Issue with restricted users, groups and filemounts #40
Assignees
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi there,
I was trying to implement your extension in a customer project with 5 sites in one TYPO3 system.
Each site has its' own admins with own user groups.
I restricted access to the user group of the respective site admin.
Each is user should be able to edit / create new users and edit / create backend groups.
I stumbled over two problems:
The restriction does apply correctly to all users, belonging to the selected backend user group. The problem is that although you can create new backend user groups (if given the permissions) you cannot select them for existing or new users, as they are not selected in the backend user group restriction.
Secondly, all existing file mounts can be selected for backend users and groups. Even though the backend user group restriction should be in effect.
Furthermore when creating a new filemount you cannot select any directory and even worse if you edit an existing filemount, which does not belong to the users' group restriction, you can change the folder to any folder which belongs to the users' group restriction.
So you can change file mounts which you shouldn't even be able to see.
I am not sure if this extension was ever intended for such a use case or if I am just making mistakes here.
So please bear with me. ;)
Kind regards
Sven
The text was updated successfully, but these errors were encountered: