User must have opportunity to set password on their files. So what would be the best way to implement it? Is there any gems? Regards, Ivan. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
We don''t have the faintest idea as to what you are talking about. Please explain the use case for this feature. On 13 April 2011 12:36, Ivan K. <divout-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> User must have opportunity to set password on their files. > So what would be the best way to implement it? > Is there any gems? > Regards, > Ivan. > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Hi Peter, sorry i don''t really know english well. I have small application. User can upload files. Files could be public or private. And if a user decided to make file private he could set password on file. So if any other user want to get acces to the private file he need password. Is it a little bit clearer? Thanks. On Apr 13, 6:24 pm, Peter Hickman <peterhickman...-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org> wrote:> We don''t have the faintest idea as to what you are talking about. > > Please explain the use case for this feature. > > On 13 April 2011 12:36, Ivan K. <div...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > > > > > > > User must have opportunity to set password on their files. > > So what would be the best way to implement it? > > Is there any gems? > > Regards, > > Ivan. > > > -- > > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > > For more options, visit this group athttp://groups.google.com/group/rubyonrails-talk?hl=en.-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Do you have a model for the uploaded files. This could have a field for the password. When presenting a link to the file, if it has a password then user is redirected to a screen to fill out the password and if it matches they can download the file. The thing to watch out for is that the link for the protected file should be a one time url so that anyone who copies the final link will not be able to download the file. On 13 April 2011 13:41, Ivan K. <divout-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Hi Peter, sorry i don''t really know english well. > I have small application. User can upload files. Files could be public > or private. And if a user decided to make file private he could set > password on file. So if any other user want to get acces to the > private file he need password. > Is it a little bit clearer? > Thanks. > > On Apr 13, 6:24 pm, Peter Hickman <peterhickman...-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org> > wrote: >> We don''t have the faintest idea as to what you are talking about. >> >> Please explain the use case for this feature. >> >> On 13 April 2011 12:36, Ivan K. <div...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: >> >> >> >> >> >> >> >> > User must have opportunity to set password on their files. >> > So what would be the best way to implement it? >> > Is there any gems? >> > Regards, >> > Ivan. >> >> > -- >> > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. >> > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org. >> > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org >> > For more options, visit this group athttp://groups.google.com/group/rubyonrails-talk?hl=en. > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
>The thing to watch out for is that the link for the protected file >should be a one time url so that anyone who copies the final link will >not be able to download the fileThat''s the goal of this feature :) -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
For the moment lets create a model for one off downloads that have: file_id (from the file model) uid (a random value) When the user has successfully filled in the password create a new entry in the OneOffDownload model and present them with a link such as /secure_download/<uid - from the OneOffDownload file>. If the link is accessed within 10 minutes of the created_at time_stamp (for example) let them download the file, otherwise present an error page and let them reenter the password. On 13 April 2011 14:48, Ivan K. <divout-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:>>The thing to watch out for is that the link for the protected file >>should be a one time url so that anyone who copies the final link will >>not be able to download the file > That''s the goal of this feature :) > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Lets say :file_id => 1, :uid => 9 Link would be look like /secure_download/9 How user gonna get the file? Aren''t user would see the original link to file while downloading? On Apr 13, 7:58 pm, Peter Hickman <peterhickman...-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org> wrote:> For the moment lets create a model for one off downloads that have: > > file_id (from the file model) > uid (a random value) > > When the user has successfully filled in the password create a new > entry in the OneOffDownload model and present them with a link such as > /secure_download/<uid - from the OneOffDownload file>. If the link is > accessed within 10 minutes of the created_at time_stamp (for example) > let them download the file, otherwise present an error page and let > them reenter the password. > > On 13 April 2011 14:48, Ivan K. <div...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > > > > > > >>The thing to watch out for is that the link for the protected file > >>should be a one time url so that anyone who copies the final link will > >>not be able to download the file > > That''s the goal of this feature :) > > > -- > > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > > For more options, visit this group athttp://groups.google.com/group/rubyonrails-talk?hl=en.-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On 13 April 2011 15:56, Ivan K. <divout-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Lets say :file_id => 1, :uid => 9 > Link would be look like /secure_download/9 > How user gonna get the file? Aren''t user would see the original link > to file while downloading?When you render the links to the files, assuming that there is a page with a list of their files on it, you render /ordinary_download/xxx for a file without a password and /enter_password/yyy for a file with a password. If they successfully enter the password on the enter_password page create the OneTimeDownload entry and give them the link /secure_download/037GA738AE from which they can download the file. You should also check that the /ordinary_download/xxx link (when accessed by the controller) does not have a password associated so that they can''t just enter /ordinary_download/yyy in the browser. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Thanks a lot, Peter. I got all pieces together now. On Apr 13, 9:10 pm, Peter Hickman <peterhickman...-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org> wrote:> On 13 April 2011 15:56, Ivan K. <div...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > Lets say :file_id => 1, :uid => 9 > > Link would be look like /secure_download/9 > > How user gonna get the file? Aren''t user would see the original link > > to file while downloading? > > When you render the links to the files, assuming that there is a page > with a list of their files on it, you render /ordinary_download/xxx > for a file without a password and /enter_password/yyy for a file with > a password. If they successfully enter the password on the > enter_password page create the OneTimeDownload entry and give them the > link /secure_download/037GA738AE from which they can download the > file. > > You should also check that the /ordinary_download/xxx link (when > accessed by the controller) does not have a password associated so > that they can''t just enter /ordinary_download/yyy in the browser.-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.