Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#1 2009-05-14 12:06:43

wet
Developer Emeritus
From: Schoerfling, Austria
Registered: 2005-06-06
Posts: 3,330
Website Mastodon

Finer grained permissions for images, files, and links?

Change set 3176 introduced a capability to discern objects owned by the current user from the rest.

Therefore we’d be able to enforce finer-grained permissions for operations on files, images and links per privilege level along the lines of what is currently driving the article workflow (“freelancers” may create, but not publish; “publisher” is omnipotent, etc.).

Q: To what extent are finer-grained permissions for images, files, and links needed/useful in real life? Discuss!

Offline

#2 2009-05-14 12:20:28

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,090
Website GitHub Mastodon Twitter

Re: Finer grained permissions for images, files, and links?

wet wrote:

Q: To what extent are finer-grained permissions for images, files, and links needed/useful in real life? Discuss!

This would be great!!! Especially for multi-author sites or those which use mem’s self register plugins. A scenario would be to trust a writer, give them enough permissions, something go wrong in any way and you wake up the next day with (choose one)

  • No images in your db
  • All your images replaced
  • Your layout images deleted/replaced – this is for the designers out there:)

I think that this feature wil be most welcomed and it will enhance txp’s security as well as its use as a multi-author platform.


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#3 2009-05-14 12:44:57

net-carver
Archived Plugin Author
Registered: 2006-03-08
Posts: 1,648

Re: Finer grained permissions for images, files, and links?

Wet

Off-topic: Wow! … the 4.09 feature set looks awesome.

On-topic: Although your OP mentions the admin interface, I think this is a useful feature for sites offering a client-area on the public interface. Here, per-client content (either uploaded by, or produced for, each client) must remain accessible to that client alone. This will be a real win for Txp based small business sites IMO, especially with regard to file downloads. There should be no more need to play games with categories to enforce this kind of content protection.


Steve

Offline

#4 2009-05-14 13:27:46

renobird
Member
From: Gainesville, Florida
Registered: 2005-03-02
Posts: 786
Website

Re: Finer grained permissions for images, files, and links?

Wet,

Nicely done.

:)


Tom

Offline

#5 2009-05-14 13:28:14

jakob
Admin
From: Germany
Registered: 2005-01-20
Posts: 4,726
Website

Re: Finer grained permissions for images, files, and links?

Robert, that’s excellent news and would correct the ability to delete or replace other people’s images :-) This would make it possible to have multi-user setups where many authors have their own admin area but contribute to a common site.

I think your suggestion to offer the same level of privs as there are for articles would be a good idea, e.g. image/file/link.list, .delete and .edit, and list.own, delete.own and edit.own (don’t know if .published applies here).

It would also obviate another hack of mine (as the other privs didn’t exist at all I simply restricted one user level to viewing only their own images so the situation of editing or deleting never presented itself).

@net-carver: Off-topic: nice to see you here, Steve.


TXP Builders – finely-crafted code, design and txp

Offline

#6 2009-05-20 10:55:43

wet
Developer Emeritus
From: Schoerfling, Austria
Registered: 2005-06-06
Posts: 3,330
Website Mastodon

Re: Finer grained permissions for images, files, and links?

Feature has landed, and a few new privileges were scattered among the various roles:

  • ‘file.edit’
  • ‘file.edit.own’
  • ‘file.delete’
  • ‘file.delete.own’
  • ‘file.publish’
  • ‘image.edit’
  • ‘image.edit.own’
  • ‘image.delete’
  • ‘image.delete.own’
  • ‘link.edit’
  • ‘link.edit.own’
  • ‘link.delete’
  • ‘link.delete.own’

Please report if this breaks any multi-authored sites’ workflow.

Offline

#7 2009-05-20 11:20:55

FireFusion
Member
Registered: 2005-05-10
Posts: 698

Re: Finer grained permissions for images, files, and links?

What would also be good is to display the author field in the files, links and images tab. Then also be able to call images, files, links by author from the txp tag.

Offline

#8 2009-05-20 11:22:53

wet
Developer Emeritus
From: Schoerfling, Austria
Registered: 2005-06-06
Posts: 3,330
Website Mastodon

Re: Finer grained permissions for images, files, and links?

FireFusion wrote:

What would also be good is to display the author field in the files, links and images tab.

These are displayed when there’s more than one author.

Offline

#9 2009-05-20 11:24:26

joebaich
Member
From: DC Metro Area and elsewhere
Registered: 2006-09-24
Posts: 507
Website

Re: Finer grained permissions for images, files, and links?

Joined this thread a little late but it’s really good news. Thank you Robert. I spent more than an hour last night when I should have been asleep fiddling with the bot_privs plug-in, logging in and out in each role trying to fine tune what the handful of contributors to an Institute’s site can and can’t do. I went off to bed lamenting the inability to protect images and files from the well meaning and enthusiastic excesses of some of them. Reading this thread this morning has changed all that.

Not the same thing, I know, but it would be good to be able to hide individual extension tabs selectively or even the extension tab itself with all of its subordinates. In an ideal world, that would include plug-in tabs that appear elsewhere in the interface, like ign_password_protect’s Manage Users tab under Admin.

Offline

#10 2009-05-20 11:27:46

wet
Developer Emeritus
From: Schoerfling, Austria
Registered: 2005-06-06
Posts: 3,330
Website Mastodon

Re: Finer grained permissions for images, files, and links?

joebaich wrote:

logging in and out in each role trying to fine tune what the handful of contributors to an Institute’s site can and can’t do.

I feel your pain ;-) Two distinct browsers help a lot, as I noticed while I was building this feature…

Offline

#11 2009-05-20 12:04:13

jakob
Admin
From: Germany
Registered: 2005-01-20
Posts: 4,726
Website

Re: Finer grained permissions for images, files, and links?

I’d been watching the svn but not tried it out yet. Just wanted to say thank you!

(Seeing as you are on such a roll at the moment – truly great I must say – may I ever so gently point you to another thread)


TXP Builders – finely-crafted code, design and txp

Offline

Board footer

Powered by FluxBB