22 Oct
2005
22 Oct
'05
3:59 p.m.
I think the 'upload files' permission is redundant with the settings for which content types have attachments enabled and permissions for who can create those content types.
Not always. As an example, one of my sites is a conference site, where users can submit abstracts of presentations and posters. Every logged in user can create an abstract, but they can't upload attachments. However, when a member of the scientific committee, who reviews the abstracts, rejects an abstract, he can upload pdf's of related articles to illustrate his suggested changes to the abstract. When the author has rewritten his abstract, only members of the committee are allowed to delete the pdf's prior to approving the abstract.