Task #55416

Epic #55070: Workpackages

Epic #54260: WP: FAL Missing Issues / Features / API

Story #54267: As an Editor I want to use a FAL withouth bugs

Accessing the root folder of a file mount is not possible for non-admins

Added by Lorenz Ulrich over 1 year ago. Updated over 1 year ago.

Status:Resolved Start date:2014-01-29
Priority:Must have Due date:
Assigned To:- % Done:

100%

Category:File Abstraction Layer (FAL) Spent time: -
Target version:6.2.0
TYPO3 Version:6.2 Complexity:
PHP Version: Sprint Focus:

Description

The change "[!!!][TASK] Driver API has too many crosscutting concerns" f83eddd5027b74d7f4d28a845521bff3b2dd603d breaks filemounts for non-admins (or changes the configuration needed?). After this change, a non-admin cannot access the root folder of a filemount. Sub-folders of a filemount work.

The error message is: "You are not allowed to access the given folder."


Related issues

related to Core - Task #54230: Refactor Driver API Resolved 2013-12-06 2013-12-31
related to Core - Task #54231: The Driver Registry should check for the implementation o... Resolved 2014-01-01 2014-01-01
related to Core - Bug #55740: Storage root folders not accessible by filemounts Resolved 2014-02-06

Associated revisions

Revision 2015d65f
Added by Alexander Stehlik over 1 year ago

[BUGFIX] Allow access to filemount directories

Currently a backend user can only access files within filemounts
but not the filemount directory itself.

After that fix LocalDriver::isWithin returns true, if the folder
itself is requested.

Resolves: #55416
Releases: 6.2
Change-Id: I455664359ec620c413bfc01787bda8766462fbab
Reviewed-on: https://review.typo3.org/27120
Reviewed-by: Ingo Schmitt
Tested-by: Ingo Schmitt
Reviewed-by: Wouter Wolters
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter

History

#1 Updated by Michiel Roos over 1 year ago

Confirmed!

#2 Updated by Ernesto Baschny over 1 year ago

  • Target version set to 6.2.0
  • Parent task set to #54267

#3 Updated by Gerrit Code Review over 1 year ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#4 Updated by Gerrit Code Review over 1 year ago

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#5 Updated by Gerrit Code Review over 1 year ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#6 Updated by Gerrit Code Review over 1 year ago

Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#7 Updated by Gerrit Code Review over 1 year ago

Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#8 Updated by Gerrit Code Review over 1 year ago

Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#9 Updated by Gerrit Code Review over 1 year ago

Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120

#10 Updated by Alexander Stehlik over 1 year ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100

#11 Updated by Markus Kasten over 1 year ago

Since the patch was committed, non-admin users can't access files in filemounts that are using the folder of a filestorage. Filemounts using a subfolder of a filestorage are accessible for non-admin users.

I have a filemount "fileadmin-all" that is using the fileadmin storage and the root folder "/". When the filemount uses for example "/test/" as the folder, everythings seems to work fine.

When reverting commit 2015d65fcca95202766ffc2734235c0b6c8c5cd6, everything (from my point of view) is working fine again.

Can this behaviour be confirmed? Tested with latest master (179675e1f442cf75babe7a921bc874cc714b0ec6) and beta5.

#12 Updated by Alexander Stehlik over 1 year ago

You're right. The root folder is only accessible in read-only mode when I apply the patch. Really strange.

#13 Updated by Alexander Stehlik over 1 year ago

@Markus: Can you please test and review #55740?

#14 Updated by Markus Kasten over 1 year ago

The patch in #55740 seems to fix the problem for me.

Also available in: Atom PDF