Thread

Hello gang,

After upgrading sites to 2.2.1, I noticed that member groups allow to publish need to be granted access to the file manager in order to be able to post files.

If that permission is not granted, they get a weird unauthorized access message in the upload modal (see screenshot).

This behavior is not coherent with what existed in 2.1.3 and I was wondering if this is something you wanted to enforce as a feature or if that is a small bug. Call me paranoid, but I would prefer to be able to grant user the right to upload files through the publish / edit screen and modals _without_ granting them access to the file manager ;o)

Cheers,

Jérôme

Hi, Jérôme.

That is a bug, I’ll be logging it in a few minutes. Thanks for reporting this.

Edited to add:
To fix this problem, do the following:

Make a backup copy of system/expressionengine/controllers/cp/content_files_modal.php

Edit /system/expressionengine/controllers/cp/content_files_modal.php
look at line 36
Change it from

if ( ! $this->cp->allowed_group('can_access_content', 'can_access_files'))

to

if ( ! $this->cp->allowed_group('can_access_content'))

Just a quick caveat: EE will still respect upload directory restrictions. If you don’t have access, EE won’t show it.

Does that help?

Bug report filed.

Hey Sue,

Thanks for the bug fix posting and the quick fix.

I think I’ll wait for the next release on this one rather than hacking core files. Have very good/capable users for most sites and I can trust them with having access to the file manager for the time being. I gave them a quick training to avoid important issues + paranoid backup plan in place ;o)

Glad to know you guys are on it and that it will be ok for the next release.

Hi, Jérôme.

Sounds good to me. I’m assuming the initial posting is yours as well. If anything else comes up, please do let us know in a new thread..