User is not permitted to perform this action

Question

User is not permitted to perform this action

Closed this issue 3 years ago · 5 comments

We're trying to create a way to just obfuscate the links but receiving this error when accessed without login. Did a little digging and found out that guest (non-logged in) users has no viewVolume permission. Have already tried requireLogin but its not working. How can we resolve it?

Answer 1 · 2019-08-28T17:13:58.000Z

I'm getting the same issue here. Would love a resolution...

Answer 2 · 2019-08-28T17:42:07.000Z

Got to work by forking the repo and removing this line from src/controllers/LinkController.php.

$this->_requirePermissionByAsset('viewVolume', $asset);

Obviously this allows downloads without authentication which is perfect for our case: obfuscating download links.

Answer 3 · 2021-04-07T23:02:24.000Z

@intoeetive Will you consider making this line conditional on wheather the user is logged in or not? Sometimes all we want is to hide the location of the file and prevent hotlinking.

Answer 4 · 2021-07-08T09:19:50.000Z

@intoeetive ran into the same issue. You have a paid plugin, can we expect a bit more support? Or is this plugin not maintained anymore?

Answer 5 · 2021-07-09T14:05:37.000Z

I am sorry for making everyone wait for so long.

The update has been released with a fix - now asset permissions are only checked if membership is required in any form.