Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ENH Check canViewFile permissions before automatically grant access #517

Conversation

sabina-talipova
Copy link
Contributor

Description

Add condition to check if user has access to view the file and only then give him a session grant access to the file.

Parent Issue

Copy link
Member

@emteknetnz emteknetnz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's some broken unit tests in CI - however they relate to this #518 (comment)

Did you identify any content editing experiences that are likely to break because of this change?

src/File.php Outdated
Comment on lines 896 to 898
if ($this->File->canViewFile()) {
$grant = true;
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if ($this->File->canViewFile()) {
$grant = true;
}
if (!$grant && $this->canView()) {
$grant = true;
}

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any reason why we'd use $this->File->canViewFile() over regular $this->canView()?

We should also perform a !$grant check first to prevent unnecessary logic

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DONE

src/File.php Outdated
Comment on lines 914 to 916
if ($this->File->canViewFile()) {
$grant = true;
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if ($this->File->canViewFile()) {
$grant = true;
}
if (!$grant && $this->canView()) {
$grant = true;
}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DONE

@sabina-talipova sabina-talipova force-pushed the pulls/2/session-grant-file-access branch from cd8ff01 to 31902b2 Compare September 29, 2022 22:04
@sabina-talipova sabina-talipova force-pushed the pulls/2/session-grant-file-access branch from 31902b2 to 79c394a Compare September 29, 2022 22:11
@emteknetnz
Copy link
Member

@sabina-talipova Did you identify any content editing experiences that are likely to break because of this change?

@sabina-talipova
Copy link
Contributor Author

@emteknetnz , I did a few tests in Page section, Submission section on UserFormPage and Files section. And I also tested DRAFT content on Published and Unpublished pages. I haven't found any problem with Content or UI.
If user has "Access to Page section" he will have an access to the File.

@emteknetnz emteknetnz merged commit a730c06 into silverstripe:2 Oct 3, 2022
@emteknetnz emteknetnz deleted the pulls/2/session-grant-file-access branch October 3, 2022 21:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants