Problem with setting Category Upload Rights

[vtpages]

Hello, Jan, hope all is well! And greetings to everyone, from New Jersey in the USA. When I am editing a Category in Phoca Download, in the General Options tab there are three fields: Access Rights, Upload Rights, and Delete Rights. Under Upload Rights (as well as Delete Rights), I put the name of a user who will be administering documents from the front end. They logged in to the front end, chose that Category, and uploaded a new document through the front end. However, an error message appeared at the top of the page, stating that they were not authorized to upload the file. I logged into the backend, removed their username from the Upload Rights field, and instead chose "All Registered Users". They repeated the process, but this time they WERE able to upload the file.

I do NOT want just any registered user to be able to upload documents. Am I using this feature incorrectly? If they were specified in the Upload Rights field, shouldn't they be authorized to upload documents from the front end?

Thanks.

[Jan]

Hi, hmm, when you set your name there, e.g. as super user, are you able to upload?
When you change the Phoca Download - Options - General - Access Level - Registered Users - add the groups of the users there, do you get still the same problem?

Jan

[vtpages]

Jan, access level there was set to "Special" so that only authorized users (in this case, our client, who has a Publisher type of account) could upload files to the site. Are you saying that it should be set there to "Registered" in order for a Publisher class user to be able to upload from the front end? Won't that permit mere Registered users to upload files then?

[vtpages]

Jan, I've experimented with various different settings for the Upload Rights, but the only thing that is working is to set the Upload Rights for each Category (and there are many) to "All Registered Users". As long as there is no front end User Menu item to Phoca Download, is it safe to do it this way for all of the Categories? Or will that permit all Registered Users to upload files?

[Jan]

Hi,
if you set "Registered" to Phoca Download - Options - General - Access Level - Registered Users (GENERAL OPTIONS) and you don't set any value in CATEGORY for:
- upload rights

then user will be not able to upload in this category. Example:

OPTIONS:
Access Level - Registered Users
CATEGORY:
Upload rights - -

-> nobody can access it

OPTIONS:
Access Level - Registered Users
CATEGORY:
Upload rights - Super User

-> only super user can upload.
Jan

[vtpages]

Yes, Jan, I understand that. Options > General > Access Level is set to Registered (previously, it was set to Special, with the same problem). The user in question is a Manager. They are specified in the Category under Upload RIghts. Yet that received that "not authorized" message. They can upload successfully only if the Upload RIghts for the Category is set to "All Registered Users" - that is what the problem is.

[Jan]

Hi, in "upload rights" you can set specific users, so if you set "all registered users", manager can upload. To have option - only specific user - manager - can upload, you need to set directly the specific user for upload rights

Jan

[vtpages]

Yes, that is what I am telling you, Jan: we had it set to only that specific user for Upload Rights. But when they try to upload, they receive the "not authorized" message. It is ONLY when we set the Category Upload Rights to "All Registered Users" that they are unblocked and are able to successfully upload. That is the problem.

So, if the only way for it to work is to set the Upload Rights to "All Registered Users", is that safe to do? There will be no navigation menu for Registered Users to upload....so would that be safe to do?

Ideally, we would be able to set the Upload Rights to JUST that one Manager user; but again, it simply is not working.

Thanks, as always!

[Jan]

Hi, this is not safe, as not registered can upload then. Yes, there will be no direct link, but the form will still be accessible.

No, it is not normal. When you set that some specific user can upload, he should be able to upload. I am testing now and get no problem there. User who does have upload rights, can upload.

So maybe there will be still the problem with access to the upload form and this should be set in Access Level - check if user who is selected for upload rights does belong to user group which is set as registered users in Access level parameter in Options.

Jan

[vtpages]

Jan, this issue was never resolved. And now we are having the exact same problem on another site. The specific user (in the Administrator user group) is authorized to upload to the Category, but yet receives the message: "File not uploaded. You are not authorized to upload file." As far as I can see, we are doing everything correctly. Can you help? Thanks.