Task #55416
Epic #55070: Workpackages
Epic #54260: WP: FAL Missing Issues / Features / API
Story #54267: As an Editor I want to use a FAL withouth bugs
Accessing the root folder of a file mount is not possible for non-admins
Status: | Resolved | Start date: | 2014-01-29 | |
---|---|---|---|---|
Priority: | Must have | Due date: | ||
Assigned To: | - | % Done: | 100% |
|
Category: | File Abstraction Layer (FAL) | Spent time: | - | |
Target version: | 6.2.0 | |||
TYPO3 Version: | 6.2 | Complexity: | ||
PHP Version: | Sprint Focus: |
Description
The change "[!!!][TASK] Driver API has too many crosscutting concerns" f83eddd5027b74d7f4d28a845521bff3b2dd603d breaks filemounts for non-admins (or changes the configuration needed?). After this change, a non-admin cannot access the root folder of a filemount. Sub-folders of a filemount work.
The error message is: "You are not allowed to access the given folder."
Related issues
Associated revisions
[BUGFIX] Allow access to filemount directories
Currently a backend user can only access files within filemounts
but not the filemount directory itself.
After that fix LocalDriver::isWithin returns true, if the folder
itself is requested.
Resolves: #55416
Releases: 6.2
Change-Id: I455664359ec620c413bfc01787bda8766462fbab
Reviewed-on: https://review.typo3.org/27120
Reviewed-by: Ingo Schmitt
Tested-by: Ingo Schmitt
Reviewed-by: Wouter Wolters
Reviewed-by: Steffen Ritter
Tested-by: Steffen Ritter
History
#1 Updated by Michiel Roos over 1 year ago
Confirmed!
#2 Updated by Ernesto Baschny over 1 year ago
- Target version set to 6.2.0
- Parent task set to #54267
#3 Updated by Gerrit Code Review over 1 year ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120
#4 Updated by Gerrit Code Review over 1 year ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120
#5 Updated by Gerrit Code Review over 1 year ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120
#6 Updated by Gerrit Code Review over 1 year ago
Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120
#7 Updated by Gerrit Code Review over 1 year ago
Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120
#8 Updated by Gerrit Code Review over 1 year ago
Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120
#9 Updated by Gerrit Code Review over 1 year ago
Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27120
#10 Updated by Alexander Stehlik over 1 year ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 2015d65fcca95202766ffc2734235c0b6c8c5cd6.
#11 Updated by Markus Kasten over 1 year ago
Since the patch was committed, non-admin users can't access files in filemounts that are using the folder of a filestorage. Filemounts using a subfolder of a filestorage are accessible for non-admin users.
I have a filemount "fileadmin-all" that is using the fileadmin storage and the root folder "/". When the filemount uses for example "/test/" as the folder, everythings seems to work fine.
When reverting commit 2015d65fcca95202766ffc2734235c0b6c8c5cd6, everything (from my point of view) is working fine again.
Can this behaviour be confirmed? Tested with latest master (179675e1f442cf75babe7a921bc874cc714b0ec6) and beta5.
#12 Updated by Alexander Stehlik over 1 year ago
You're right. The root folder is only accessible in read-only mode when I apply the patch. Really strange.
#13 Updated by Alexander Stehlik over 1 year ago
@Markus: Can you please test and review #55740?
#14 Updated by Markus Kasten over 1 year ago
The patch in #55740 seems to fix the problem for me.