Editing problems with user in back end in RC3

[bd8k]

Hello

We manage a Phoca Download 2.0 RC3 installation with a lot of categories documments and users

I have no problems giving Upload Right to the categories, the user form backend can acces and create new documents, but when a user from the back end wants to edit a document got a "Save not permitted", due to the fack that the field owner is empty in the database I tried to fill it, with the user id, beacause it has edit own permision, but recive the same error, I really don't know how to fix this I have to change anything in the edit .tpl of the component so It check the ownership? or to assign permission by file?

thanks for the help

[Jan]

Hi, check if the user in administration has rights to save items.

Jan

[bd8k]

Hi i don't find the save item option , the permisions in phoca download for the user are

• Configure Not Allowed
  Access Component Allowed
  Create Allowed
  Delete Not Allowed
  Edit Allowed
  Edit State Not Allowed

The global permissions for the user are

• Site Login Allowed
  Admin Login Allowed
  Super Admin Not Allowed
  Access Component Not Allowed
  Create Not Allowed
  Delete Not Allowed
  Edit Not Allowed
  Edit State Not Allowed
  Edit Own Allowed

With this configuration a backend user that can access the component and create files can't edit it even if he create the item maybe because the owner filed in the table jos_phocadownload and don't exist in the jos_phocadownload table.
What are the changes to the .php files that I may do to make the File and Category form check that the user is the owner so he can edit it and save the ownership of the categories and files?

[Jan]

Hi, there are two types of rights - backend - you can edit files and cateogries if you have "edit" rights (then you can save). These are Joomla! related rights.

Phoca Download rights are set for frontend uploading - you can set it in edit of category.

In administration, there is no check if the user is owner of the files. In Joomla! you have some specific rights, e.g. to manage files, if you have such right, you can manage all files.

Jan

[einfallsreichtum]

Hi,

I'm facing the same problem as bd8k.
My User has all possible rights within the phoca Dowload Component AND Edit-rights in the global joomla config.
Still the user can't save any Categories or files. He can open those, but when trying to save there's always the error: "Save not permitted"...
Any ideas why this keeps happening?
Thanks
Dan

EDIT: By giving the User "Edit-rights" in the global joomla config, the user can edit ANY content, from any joomla category or component. That seems to be inconvenient. Isn't there a possibility to give editing-rights just for the phoca download component?

[SonRiab]

Open the options in the control panel of PD and there you can edit the permissions for the component.
For example it is possible to create a group (users->groups->new) which can only access the PD component.
Please check the related group permissions in the options dialog of the PD component too. =)

[einfallsreichtum]

Hi SonRiab,

in fact I already did all the steps you mentioned above. I'm running my site with several different usergroups with various access right for the different components. All of those components seem to work, just PD is out of the usual.
The User has all right I'm able to give in the PD control panel, as I mentioned above.
Still it's not working. Thanks for your help.

[SonRiab]

Strange!
This error indicates that the user has no permission to edit an item.
This error can occur when an user want to edit an item which a super user has created or if the user has no rights to edit at all (as far as I can say it by looking up and understanding the code! ).
This check is done by Joomla itself!

[bd8k]

Hello

I think we Isolate the problem, We check database and the forms that save the Categories and the files in back end, the forms doesn't check the ownership of the files or the permission of the categories in back end.

I'm not an expert in php so I really don't know how to incorporate the joomla ACL in the component, but I think we can use the fields of owner in the phocadownload table, and the uploadright field in the category table so the forms can check if the user can edit create or delete files in backend wihout using the ACL by itself.

Any one can tell me which php files I must change to solve this, so I can use that fields that exist to control the uploading in front end to control in back end?

[SonRiab]

The permission check is done by the Joomla core automatically!
The PD forms are child-classes of a parent Joomla-core class and this parent class is doing the check.