Reputation: 3437
File item protected by custom precondition
Let's say I have:
- a file item
- a view that returns True if current user has rights to access that file (computed by multiple rules like type of user, the context of file item, etc.)
How can I set the view result as a precondition rule to prevent untrusted users to see the file's content?
The default view of the contents of a File or Image seems to be running only when opening the file as mysite/file/view. If I open the file as mysite/file the code is not executed and I receive the file for any user.
I found something here: Using the File Precondition Property
Is this possible in Plone to block access to a file or image using a rule computed at runtime? (I mean block all possibilities to open/download it including direct link, /view, at_download, etc.)
Upvotes: 1
Views: 71
Answers (2)
Reputation: 671
I presume that you want to keep things simple and easy, with minimal intervention to the content types. For that, you'd need some type of custom security manager. You could maybe play with local roles. The idea is that you want to grant, through workflow, view access to a certain role. If the logic for a user having that role is complex, then you need to move that logic in a security plugin.
Upvotes: 1
Reputation: 3965
Assign a workflow to the content-types "Image" and "File" and grant permissions via workflow-states.
Upvotes: 1
Related Questions
- Plone content allowed in specific folder
- Plone Permissions
- How one should check for a permission in Plone?
- Plone/Zope/ZODB: how to override storage method on a File field
- How to set TAL condition to check the file type and accordingly render the template in Plone 4.1
- How to restrict image file extension on Plone?
- Add custom restriction of folders in Plone
- Prevent deletion of folder (type) in Plone unless parent is being deleted
- How to restrict object types which can be added in user personal folders in Plone 4.1?
- Limiting one Content item per Member in a Folder on Plone 4