Forum
Assets, buckets and user roles
I've just upgraded a site (locally in case of potential issues) from version 2.3.2 to 2.6. The introduction of assets has thrown up such an issue. The site includes gallery pages (using a jQuery plugin) for several artists. I have Users and Roles set up so that individual artists can only upload to their own gallery page. I've created individual templates so that each users images are uploaded to their own bucket.
The upload process works. The problem is that all images in all buckets can now be accessed by anyone via the filter options. Although I have no worries about the integrity of the users, and the process is usable, there is now the possibility of one user accidentally deleting or interfering with another's work.
Is there a way to limit a user's access to images in their own bucket? Maybe by disabling or removing the filter options?
I'm happy to copy and paste or comment out php, but not up to writing my own.
There's not currently a way to limit a user to a bucket.
Ok. How about hiding the assets filter options, perhaps using display:none in the css for the manage content page?
By default only the users bucket images display, so removing/hiding the choices would solve the problem albeit in an inelegant way.
Or would that cause problems elsewhere?
There's no option for that either. Perch doesn't have what you're looking for.
Ok, Thanks Drew. Are there any potential problems you're aware of in continuing to run the 2.3.2 version ( which does the job perfectly) for this site, assuming I don't need to add new Perch features.
I'm using it for image uploads some text editing and nothing else.
This is never a feature that Perch offered.
What I was trying to ask (obviously not too clearly), was if continuing to run an old version is safe.
Hi Alan, if 2.3.2 works for what you're wanting to do I would stick with that.
There's not normally a "need" to update Perch unless something you are using it for has a problem that has since been updated or you think that features from a newer version would be useful for the site.
If there was an update which fixed a security issue I'm sure Drew and Rachel would be very vocal about people needing to upgrade.
Thanks Tom. I shall stick with 2.3.2.