Editing template in admin area as well as in storefront (for admins only) could be useful feature for those who have some problems with access to the store by FTP/SSH.
At the same time it can affect store security, because those who have access to smarty templates can get any data from your store, in other words it almost the same as access to the php files.
Some admins can forget to set privileges for the restricted admins. Also it is not obvious for most CS-Cart admins how critical access to templates is.
I asked a number of developers and turned out that none of them use this feature. That is why I decided to create this poll.
For those who is not familiar with features I'm talking about, see this documentation, where "File Editor" is actually "Template Editor".
Admin Privileges Refactoring: Get rid of messy root admin, unrestricted admin and restricted admin user types. Only admin with certain privileges should be available [5.x]
so all you need to do is have by default disabled template editing but not removing it for all..
I bet there are plenty of small shops like myself where access to backend have just few to one persons..
Admin Privileges Refactoring: Get rid of messy root admin, unrestricted admin and restricted admin user types. Only admin with certain privileges should be available [5.x]
so all you need to do is have by default disabled template editing but not removing it for all..
I bet there are plenty of small shops like myself where access to backend have just few to one persons..
From one point of view you are correct.
But from another, many store owners do not understand that email templates editing allows admin to get access to database.
But somehow I feel that in between lines question is to remove yet another feature from the package..
In this case you should ask yourself what exactly modern cart should consists of.
I am sure if you check cs-cart feedback, you would find something like "I was choosing cart among competitors, picked cs-cart because its felt most feature rich", so advice would be do not cut the branch you are sitting on..
I don't use either to edit but from time to time I will use the "On-site template editing" just see what files are being used or to see if my added files are in use.
I don't like that we can no longer edit templates through the design templates in the admin panel. It was a great way to edit my_changes and make changes to other addons. It makes it more difficult to make changes to templates and especially use my_templates addon anymore. We new versions of cs cart now none of your addons show up in the templates tab.