unauthorized message on all protected links

[Melisssa]

Hey,

I updated to the latest version and now all the protected links show an "unauthorized" message that says "you are not allowed to access this file".

It was working perfectly before the upgrade.

Thanks

[intoeetive]

@Melisssa what is the template code you're using?

[Melisssa]

{{ craft.protectedLinks.link({assetId: files.id, inline: true, members: [1,2,10]}) }}

[intoeetive]

@Melisssa I'm unable to replicate this.

Can you confirm you are logged in and your ID is one of the listed (1, 2, 10)?

[Melisssa]

I was logging in as 10.

I noticed if I log in as 1 or 2 (admin group), the links do work. I added another user (237) which is in the editor group and that also works.

10 is not in any group - they do not have access to the CP. 10 does not work.

This user logs in only on the front-end and accesses a member area that has these links. This was all working before upgrading.

[intoeetive]

I tested again with the member that is not in any group, however did not get any error (I had to make sure the individual member has "View volume" permission for assets folder though)

If you turn the dev mode on, what is the exact line / piece of code that throws an error?

[samuelbirch]

I'm getting the same error.

It appears that the checkPermission is using the volumeId when it should be using the volume->uid. (thats if you are using the project-config i guess?)

if (!Craft::$app->getUser()->checkPermission($permissionName . ':' . $asset->volume->uid)) {

[intoeetive]

@samuelbirch what Craft version are you running?

[samuelbirch]

3.7.13

[samuelbirch]

i see you've already fix it in 0.0.4. - I'm on 0.0.2 and quickly checked the change log. - Saw there was no updates so assumed i was on the latest. - didn't check the tags. - doh!
:)