Issues with download folder & file permission in admidio-3.2 & admidio-3.3.1

If you aren't speaking german, you can ask for support or post your request here.
Antworten
Benutzeravatar
amitabhmca
Beiträge: 104
Registriert: 18. Apr 2018, 02:44
Wohnort: Singapore

Issues with download folder & file permission in admidio-3.2 & admidio-3.3.1

Beitrag von amitabhmca »

Dear All,

I see permission related issues where user is able to delete folder/files created by administrator or other users.

As you can see in attached screenshot, I logged in as my user and easily able to delete folders/files created by administrator or any other user which shouldn't be the case. I have tested this in admidio-3.2 and admidio-3.3.1 version..

Delete / edit option should only be visible to the folder owners and greyed out to other members. In other words user should be able to modify/delete only his own folders or files but not other folders/files created by other users/administrator etc..

I request to consider to fix this in upcoming or future releases.
Admidio Download.JPG
Admidio Download.JPG (49.85 KiB) 2971 mal betrachtet
Thanks,
Amitabh
Nach oben
Benutzeravatar
amitabhmca
Beiträge: 104
Registriert: 18. Apr 2018, 02:44
Wohnort: Singapore

Re: Issues with download folder & file permission in admidio-3.2 & admidio-3.3.1

Beitrag von amitabhmca »

Dear All,

I did some more testing. Though there are workarounds, folder read write permission is still the issue..

inheriting permission from parent folder doesn't look to be an ideal solution.

My suggestion is to use permission concept (as in Linux)where subfolder permissions shouldn't depend on parent folder. folder or subfolder options can be given such as allow/deny upload or visibility..

I request respective developers to consider fixing this in upcoming or future releases.

Thanks,
Amitabh
Nach oben
Antworten

Zurück zu „English Support Forum“