The Toolkit for Online Communities
18821 Community Members, 1 member online, 2017 visitors today
Log In Register
OpenACS Home : Forums : .LRN Q&A : Root folder permissions

Forum .LRN Q&A: Root folder permissions

Icon of envelope Request notifications

Posted by Andrew Grumet on
We've discovered a glitch in root level folder permissions: they can be deleted.  This means a user can delete their My Files folder and a class/community/subgroup admin can delete the root for a class/community/subgroup.  This breaks the various fs-portlets and probably shouldn't be allowed at all.

I've tracked this down to a couple of permission grants in dotlrn-fs-procs.tcl, and on our dev server have removed grants of "admin" privilege, granting "write" instead.

We're testing this now and will report back.

If you have any reason to think that users/admins *should* be able to delete root level folders, can you please post here?