Intelligent Upload (add) button in front end

ColinM · 03.06.2014 00:11:49

Arno
If a user clicks on the Upload button but does not have create permission then the very annoying "Error You do not have permission to create a new download." message appears. It would be better if the code that displayed the upload button checked if user had create permission and only displayed the upload button if create was allowed.
Presently there appears to be code like below that checks if allowed in Config and if not then it replaces placeholder with null - this could be extended to check on access rights for users group.

Code Select


        if ($jlistConfig['frontend.upload.active']) {
            $header = str_replace('{upload_link}', $upload_link, $header);
        } else {
            $header = str_replace('{upload_link}', '', $header);
        }

Colin

elpaisa13 · 13.07.2014 19:39:41

Hi, nice to suggest the same option is elemental to the privacy of the site.

One suggestion I would add the option of "uploads" is a progress bar

I've been waiting for this option in the front end for many versions and is fundamental to know how it's gonna rise somewhat novice users if they see nothing to guide them just cancel the file upload

Arno · 23.07.2014 12:49:23

Hi Colin.

QuoteIt would be better if the code that displayed the upload button checked if user had create permission and only displayed the upload button if create was allowed.

Is done in 3.2.10.

Hi elpaisa13,

QuoteOne suggestion I would add the option of "uploads" is a progress bar

Sorry but it is not easy to find here a good solution which worked in a good coorperation with the main upload form.

carin · 11.08.2014 01:16:43

Quoteonly displayed the upload button if create was allowed

QuoteIs done in 3.2.10.

10/10 !!!

For the upload progress bar: http://www.sitepoint.com/tracking-upload-progress-with-php-and-javascript/
Use this tut in conjuction with bootstrap and you get a killer UI.

Arno · 11.08.2014 13:04:21

QuoteFor the upload progress bar: http://www.sitepoint.com/tracking-upload-progress-with-php-and-javascript/
Use this tut in conjuction with bootstrap and you get a killer UI.

But also this seems not to be perfect. See notes about FastCGI and other problems like Nginx servers. It also won't work in PHP 5.3 or earlier
http://de2.php.net/session.upload_progress

carin · 23.08.2014 00:15:08

The "intelligence" in the upload button does not work for me, the 3.2.11 update still displays the upload button on all the categories as soon as the user has some upload permissions even though not for this category. Am I missing a setting?

cheers

EDIT: I double checked and can confirm the parent categories displays the upload button too.

ColinM · 23.08.2014 21:48:31

Carin
Think this works on View Access level. So if user can see the Category and also has Create permission in the user group with highest ranking then it should allow the button to be seen. I will check with further examples over the weekend.

Colin

carin · 23.08.2014 22:04:01

This is very confusing. Why are Permissions and Access tied together? These are utterly different things - just because a user has create permissions for a one category does not mean he should be able to create in a different category just because he has the Access Level for this other category.

ColinM · 24.08.2014 01:05:31

Carin
This is to do with user groups. When a user belongs to multiple groups there is no way in Joomla of knowing which one is the most significant one. Some core Joomla developments seem to be looking intoo resolving this one to many dilemma.

So jD has user group rankings to determine which set of permissions should apply. One criterion is that the highest ranking group to which the user belongs should have create permission for that category.
It is also sensible that in order to be able to create in a category then that category should be viewable.

It maybe that the code is not yet correct. In fact I have a case where a user is seeing categories that have Registered View Access but the user is not in the Registered group.

All I am trying to clarify is that it does not just depend on the permissions. There must also be view acces.
That having been said then if the user does not have create permission in their highest ranking group for a category then they should not be able to create either downloads or subcategories in that category. A problem does occur if there are several groups with the same non zero ranking. No doubt in time jD will check for that. Also jD is meant to ignore user groups with zero ranking, this might not be perfect yet.

Joomla ACL was designed so that the only required user group was Public and that there was at least one group with all permissions. The user group names like Manager, Registered, Publisher and so on were only kept to simplify migration from J1.5 to what was J1.6

Colin

jDownloads Support Forum

News:

Intelligent Upload (add) button in front end

ColinM

elpaisa13

Arno

carin

Arno

carin

ColinM

carin

ColinM