A use case where the files directory can be considered user generated content; the drupal site may want to save configuration options such as avatar_selection into a theme. For this use case it makes sense to have path for where the avatar_selection images are stored as a configurable option. This patch just wraps the "file_create_path" functions with a "variable_get" (avatar_selection_override_path) to see if there is an override directory. This is a rough start that provides a lot of flexibility to site developers specifically. (Ultimately I could see this as also being a "read-only" admin option to specify the path explicitly...).

Please see attached patch.

CommentFileSizeAuthor
#5 avatar_selection-variable_path-905930-5.patch6.93 KBpdrake
avatar_variable_path.patch4.75 KBchristianchristensen
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

stella’s picture

stella CreditAttribution: stella commented
Status: Needs review » Closed (works as designed)

I'm not willing to add this functionality. Modules in drupal should only ever write to the files directory. They should never write to modules, themes or other directories. This is to prevent them from overwriting or deleting drupal or system files.

christianchristensen’s picture

christianchristensen CreditAttribution: christianchristensen commented
Status: Closed (works as designed) » Needs work

One question I have to this is: what if your "avatar selection" images are provided by your theme (in the use case of attempting to separate user generated content from the application content)? In this instance would this patch be acceptable, but where uploading/deletion from the admin UI would be disabled for the override directory (outside of the default/files). My thought would be that you could scan the directory that has been directed to by the variable so that the module could register the images, but there could not be an upload.

Again the motivation for this patch was to keep our site configuration (application layer content) separate from our user generated content on the site. This also affords a way to deploy updates to the images for avatar selection without having to interact with the default/files directory.

lelizondo’s picture

lelizondo CreditAttribution: lelizondo commented

I think this is a good idea, in my case, I'm using this module with a make file and it would be nice to just download some avatars and drop them in sites/all/libraries/avatars or include them with a theme.

stella’s picture

stella CreditAttribution: stella commented
Status: Needs work » Closed (won't fix)

No this is still a bad idea. If it wasn't possible for users to upload to the directory, then fair enough. However, this module allows admin users to upload files to that directory and so allowing it to be outside the files directory is not a possibility.

pdrake’s picture

pdrake CreditAttribution: pdrake commented
Status: Closed (won't fix) » Needs review
FileSize
avatar_selection-variable_path-905930-5.patch6.93 KB

This patch provides the same functionality, but disallows uploading if the path is overridden.