Opened 19 months ago
Closed 17 months ago
#4086 closed Feature Request (fixed)
Add container group ACL to access options for embedded files
| Reported by: | mrclay | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | Elgg 1.8.2 |
| Component: | Embed | Version: | 1.8 |
| Severity: | minor | Keywords: | |
| Cc: | brett@… | Difficulty: |
Description
Embedding an image in a group-contained object's description field results in a file owned by the uploader and contained by the uploader. This is appropriate, however a user may want to make the image only accessible by group members (and in the case of arbitrary group items, this might be a good default).
Currently, the containing group ACL is not available in the access list for the uploaded item; the uploader has to make the image accessible to at least all logged in users to have it visible by group members.
I understand that, typically, user-contained items should not have groups in their access dropdowns (to avoid cause confusion), but I think this is a use case for an exception.
This seems like a messy problem to solve, but I thought I'd document it anyway.
Change History (3)
comment:1 Changed 18 months ago by cash
- Component changed from Core to Embed
- Milestone changed from Needs Review to Elgg 1.8.2
comment:2 Changed 17 months ago by cash
My solution puts the file in the group rather than putting in the user's container. Any arguments against that?
comment:3 Changed 17 months ago by Cash Costello
- Resolution set to fixed
- Status changed from new to closed
Fixes #4086 handling containers for embed uploading
Changeset: 3d8ca76d4b8b9e69a92f5f5b034609b410c9ee8c
Best solution is probably to pass the container guid to the embed plugin so that it properly sets the page owner. Once that is done, it should be easier to set the access list and anything else that may be group specific.
I'm setting this to the 1.8.2 milestone as it would be nice to add this early on with Elgg 1.8