You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Editing files now requires the FILE_EDIT_ALL permission, unless other permissions are set (e.g. giving access to certain groups). I consider this a regression from 3.x, and a default that doesn't make any sense. It leads to further confusions like @kinglozzer looking at the ownership of a file for permission control (comment).
We should mention this in the 4.0 and 4.5 upgrading guide, and change the default Group->requireDefaultRecords() to add this permission for new installs.
In 3.x, access to the assets section (
CMS_Access_AssetAdmin
) or the CMS (CMS_Access_LeftAndMain
) was enough to edit files. Which meant the default "Content Author" group could edit all files, which makes sense. See https://github.com/silverstripe/silverstripe-framework/blob/3/filesystem/File.php#L338In 4.x, we've significantly increased the complexity of the file permission model (see file security makes no sense and docs update.
Editing files now requires the
FILE_EDIT_ALL
permission, unless other permissions are set (e.g. giving access to certain groups). I consider this a regression from 3.x, and a default that doesn't make any sense. It leads to further confusions like @kinglozzer looking at the ownership of a file for permission control (comment).We should mention this in the 4.0 and 4.5 upgrading guide, and change the default
Group->requireDefaultRecords()
to add this permission for new installs./cc @tractorcow @sminnee @dnsl48
The text was updated successfully, but these errors were encountered: