I am configuring my permission in my CMS so that certain groups can only edit certain areas of the site. It's going pretty well, but I am hitting one snag. I can restirct the users to only have the Site Content and Files & Images tab, and also to only be able to work in the designated areas. The problem is this, the user(group) is not able to use the image side-panel in the CMS to upload images. Additionally when I created a page type simillar to the StaffList page type in the tutorials the end user is not able to use the "images" tab to upload or change the associated photo. The only way I have been able to give the user these rights is to give them full admin rights, which blows away the rest of my permissions...

Any thoughts!?!?!?!?

HAHA!

I was able to fix it... I used the article at the following link http://open.silverstripe.com/ticket/2769

Basically I had to go to

sapphire/core/model/image.php and make the change below... I don't know why this is set automatiacally... it should be!!!

-----------------------------

The iframe action in the Image_Uploader Controller (File: Image.php) checks the Permission for "ADMIN", which is way too restrictive. A user that has Access to the CMS Main and/or Asset Admin should be able to upload Images via iframe.

If this isn't fixed, Image Upload fields aren't functional for all users that don't have full Admin rights.

Change Line 436 from:

if(!Permission::check('ADMIN')) Security::permissionFailure($this);

to:

if(!Permission::check('CMS_ACCESS_AssetAdmin')) Security::permissionFailure($this);
or similar...

Known bug. In /sapphire/core/model/Image.php, do a search for "function iframe" and change the first line to this:

if(!Permission::check('CMS_ACCESS_LeftAndMain')) Security::permissionFailure($this);