Hello !
I am trying to make sense out of the "upload" functionality of the phoca download plugin which I find great anyway.
I have 1 category. Let's call it CAT1.
I have multiple users: let's take the case of U1.
For the category (CAT1), my parameters are the following :
ACCESS : the group in which U1 belongs (GROUP 1, let's call it)
ACCESS RIGHTS : I don't know what information to provide. I left it blank as I assume I don't need to choose anything as any user from GROUP 1 will be allowed to view this category in order to upload into this category (this is the feature I'm looking for actually)... right ? please, help me understand the difference (between ACCESS and ACCESS RIGHTS) as the description in the documentation is brief and not evocative to a non-developper.
UPLOAD RIGHTS : I selected "all registered users" because I know ACL groups cannot be included in this list (in my wishlist, I would love to be able to select "GROUP 1"), and I also selected "myself" as a possible uploader (as an administrator)
DELETE RIGHTS : here comes the confusing part. I selected nobody because normally, the user who uploads in this category has automatic deletion rights, correct ? And anyway, for this category, many users are going to upload in CAT1, so I don't want to choose one person among 30 who are going to upload in this category.
NOW comes the live testing ...
When U1 uploads a file, then, he is supposed to be able to delete it because he has the rights to. But after uploading the file, the icon "delete" is greyed out, so U1 cannot delete it ... where am I going wrong ?
Moreover, I tried to select "myself" as a possible deleter (when I say "myself", I mean I am a member of the superuser group), but when I login in the frontend, I can neither see the documents published by U1 nor delete them as well ... I am left confused. I know that I can delete - as a superuser - documents in the backend, but what is the point of proposing in the parameters a multiple selection if only the user who uploaded can delete his OWN file ? The multiple selection leads us to think that you can have many people being able to delete the files of one other person ... don't you think ?
Strangely enough, whatever I do (set myself as user in the ACCESS RIGHTS or not), I can still access CAT1 on the frontend ... how come ? normally if I'm not a user allowed in the ACCESS RIGHTS, I should not be able to have access to CAT1 ?? no ?
THANKS A LOT for clarifying all those points as I dearly need this upload function to work.
Fabio
Upload delete & access rights : confusing
- fabio42
- Phoca Enthusiast
- Posts: 81
- Joined: 09 Oct 2018, 16:39
- Jan
- Phoca Hero
- Posts: 48402
- Joined: 10 Nov 2007, 18:23
- Location: Czech Republic
- Contact:
Re: Upload delete & access rights : confusing
Hi, first, in frontend, only users who have rights to do, can manage "their" files (delete, publish). You as administrator can manage such files only in administration.
Difference between Access and Access Rights is, that in Access you can set a group which can access (download) the files but if the group is too general, you can specify it more and select e.g. only one user from this group. So then only one user can download such file. (Access rights extend Access and needs to be set correctly - selected user must be included in selected user group)
Upload and Delete rights are not set automatically. Just imagine that you want, users who upload files, cannot delete these files. If you will suppose, user who uploads the file can automatically delete it, then you will be not able control the delete rights.
So no, when you have upload rights, you don't have automatically delete rights.
See similar post with examples:
viewtopic.php?f=31&t=60991&p=160315#p160315
Jan
Difference between Access and Access Rights is, that in Access you can set a group which can access (download) the files but if the group is too general, you can specify it more and select e.g. only one user from this group. So then only one user can download such file. (Access rights extend Access and needs to be set correctly - selected user must be included in selected user group)
Upload and Delete rights are not set automatically. Just imagine that you want, users who upload files, cannot delete these files. If you will suppose, user who uploads the file can automatically delete it, then you will be not able control the delete rights.
So no, when you have upload rights, you don't have automatically delete rights.
See similar post with examples:
viewtopic.php?f=31&t=60991&p=160315#p160315
Jan
If you find Phoca extensions useful, please support the project
- fabio42
- Phoca Enthusiast
- Posts: 81
- Joined: 09 Oct 2018, 16:39
Re: Upload delete & access rights : confusing
Thanks ! Everything is clear now.
ACCESS is access (right) to download and NOT TO viewing the upload categories in the dropdown menu (of the upload view) !!! I was totally misled because my aim was to ensure that only ACCESS RIGHT users of a special group had ACCESS RIGHTS to one specific upload category.
Top of the top would be :
- the possibility for the administrator to direct the uploaded files to a directory created on the server (for example : /joomla/category1/). This would be so much easier for the administrator to collect all the files uploaded by users in frontend ! (in one bundle, and not by right clicking one by one on each file to get them because this is kind of a hassle when users upload lots of files)
- the possibility to have custom ACL groups included in "delete rights" and "upload rights"
- the option for the administrator to be a deleter on the front end too (an option chosen ... or not)
Keep up this great work ! Your component remains one of the best ones on the market for the moment !
Fabio
ACCESS is access (right) to download and NOT TO viewing the upload categories in the dropdown menu (of the upload view) !!! I was totally misled because my aim was to ensure that only ACCESS RIGHT users of a special group had ACCESS RIGHTS to one specific upload category.
Top of the top would be :
- the possibility for the administrator to direct the uploaded files to a directory created on the server (for example : /joomla/category1/). This would be so much easier for the administrator to collect all the files uploaded by users in frontend ! (in one bundle, and not by right clicking one by one on each file to get them because this is kind of a hassle when users upload lots of files)
- the possibility to have custom ACL groups included in "delete rights" and "upload rights"
- the option for the administrator to be a deleter on the front end too (an option chosen ... or not)
Keep up this great work ! Your component remains one of the best ones on the market for the moment !
Fabio
- Jan
- Phoca Hero
- Posts: 48402
- Joined: 10 Nov 2007, 18:23
- Location: Czech Republic
- Contact:
Re: Upload delete & access rights : confusing
Hi, I have added them to feature request list.
Jan
Jan
If you find Phoca extensions useful, please support the project
-
- Phoca Member
- Posts: 15
- Joined: 28 Mar 2014, 20:00
Re: Upload delete & access rights : confusing
Hi Jan
I concur with the request. As a superuser I would like the option on the frontend to manage any of the uploaded files, not just the files that I have uploaded. I would like to set the permissions for this the same at the other upload/delete permissions.
Thanks.
I concur with the request. As a superuser I would like the option on the frontend to manage any of the uploaded files, not just the files that I have uploaded. I would like to set the permissions for this the same at the other upload/delete permissions.
Thanks.
- Jan
- Phoca Hero
- Posts: 48402
- Joined: 10 Nov 2007, 18:23
- Location: Czech Republic
- Contact:
Re: Upload delete & access rights : confusing
Hi, this is even included in feature request list.
Jan
Jan
If you find Phoca extensions useful, please support the project