Hello - I'm trying to hide the Files and Images tab from our users because I can't allow them to delete other user's files or replace them (we can put group sharing and mapped drives behind the scenes for a work-around).
I can't use Hamish's Secure Files because we are running on IIS7 (the job states that I do). When I create a ROLE (or even if I don't use Role), I give them "Pages" access but do NOT check the FIles and Images. It doesn't matter.... when that user logs in, they see it - and have full control. I did upgrade from 2.3 - could this be the problem?
How does everyone else in a CMS enviornment control the Assets folder - this seems like a pretty big deal for me and it shouldn't be up to Hamish and his team to come up with a solution. This should be at the base level of any CMS (... or am I crazy?)
Help - we go live month - and I'm getting a little nervous with the boss(es) asking me about Security related issues....
Ugh...