I have a site where every user gets their own context. I am experiencing issues with them uploading files. They should only be allowed to upload to their own context/media source, but currently they can upload anywhere.
The users can see only their own context and resources, so thats great. They can upload files successfully, so thats great. On their page they can use a template variable to upload a profile photo. The problem begins with the media browser because they are allowed to view and upload all the other hidden contexts.
I’ve been playing with the ACL (access control list) and media sources but I’m hitting a brick wall here.
Any suggestions, things to look into would be great. Thank you in advance