Draft: Resolve "Check authorization for media downloads"
Implement download auth check for files (grouprise.features.files
) and images (grouprise.features.files
). See the packages' {urls,views}.py
. File access is restricted based on the usage of the file. Image access cannot be restricted usefully, as images might be used anywhere in texts (and we cannot find out with reasonable effort). Nevertheless we have control over image access now and might want to utilize it in the future.
@lars, do you want to resolve the following issues now?
-
Configure nginx reverse proxy optimizations upon deployment -
Leave old files accessible under current URL, hide new files
Closes #740 (closed)
Edited by Robert