Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Kieron McIntyre 117 posts 360 karma points
    Dec 08, 2013 @ 16:46
    Kieron McIntyre
    0

    How can I save media to either a publicly accessible or protected location?

    I have several v6 projects where I need to be able to differentiate between files in the media library that are publicly accessible and files that aren't.

    Obviously, any files uploaded into Umbraco are by default publicly accessible just by using the URL path /media/xxxx/filename.ext but this is not appropriate for files that shouldn't be served to the public.

    What I want to achieve is to be able to upload files so that they can be marked as protected or public, preferably using FormsAuthentication or in some cases using two separate Azure Blob Storage containers - one public, the other not.

    For example, I want to be able to upload to one of two locations depending on the MediaType: /media/ and /protected-media/ or azureContainer1 and azureContainer2.

    I have been looking at creating a FileSystemProvider but the AddFile() overloads only accept a parameter for the file stream and path - and no other information, e.g. what type of MediaType it is. So I can't perform any logic in the FileSystemProvider to decide where to save the file. My problem is that there is nowhere else in the stack where I can place this logic.

    I could create a new file uploader data type but the datatype should be "dumb" and not really contain any logic about what it is saving. I could create a MediaService.Saving event, but I can't alter the location of where the file is saved from there.

    Can anyone suggest how I might resolve this?

    Thanks.

  • Richard Soeteman 4046 posts 12899 karma points MVP 2x
    Dec 09, 2013 @ 10:38
    Richard Soeteman
    0

    Hi,

    I've created Media protect (http://soetemansoftware.nl/media-protect) to handle this scenario, also works on Azure. Not using BLOB storage tho. But maybe you can use it.

    Cheers,

    Richard

  • Graeme W 113 posts 289 karma points
    Jan 20, 2014 @ 17:58
    Graeme W
    0

    Hi Kieron - did you find a solution to this?

    I have a similar situation and can get round it using role based permissions and having a specific web.config file in each restricted folder. The users have to be well trained/disciplined to only upload media to certain folder and it could be a bit unweildy if there were too many folders to protect.

  • glenatron 37 posts 132 karma points
    Jan 24, 2014 @ 14:03
    glenatron
    0

    I have done this with very generic bands of protection - member group 1 can access everything protected to level 1, member group 2 can access everything protected to level 2 and level 1 and so on. What worked for me was to create a custom upload control to upload the file to a temporary location, then an event handler that moved files out of context as part of the BeforeSave event then changed the file path to point at a surface controller with the filename. Finally I added a surface controller to check the user's permissions and only return the file from the out of context location if they are allowed to access it.

    That way I got control of my own file paths, definitely have my files locked away and could manage my own security. For the type of site I am creating this is ideal, but in some cases it might be overkill and I am not suggesting it is the best way to do the job. It can be done, however, and it does work.

Please Sign in or register to post replies

Write your reply to:

Draft