Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-21888

eZOE: Upload location should not include unavailable nodes

    Details

    • Type: Improvement Improvement
    • Status: Confirmed
    • Priority: Medium Medium
    • Resolution: Unresolved
    • Affects Version/s: 4.7.0
    • Fix Version/s: Customer request
    • Component/s: None
    • Labels:
      None

      Description

      Location selector for uploaded images, embed into a XML Block field, doesn't fully reflect restriction policies that have been defined for the current user.

      If, for instance, a user is only allowed to publish images in a subfolder of media/images/ , the Location select box will still include automatic and <node-name> (this) (when the node is being edited.

      Ideally, both locations should be filtered out, if the user doesn't have permissions to create content there.

      Steps to reproduce:
      • edit default policies in order to remove content create image
      • create a folder under media/images
      • specify a new policy with content create image to media/images/<new folder>
      • log in with the user affected by the above role
      • create an object, in content structure, insert an image in a XML Field, verify the list of locations available
        => it includes automatic, which will result in a Forbidden error being returned
      • select a valid location and publish the object
      • edit the object, insert an image in the XML Field, verify the list of locations available
        => besides the referred automatic, the list now includes a <object-name> (this) option, which should also not be available, since the user cannot create the image there

        Activity

        There are no comments yet on this issue.

          People

          • Assignee:
            Unassigned
            Reporter:
            Joaquim Cavalleri (Inactive)
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated: