[EP-tech] Allowing access to thumbnails of secure documents
John Salter
J.Salter at leeds.ac.uk
Thu Oct 10 08:20:12 BST 2013
Hi,
I’m trying to allow access to thumbnails of non-public documents.
I’ve already added a thumbnail security option to the documents, and the generated thumbnails now have an appropriate 'security' set.
When a request for a thumbnail is submitted e.g. http://repo.ac.uk/123/1.hassmallThumbnailVersion/filename.tif, the HTTP response is based on the security of the owning document, not the thumbnail document.
When the request is processed by the code in ~/archives/ARCHIVEID/cfg/cfg.d/security.pl, the $doc is already the parent document.
$c->{can_request_view_document} = sub
{
my( $doc, $r ) = @_;
…
}
The $r passed to can_request_view_document does contain the correct document in $r->pnotes->{dataobj}, but is there an elegant way of determining that the request is for a related-document?
This:
if($r->pnotes->{dataobj}->get_value("security") eq “public” && $status eq "archive" ){
return( “ALLOW” );
}
feels a little hacky - but seems to work OK…
Cheers,
John
More information about the Eprints-tech
mailing list