Hello again,

maybe I just don't get the configuration and permissions right but I can't get users of a certain role to only see one private folder inside the private space. Users always also see the entire 'private' directory structure additionally to the directory they are allowed to work with (which happens to be located inside the private filesystem:

Private files: sites/default/private/
'Extranet' Volume for 'Member' role: sites/default/private/extranet
Public files: sites/default/files

The permissions for the role "Member" are set like this.

Use elFinder file manager     [x]
Administer file manager       [_]
Create new directories        [x]
Create new files              [x]
Rename files and directories  [x]
File uploads                  [x]
Paste from clipboard          [_]
Copy to clipboard             [_]
Cut to clipboard              [_]
View file info                [x]
Preview files                 [_]
Delete files and directories  [x]
Duplicate files               [_]
Edit files                    [_]
Add files to archive          [_]
Extract files from archive    [_]
Resize images                 [_]
Download own uploaded files   [x]
Download all uploaded files   [x]
Access public files           [_]
Access private files          [_]
Access unmanaged files        [x]
Write public files            [_]
Write private files           [_]
View file descriptions        [x]
Edit file descriptions        [x]
View file owner               [x]
View file downloads           [_]

Am I right to think that with "Access private files" and "Access public files" being forbidden the "private" direcotry shouldn't show up for users of that given role or did I miss something?

Regards,
Daniel

Comments

daniel wentsch’s picture

daniel wentsch commented
Title: Let users only see on volume » Let users only see one volume
daniel wentsch’s picture

daniel wentsch commented
Title: Let users only see one volume » Let users only access volumes they're allowed to
daniel wentsch’s picture

daniel wentsch commented

Ok, I'm a little step further: the issue starts to appear only when using profiles. As soon as I add a profile with a volume accessible for a certain role this role gets access to the entire private file system.

When I removed the profile and granted access only to unmanaged files it worked: my desired role gets access to a folder inside the private file system but nowhere else. As I only need one role with access to one directory that works for me, but I guess there's something wrong with the profile/volume system, as far if I understood its purpose correctly.

Update:
Ok, I'm not quiet there yet. Although the desired role now does have reading access to the directory they should have there's still missing the permission to upload files and create new folders. Deleting and renaming works, though. All files and folders also show a lock icon.

daniel wentsch’s picture

daniel wentsch commented

Ok, somehow I got it working, though I must confess I'm not sure what the problem was.

What I did:
- remove all (elfinder) profiles
- add a new profile with name 'Extranet 3', Path 'private://extranet', URL left empty and label 'Extranet'
- as the profile had the same settings as before I thought the problem might relate to the name of the profile being the same as the folder of the volume...
- deleted the profile and recreated it with the same settings but the name 'Extranet' (once again). Still worked.

As far as I can tell everything is the same as before but now it works. Pretty confusing.

junedkazi’s picture

junedkazi commented
Status: Active » Fixed

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.