• Penar Musaraj's avatar
    FEATURE: Add support for secure media (#7888) · 102909ed
    Penar Musaraj authored
    This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. 
    
    A few notes: 
    
    - the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads
    - the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured
    - upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status
    - when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error
    - when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
    102909ed
Name
Last commit
Last update
..
cloud/cloud66 Loading commit data...
environments Loading commit data...
initializers Loading commit data...
locales Loading commit data...
application.rb Loading commit data...
boot.rb Loading commit data...
cdn.yml.sample Loading commit data...
database.yml Loading commit data...
deploy.rb.sample Loading commit data...
discourse.config.sample Loading commit data...
discourse.pill.sample Loading commit data...
discourse_defaults.conf Loading commit data...
environment.rb Loading commit data...
logrotate.conf Loading commit data...
multisite.yml.production-sample Loading commit data...
nginx.global.conf Loading commit data...
nginx.sample.conf Loading commit data...
projections.json Loading commit data...
puma.rb Loading commit data...
routes.rb Loading commit data...
sidekiq.yml Loading commit data...
site_settings.yml Loading commit data...
spring.rb Loading commit data...
thin.yml.sample Loading commit data...
unicorn.conf.rb Loading commit data...
unicorn_launcher Loading commit data...
unicorn_upstart.conf Loading commit data...