We already use Umbraco CMS and I'm looking at Forms as a replacement for our current forms system.
I've found a couple of things which I think are limitations of the product, but I'd like to check I'm not missing something before putting anything on the issue tracker.
File uploads
If I use the file upload field type, the file gets uploaded into /media/forms. That's a publicly-accessible URL, so the only protection for what might be very sensitive data is that the URL is hard to guess - not good enough. Workarounds to save it somewhere more secure might be to use a separate instance of Umbraco that secures /media, or reroute any uploads starting /media/forms somewhere else in an IFileSystem.
Accessing the data
If I want the owner of a form to log in to Umbraco and view the data coming in, I can limit their access to just that form, which is good. However it appears I have to grant them "Manage forms" access, which gives them the ability to change or delete the form - not good. We would definitely want form design to be a separate role from data processing. The workaround would have to be to design a secure API that gets the form data and presents it elsewhere outside of Umbraco.
Protecting uploads and form editing
We already use Umbraco CMS and I'm looking at Forms as a replacement for our current forms system.
I've found a couple of things which I think are limitations of the product, but I'd like to check I'm not missing something before putting anything on the issue tracker.
File uploads
If I use the file upload field type, the file gets uploaded into
/media/forms
. That's a publicly-accessible URL, so the only protection for what might be very sensitive data is that the URL is hard to guess - not good enough. Workarounds to save it somewhere more secure might be to use a separate instance of Umbraco that secures/media
, or reroute any uploads starting/media/forms
somewhere else in anIFileSystem
.Accessing the data
If I want the owner of a form to log in to Umbraco and view the data coming in, I can limit their access to just that form, which is good. However it appears I have to grant them "Manage forms" access, which gives them the ability to change or delete the form - not good. We would definitely want form design to be a separate role from data processing. The workaround would have to be to design a secure API that gets the form data and presents it elsewhere outside of Umbraco.
is working on a reply...