Forum OpenACS Q&A: new-file-storage FS_FILES versus FS_VERSIONS

There is something irregular with the permissions at new-file-storage.

1.) It starts with new-file-storage.sql:
insert into general_permission_types (
) values (
file-storage.sql has FS_VERSIONS to insert into general_permission_types...

2.) When you do a "grep FS_FILES *" on /file-storage you get zero results. Sure they are all FS_VERSIONS

But on /new-file-storage you get results with FS_VERSIONS and FS_FILES on a grep.

Should you change all the FS_FILES into FS_VERSIONS or vice versa?

I haven't really bothered with general-permissions yet, but this looks weird...

Posted by Ben Adida on
No, this is meant to be this way. Permissions scoped to
versions makes no sense. Permissions scoped to files makes
sense. That's why the change was made.
Posted by David Kuczek on
In order to get the correct result you have to make a little change in search.tcl then:

LINE 80: and    user_has_row_permission_p ($user_id, 'read', v.version_id, 'FS_VERSIONS') = 't'

has to be changed into

and    user_has_row_permission_p ($user_id, 'read', f.file_id, 'FS_FILES') = 't'

I will commit that to SDM...

I don't agree with ben that scoping permissions to versions makes no sense. Here is the classic scenario: I collaborate on a document with someone, and we store versions in the file-storage system. Our draft versions contain inline comments that include things that we would just as soon keep private. Once we have a final draft, we give it world readable permissions, and can sleep knowing that our draft comments won't get shared with the world.

that being said, it does at complexity and opportunity for screwing up.


Posted by Ben Adida on
Carl, that is a fair point. The problem is that the file-storage
system is so far from usable that the activity you're talking about
seems significantly less likely than the idea of just sharing files
with a certain number of people. The interface isn't even set up to
hide versions you can't read (why would you need to see the
existence of old versions that you can't access?).

Anyhow, this is a rather moot point. File-storage was rather bad.
New-file-storage is a tad better. Unless someone is really
motivated to work on this 3.x version, I think we should focus on
making the 4.x version significantly better, starting with a better
idea of what this module is supposed to do.