I have a user that has the role "authenticated user". I have filedepot configured such that the default role permission for authenticated user is:
authenticated user:view
I created a folder that specifies that the particular user may only view. All the upload and admin permissions are set to "no". There are no role access records on this directory.
When I browse to that folder, and view a file in it, the "Action" column displays both the "Download" icon and the "Edit" icon.
When I click on the file, The "Download" pane is enabled, but the "Edit" pane is disabled. This seems to be the correct behavior.
I think the "Edit" icon should not be displayed, because bad things happen when I click on it:
-- It locks the file which I cannot unlock.
-- It gives me a file to "edit" which I cannot resubmit, because I have no upload privs.
I'm running Drupal 6.12 on openSuSE 11.2 i586.
| Comment | File | Size | Author |
|---|---|---|---|
| #4 | filedepot_791058.v2.patch | 709 bytes | blainelang |
| #2 | filedepot_791058.patch | 623 bytes | blainelang |
Comments
Comment #1
BenK commentedSubscribing...
Comment #2
blainelang commentedI was able to test and verify this issue. Attached is a patch to file lib-theme.php.
If user does not have 'upload direct' or 'moderated upload' permission to a folder then they will not get the 'download for editing' action icon in the filelisting view.
Can someone verify the fix before I commit it to CVS.
Thanks!
Comment #3
ldav1s commentedI can't apply the patch to try it out, otherwise I would. I only have 'patch' to apply patches and not what generated this patch.
Comment #4
blainelang commentedSorry about that -- The Windows compare tool that I'm using had another option which I think will be in a compatible format. Attached is the updated patch.
Thanks!
Comment #5
ldav1s commentedThe patch applied alright. I tried it with a folder where the user had the original permissions as well as with folders with 'moderated upload' and 'upload direct' bits set. From what I observed, it does what you described in comment #2. Thanks for your prompt fix!
Comment #6
blainelang commentedCommitted fix to CVS
Comment #7
ldav1s commentedFixed in 1.0-rc3.