In a project I actually have the follwowing situation. I have a page-type events containing two many-to-many fields, related to assets. Here the editor can select files, that website users can download.
The special thing about this is, that I have two fields, and the one is meant for users with a silver website benefit and the other field for users with gold benefits.
So, depending on the login the website user sees documents depending on his website benefit.
To ensure the privileges I created two folders in the asset manager and set the priviliges (silver and gold benefit).
The permissioning works fine, but the editors have a problem:
When editing and adding assets the assetpicker form control shows the whole bunch of available files. To make it safe for the editors I’d like to restrict the asset-picker to show only information from folders with proper permission. This could be user groups, benefits or similiar.
I think the following enhancement would be helpful:
Currently this is the asset picker control:
<field name="images" control="assetPicker" allowedTypes="image" maxFileSize="0.5" multiple="true" sortable="true" />
It would be cool to add more properties like:
benefitAllow = Show only files in folder with this benefit
benefitDeny = Show only files in folder not having this benefit
userGroupAllow = Show only files in folders with the usergroup the user is logged in
userGroupDeny = Show only files in folders not having usergroup the user is logged in
allowedFolders = Show only files from folders with the following UUIDs (list of folder UUIDs).
This should not only apply to the selection, also to the upload of the file. A file for a silver benefit should only be allowed to upload in folders that contain the silver-benefit.
What do you think about this?