File entity update is allowed only for user who has uploaded the file

Created on 27 May 2024, 7 months ago

Problem/Motivation

FileAccessControlHandler does not check permission in case of update using the standard permissions of "edit any files" and "edit own files". Instead it's hardcoded to check for the user who has uploaded the file.

Steps to reproduce

Proposed resolution

The FileAccessControlHandler should check for file edit permissions in the standard way.

Remaining tasks

1. Create new permissions "edit any files" and "edit own files"
2. Adjust the FileAccessControlHandler to respect the assigned permission.
3. Adjust relevant test cases.

User interface changes

API changes

Data model changes

Release notes snippet

🐛 Bug report
Status

Active

Version

11.0 🔥

Component
File system 

Last updated about 8 hours ago

Created by

🇮🇳India sukr_s

Live updates comments and jobs are added and updated live.
  • Novice

    It would make a good project for someone who is new to the Drupal contribution process. It's preferred over Newbie.

Sign in to follow issues

Merge Requests

Comments & Activities

Production build 0.71.5 2024