View Issue Details

IDProjectCategoryView StatusLast Update
0002775Composrfiledumppublic2016-08-22 20:41
ReporterPatrick SchmalstigAssigned To 
Severityfeature 
Status non-assignedResolutionopen 
Product Version 
Fixed in Version 
Summary0002775: Filedump permissions by folder
DescriptionEnable the ability to set permissions by folder for the filedump.

The first permission would be "direct access". If this permission is enabled, then the folder and all files in it can be accessed everywhere, including by direct URL call. If direct access is enabled, then all view-type permissions should be disabled since anyone can view anything in it.

If direct access is disabled, then a .htaccess file will be created inside that folder to throw a forbidden message for any attempts to call files in the folder directly. Instead, viewing files inside that folder would have to run through Composr and its permissions checks.

Permissions available for a folder by usergroup include view access, add folder, edit own folder, edit folder, delete own folder, delete folder, upload files, edit own files, edit files, delete own files, delete files, and reference files in content (aka. attachments/media tag). There should probably also be the ability to change metadata such as file/folder add date, edit date, owner, etc. (at the very least, owner).
TagsNo tags attached.
Attach Tags
Time estimation (hours)32
Sponsorship open

Relationships

related to 0002774 non-assigned Use filedump / virtual UI for managing attachments 

Activities

Chris Graham

2016-08-22 20:41

administrator   ~0004266

Note that we can never make assumptions of server-specific stuff like .htaccess working. It can be disabled even on Apache.

Issue History

Date Modified Username Field Change
2016-08-12 20:20 Patrick Schmalstig New Issue
2016-08-22 20:39 Chris Graham Relationship added related to 0002774
2016-08-22 20:40 Chris Graham Time estimation (hours) => 32
2016-08-22 20:41 Chris Graham Note Added: 0004266