I’ve created a user group which I set to “read only” regarding a specific collection. A user belonging to this group should only view the list of assets. However if he selects one of them, even if he’s restricted from editing, he’s allowed to take actions like “Send via email” or “Upload to FTP Server”. Long story short, he has access to the file. (a)
In addition, If he selects to put an asset to his basket and open it through the bottom tab, he automatically gets full access on it even on the system. Take a look at the following screenshot. He can edit its metadata or even delete it! (b)
So, I don’t think this is normal behavior…
We need to restrict a user from accessing the files (or edit them) before he make an order, which we need to approve first, before hes gonna be able to download anything. Can we achieve this using Razuna v1.7?
Thanks for your time.