[TYPO3-dev] Rights for Content Elements
Dmitry Dulepov
9f4eetb02 at sneakemail.com
Tue Apr 10 14:20:42 CEST 2007
Hi!
Just ideas from me...
Steffen Kamper wrote:
> there is something, that is not consequent in Typo3 (AFAIK).
>
> For example the usergroup are not allowed to use the CE sitemap.
> In this case, he cannot insert the sitemap and he is not allowed to edit.
>
> But in the GUI he see the edit-icon and the delete-icon. These should be not
> visible to him.
True (and easy to check)
> If the flag Page:Content is set in Allowed excludefields the user is allowed
> to delete the sitemap, this must be a bug
> (see Bug #5386)
Well, same in Unix/Linux: you still can delete a file if you have no
write permissions to it but have execute on parent folder. I was
surprised by this but explanation was that in fact you operate on folder
(typo3 -> on a page), not on the file.
--
Dmitry Dulepov
Web: http://typo3bloke.net/
Skype: callto:liels_bugs
"It is our choices, that show what we truly are,
far more than our abilities." (A.P.W.B.D.)
More information about the TYPO3-dev
mailing list