for example non-admin user is possible. But replacing the same file as non-admin user is not possible.

Workaround

$GLOBALS['TYPO3_CONF_VARS']['BE']['fileExtensions']['webspace']['allow'] = 'png,gif,jpg,jpeg,pdf,tif,tiff,bmp,doc,docx,xls,xlsx,csv';
$GLOBALS['TYPO3_CONF_VARS']['BE']['fileExtensions']['webspace']['deny'] = '';

Actions
Copy link
 #2

Updated by Riccardo De Contardi about 8 years ago

  • Status changed from New to Needs Feedback

Hello. Could you tell me more information about how to reproduce it on 7.6.12 ? I set up "Replace file" on the BE group and removed it on the BE user, but I was not able to reproduce it.

Thank you

Actions
Copy link
 #3

Updated by Heinz Schilling almost 8 years ago

I made a fresh installation TYPO3 7.6.14

Adding like described in typo3conf/AdditionalConfiguration.php:

<?php
if (!defined ('TYPO3_MODE')) {
    die ('Access denied.');
}

$GLOBALS['TYPO3_CONF_VARS']['BE']['fileExtensions']['webspace']['allow'] = 'png,gif,jpg,jpeg,pdf,tif,tiff,bmp,doc,docx,xls,xlsx,csv';
$GLOBALS['TYPO3_CONF_VARS']['BE']['fileExtensions']['webspace']['deny'] = '*';

BE group with permission to replace file. BE user not. This BE user can upload a .jpg file, but can't replace the same file. Replace seems to does not accepts same file types as upload does, if you have restrictions described above.

Can you reproduce it?

Actions
Copy link
 #4

Updated by Riccardo De Contardi almost 8 years ago

  • Status changed from Needs Feedback to New

Yes! I was able to reproduce it... it seems that the replace task does not end; and when I reload the filelist, I got the same error

Extension of file name "13311751870.jpg" is not allowed in "/Images/"!
Actions
Copy link
 #5

Updated by Riccardo De Contardi almost 8 years ago

  • Category set to File Abstraction Layer (FAL)
Actions
Copy link
 #6

Updated by Gerrit Code Review over 7 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52379

Actions
Copy link
 #7

Updated by Gerrit Code Review over 7 years ago

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52379

Actions
Copy link
 #8

Updated by Gerrit Code Review over 7 years ago

Patch set 1 for branch TYPO3_7-6 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52388

Actions
Copy link
 #9

Updated by Gerrit Code Review over 7 years ago

Patch set 2 for branch TYPO3_7-6 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52388

Actions
Copy link
 #10

Updated by Gerrit Code Review over 7 years ago

Patch set 1 for branch TYPO3_6-2 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52389

Actions
Copy link
 #11

Updated by Gerrit Code Review over 7 years ago

Patch set 2 for branch TYPO3_6-2 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52389

Actions
Copy link
 #12

Updated by Gerrit Code Review over 7 years ago

Patch set 3 for branch TYPO3_6-2 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52389

Actions
Copy link
 #13

Updated by Gerrit Code Review over 7 years ago

Patch set 4 for branch TYPO3_6-2 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/52389

Actions
Copy link
 #14

Updated by Helmut Hummel over 7 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions
Copy link
 #15

Updated by Benni Mack about 6 years ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF