Opened 12 years ago
Last modified 12 years ago
#312 new enhancement
FileTreePanel - client-side ACL management for create actions
| Reported by: | adube | Owned by: | |
|---|---|---|---|
| Priority: | major | Milestone: | 1.8.0 |
| Component: | widgets | Version: | |
| Keywords: | Cc: |
Description
When enabling the FileTreePanel upload and/or newDir features, the buttons are added and you can do any create action for all the listed elements. These elements were created using the "read" action and are assigned to a resource.
Issue
The upload and newDir features does "create" actions and currently don't manage ACL rights on the client-side. So, uploading a new file in a directory (linked to a resource) the user only has read access would throw a php error, which wouldn't be smoothly be taken care of on client-side.
Solution
The ACL works, but we need make sure the client-side handles the error better OR avoid them. We could :
- add a "create": true / false element in the json returned on read that would be used to toggle on and off the actions, thus avoiding to use them
- handle the ACL calls in the proxy so that they would return smooth JSON errors if the user doesn't have the rights
Other solutions are welcome.
Note:
See TracTickets
for help on using tickets.
No patch, pushed to 1.4.