Overriding the Permissions inherited from File Sets
Permalink Browser Info Environment
I have a Document Library block simply listing the files within a file set called Proposals. I have a Sales Team group who are uploading proposals for various clients, and an individual user account for each client so that we can specify which proposal/s can be seen by each client. We do not want a client to see a proposal that is meant for another client.
I have set up custom permissions on the File Set to allow my sales team to view all of the proposals. This works, as any new proposal uploaded can be seen by the Sales Team members and not by ANY other user account other than the administrator. However, when I override the file permissions on a particular file and grant a specific user permission to 'View Files' and 'View File in File Manager', the file does not appear in the Document Library for that specific user. They are definitely able to see the Document Library block as it says 'No Documents Found'.
I have done some testing and I believe the permissions of the File Set are taking precedence over the permissions of the individual file.
Surely this is incorrect behaviour?
p.s. I tested that File Set permissions were over-riding those set on the individual file by granting the user permissions at File Set level, whereby they were able to see all of the files within the set.
I have set up custom permissions on the File Set to allow my sales team to view all of the proposals. This works, as any new proposal uploaded can be seen by the Sales Team members and not by ANY other user account other than the administrator. However, when I override the file permissions on a particular file and grant a specific user permission to 'View Files' and 'View File in File Manager', the file does not appear in the Document Library for that specific user. They are definitely able to see the Document Library block as it says 'No Documents Found'.
I have done some testing and I believe the permissions of the File Set are taking precedence over the permissions of the individual file.
Surely this is incorrect behaviour?
p.s. I tested that File Set permissions were over-riding those set on the individual file by granting the user permissions at File Set level, whereby they were able to see all of the files within the set.
| Type: | Discussion |
|---|---|
| Status: | Archived |
Ok, so can you help me add this extra level of permissions checking, as it would make more sense to have the permissions hierarchy check at file level after examining the file set?
Ok, I'm looking at the permissions here. If you put this anywhere near the top of the blocks view.php(if using PHP5.3) it looks like it will give you what you are looking for. I have a hunch this permission situation is upstream at the core code.
If you aren't using php5.3 and this doesn't work let me know and I'll give you something for PHP5.2.
Best Wishes,
Mike
// around line #11 $files = array_filter($files, function($file) { $fp = new Permissions($file); return $fp->canViewFile(); });
If you aren't using php5.3 and this doesn't work let me know and I'll give you something for PHP5.2.
Best Wishes,
Mike
Attention: Since there has been no activity on this issue for two weeks, this issue has been automatically archived.
To re-open this issue, reply to this message.
To re-open this issue, reply to this message.
You are correct about Document Library. Once the File Set check occurs, this no longer checks for it's individual file permissions.
Best Wishes,
Mike