I have a question regarding Ruby on Rails. I'm currently use a gem called Paperclip to allow me to upload files.
My question is the files uploaded go into the /public which is easily accessed from anyone. How do I go about hiding the files uploaded? And only allowing the correct user to download the file?
I'm not interested in hiding a link from someone. But am interested i开发者_如何学运维n the fact that someone must be logged in, to download the file.
Thanks.
Edit -- http://rdoc.info/github/thoughtbot/paperclip/master/Paperclip/Storage/Filesystem
I still don't get how I'm to secure the files in the backend?
You can handle this security problem by many ways.
Here is the one I propose to you.
You upload you files using Paperclip. The files will be stored into a directory on which your deny the access from the browser.
During the upload, you will store the information of the file into a table on your database server.
You will create a Controller to List and Download your files. You could check if a user can access or download the file by checking his rights.
When you would like to start a download, you will use send_file to force the download and by hidden the real path of the file.
Example :
@filename ="#{RAILS_ROOT}/public/dir/a/b/file.mp3" send_file(@filename, :filename => "music.mp3")
Hope this help !
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论