Users can see upload destinations they don't have access to and get an inaccurate error when uploading #1651
Labels
Bug: Accepted
Bug has been confirmed, is reproducible, and ready to work on.
I have an upload destination only admins can upload to. When a non-admin uses a field that allows uploads to any destination, they can see the forbidden destination in the dropdown within the dropzone. (The dropdown associated with the "upload new" button correctly hides it.)
When they try to upload a file to the forbidden destination, they get the following message:
Unexpected error. Check your post_max_size setting in your PHP configuration.
The text was updated successfully, but these errors were encountered: