[TYPO3-dam] supplement - Re: readonly backend access possible?
georg kuehnberger
georg at georg.org
Wed Aug 6 09:34:06 CEST 2008
following up on my monologue,
Idea #2 was
- Create group-specific subfolders beyond "Media" and
- set Page-Rights per Sub-Page & Group, which should be respected by DAM
- then move tx_dam records into the subfolders according to your
specific needs in regards to which group may read or write those records;
So I setup subfolders (group1, group2) beyond the Media-Folder and set
AccessRight "Edit Content" of one subfolder to NOBODY;
Guess what happpens:
- The folder rights (read/write) are respected fine in the Web > List
Module;
- The folder rights are IGNORED by the Media > File and > List Module;
that is: users of BE-group1 and BE-group2 were still able to list & edit
records in the subfolders.
Ineresting btw: FE-wise this works quite fine: selected records from
Media-Subfolders ARE shown fine in the FE;
I conclude that the DAM Modules File & List, dont respect Page-Access
Configurations, except for the Media Folder itself.
Digging into it, it seems that the Permissions are
- calculated for "the only one" DAM sysfolder ($this->defaultPid), and are
- calculated very early in
---
class.tx_dam_scbase.php, function init(), l 247-248
---
which IMHO currently wont allow for correct page-based permissions per
folder (IMHO);
hmm ... grepping for "calcPerms" leads to:
class.tx_dam_actionsFile.php, class.tx_dam_listrecords.php,
class.tx_dam_cm_record.php, class.tx_dam_list_thumbs.php, ....
So I decideded to give up on this for now.
However, I seriously DO feel that a DAM without a meaninful option for
READ-ONLY records (for certain groups) based on folders IS somewhat
incomplete.
PS: I somewhat fail to "word" a bugreport on this, anyone else ?
georg kuehnberger wrote:
> rethinking my last idea, and talking to myself:
>
> I was (of course) wrong.
> Simple for the reason that BE_accessrights in TYPO3 are ONLY on page-
> and not also on record-level.
> pitty, pitty;
> regards georg
More information about the TYPO3-project-dam
mailing list