Register   Login
Support  »  Product Forums
     
  Latest Posts  
RE: Subscription setup questions?
by nassoa on 11/21/2008 7:46 PM
RE: Redirecting non-DNN generated urls
by slonecke@dhw.idaho on 11/21/2008 6:49 PM
RE: sub types
by Jessynoo on 11/21/2008 6:45 PM
RE: Subscription setup questions?
by nassoa on 11/21/2008 5:59 PM
Subscription setup questions?
by nassoa on 11/21/2008 5:43 PM
Edit Comments
by swebster on 11/21/2008 5:35 PM
RE: Negative role tokens: ISNOTINROLE, ISAGENTNOTINROLE
by richardcook on 11/21/2008 5:26 PM
Negative role tokens: ISNOTINROLE, ISAGENTNOTINROLE
by richardcook on 11/21/2008 5:12 PM
RE: Sites using Subscription Tools
by nassoa on 11/21/2008 4:10 PM
"Editor's" Review
by swebster on 11/21/2008 3:32 PM
  Forums  
Forums > Modules > File Links
Subject: issue with user rights
Prev Next
You are not authorized to post a reply.

Author Messages
peter schotmanUser is Offline
Gold Membership
Nuke Addict
Nuke Addict
Posts:92
10/02/2008 3:54 AM  

The module does not consider the rights structure specified in the file manager. E.g. ifI have a sub-directory below my root directory I can see, read and write to this directory although - in the filemanager I have disallowed it for the specified role.

Furthermore, if a user is in a role with page edit rights, he can add a new module to the page and access the complete file structure, although there are some subdirectories he should not see.

Peter
Peter Schotman

Cestus Websites: DotNetNuke solutions in the Netherlands
Contact us for all your custom design and skinning.
Scott McCullochUser is Offline
Administrators
Nuke Master
Nuke Master
Posts:12442
10/02/2008 4:34 AM  
Peter,

Do you mean the rights according to the user logged in or the person setting the module? This was a design decision I had to make.
Scott McCulloch
Site Administrator
peter schotmanUser is Offline
Gold Membership
Nuke Addict
Nuke Addict
Posts:92
10/02/2008 4:46 AM  
actually both.

The user setting the module (who has page rights, but is not an admin) should not see the directories he has no rights to see. E.g. in an intranet situation, he should not be able to see the folder of the board of directors.

The user using the module should not see the directories below the root, for which he has no permissions (accoording to the settings entered in the file manager).

Peter
Peter Schotman

Cestus Websites: DotNetNuke solutions in the Netherlands
Contact us for all your custom design and skinning.
Scott McCullochUser is Offline
Administrators
Nuke Master
Nuke Master
Posts:12442
10/02/2008 5:32 AM  
When I was testing, i found that some people had been not using permissions correctly, hence is messed up the module a little.

I would like to make a setting to choose/ignore file security. It would need to be a host level setting though.

Would that work for you?
Scott McCulloch
Site Administrator
peter schotmanUser is Offline
Gold Membership
Nuke Addict
Nuke Addict
Posts:92
10/02/2008 10:33 AM  
Yes that would work for me. Personally, I think the module should by default observe the file security settings. If a host decides to ignore it, he probably has a specific use case to consider.

Peter
Peter Schotman

Cestus Websites: DotNetNuke solutions in the Netherlands
Contact us for all your custom design and skinning.
julie murphyUser is Offline
Registered Users
Nuke Super Newbie
Nuke Super Newbie
Posts:14
10/02/2008 12:54 PM  

Scott-

This is the same issue I referenced in my earlier post requesting a host level setting to follow the file manager rights.  Do you anticipate making changes to the module to accomodate this?

Julie
Scott McCullochUser is Offline
Administrators
Nuke Master
Nuke Master
Posts:12442
10/06/2008 6:52 AM  
Yes, I'll be making this change.
Scott McCulloch
Site Administrator
Dax DavisUser is Offline
Gold Membership
Nuke Master
Nuke Master
Posts:328
10/06/2008 9:34 AM  
Good call.

Dax
You are not authorized to post a reply.
Forums > Modules > File Links > issue with user rights


ActiveForums 3.7
Terms Of Use   Privacy Statement   Copyright 2002-2008 Ventrian   Page generated in 0.59375 seconds