Ticket #312 (new enhancement)
FileTreePanel - client-side ACL management for create actions
|Reported by:||adube||Owned by:|
When enabling the FileTreePanel upload and/or newDir features, the buttons are added and you can do any create action for all the listed elements. These elements were created using the "read" action and are assigned to a resource.
The upload and newDir features does "create" actions and currently don't manage ACL rights on the client-side. So, uploading a new file in a directory (linked to a resource) the user only has read access would throw a php error, which wouldn't be smoothly be taken care of on client-side.
The ACL works, but we need make sure the client-side handles the error better OR avoid them. We could :
- add a "create": true / false element in the json returned on read that would be used to toggle on and off the actions, thus avoiding to use them
- handle the ACL calls in the proxy so that they would return smooth JSON errors if the user doesn't have the rights
Other solutions are welcome.