Login or Register

User unable to delete uploaded files

Page: 1
Homepage » Forum Index » activeCollab 0.7.1 / General discussion » User unable to delete uploaded files

RSS IconRecent posts in this topic

avatar
#1
ianpiper on Jun 15. 2007. 12:24 pm
Hi,

I have come across a problem today and would appreciate some advice. I have a user who belongs to a client and I have given him "All" permissions to a particular project. I thought that having all permissions would mean that he would see the "Delete" link when he looks at a file listing. However he does not, and hence is unable to delete files that he has uploaded.

I have not previously seen this because I use the service as admin and to be honest no-one else has ever wanted to delete a file before!

So, can anyone enlighten me?

Thanks,


Ian.
--
avatar
#2
Ilija Studen on Jun 15. 2007. 1:01 pm
Only administrators can delete files (don't ask me why, from some reason it seamed like a good idea back than :) ).

To change that behavior you'll need to hack ProjectFile class and alter canDelete() function (somewhere around line 488). ProjectFile class is defined in:

/application/models/project_files/ProjectFile.class.php
activeCollab team member
avatar
#3
ianpiper on Jun 15. 2007. 5:40 pm
Thanks, that answers my question. I will take a look at the code and see whether hacking it is something I can cope with :-)


Ian.
--
avatar
#4
ianpiper on Jun 15. 2007. 5:47 pm
I just looked at the code. From the comment above the code it seems to be refering to comments rather than files.

/**
* Check if specific user can delete this comment
*
* @access public
* @param User $user
* @return boolean
*/
function canDelete(User $user) {
if(!$user->isProjectUser($this->getProject())) {
return false;
} // if
if($user->isAdministrator()) {
return true;
} // if
return false;
} // canDelete


Am I looking in the right place?


Ian.
--
avatar
#5
Ilija Studen on Jun 16. 2007. 2:33 am
No, it is related with the file (docblock is not correct, most probably I just copied permissions methods from comment class and altered them without changing documentation messages).
activeCollab team member
avatar
#6
ianpiper on Jun 16. 2007. 4:23 am
Excellent, thanks. If I read this code correctly then any project user (isProjectUser is true) would be able to delete files - does that override any permissions that I explicitly set in the permissions window for a user?

(I am assuming that I need just to change the final "return false" in the function to "return true")


Ian.
--
avatar
#7
Ilija Studen on Jun 16. 2007. 4:33 am
No. It means that if user is NOT project user he will not have delete permissions.

If you change final return false; to return true; any user that is member of that project will be able to delete files. That is too lax IMO. Change the function to something like this:

/**
* Check if specific user can delete this comment
*
* @access public
* @param User $user
* @return boolean
*/
function canDelete(User $user) {
  if(!$user->isProjectUser($this->getProject())) {
    return false;
  } // if
  if($user->isAdministrator()) {
    return true;
  } // if
  if($this->getCreatedById() == $user->getId()) {
    return true;
  }
  return false;
} // canDelete


This way person who uploaded the file will be able to delete is as well.
activeCollab team member
avatar
#8
ianpiper on Jun 19. 2007. 8:15 am
That makes good sense. I will update the class file.

Thanks,


Ian.
--
Topic is locked. If you have something important to say about issues discussed on this page please write at hi@a51dev.com.

RSS IconRecent posts in this topic

Homepage » Forum Index » activeCollab 0.7.1 / General discussion » User unable to delete uploaded files