Resolve "Check authorization for media downloads"
Implement download auth check for files (grouprise.features.files
) and images (grouprise.features.files
). See the packages' {urls,views}.py
. File access is restricted based on the usage of the file. Image access cannot be restricted usefully, as images might be used anywhere in texts (and we cannot find out with reasonable effort). Nevertheless we have control over image access now and might want to utilize it in the future.
@lars, do you want to resolve the following issues now?
-
Configure nginx reverse proxy optimizations upon deployment - Leave old files accessible under current URL, hide new files:
-
@robert modifies the upload_to
field of the image fields- new images will be stored in a different sub-directory of
/media/
- old images will not need any additional tagging - they can be retrieved just as before
- new images will be stored in a different sub-directory of
-
@lars will add an nginx directive for preventing these sub-directory from being reachable externally
-
Closes #740 (closed)
Edited by Robert