| Summary | can only upload file to non-empty directory if you have delete permissions |
| Queue | Gollem |
| Queue Version | 1.0.3 |
| Type | Bug |
| State | Resolved |
| Priority | 2. Medium |
| Owners | chuck (at) horde (dot) org |
| Requester | cam.proctor (at) its (dot) state (dot) ms (dot) us |
| Created | 05/10/2007 (6638 days ago) |
| Due | |
| Updated | 06/16/2008 (6235 days ago) |
| Assigned | 07/10/2007 (6577 days ago) |
| Resolved | 07/18/2007 (6569 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
stable in Gentoo. Anyway, clicking the 'permissions' button in Gollem
with the FTP backend totally disables all other users' access to the
filesystem. There is no warning and no way to back out the change.
You have to edit the database and remove the three new table entries
for permissions. There should be a warning screen before execution at
the least and a way to actually delete the tables from inside horde.
Assigned to Chuck Hagenbuch
Taken from
Taken from Michael Slusarz
State ⇒ Resolved
typo that disabled editing if a permissions check for deletion failed:
http://lists.horde.org/archives/cvs/Week-of-Mon-20070716/069418.html
Btw, should users be able to cut items (as opposed to copy) if they
can't delete them?
Assigned to
anything about the permissions code anyway, I may not be the best
person to have this ticket in the first place).
$backends['file'] = array(
'name' => 'BS-ATT Files',
'driver' => 'file',
'preferred' => '',
'hordeauth' => true,
'params' => array(
// The base location under which the user home directories live.
'vfsroot' => '/opt/hordefs/BS-ATT',
// The default permissions to set for newly created folders and files.
// 'permissions' => $conf['umask']
),
'loginparams' => array(),
'root' => '/',
// 'home' => Auth::getAuth(),
// 'createhome' => false,
// 'filter' => '^regex$',
// 'quota' => false,
'clipboard' => true,
'attributes' => array('type', 'name', 'download', 'modified',
'size', 'permission', 'owner', 'group')
);
Sorry it took so long to respond, I never saw the previous message
until the status changed.
gollem-h3-1.0.3 (no option for it in the dropdown for ticket creation)
using a user who has Show, Read, and Edit permissions:
If i create a directory and then upload a single file, I can no
longer see the file upload object once the page is refreshed, in that
directory. Same applies to directories with files that already exist.
Version ⇒ 1.0.3
Priority ⇒ 2. Medium
Type ⇒ Bug
Summary ⇒ can only upload file to non-empty directory if you have delete permissions
Queue ⇒ Gollem
State ⇒ Unconfirmed
gollem-h3-1.0.3 (no option for it in the dropdown for ticket creation)
using a user who has Show, Read, and Edit permissions:
If i create a directory and then upload a single file, I can no longer
see the file upload object once the page is refreshed, in that
directory. Same applies to directories with files that already exist.
If i give the user delete permissions, he/she can then see the file
upload object in any directory.
I have a requirement to allow people to upload anywhere they have
access to but never delete old files (versions). Basically once they
post it they have to upload another as opposed to delete and upload in
it's place. so they can' t lie about it later by changing the data. :)
Did I miss something in the config? Or is this actually a bug. It
looked like the upload object was based on edit permissions and not
delete from what I scanned through in the code.