EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #02267


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

[EP-tech] Allowing access to thumbnails of secure documents


Hi (tried sending this previously, but the mailing list seemed non-responsive – apologies if you get it more than once!),

I’m trying to allow access to thumbnails of non-public documents.

 

I’ve already added a thumbnail_security option (all_public, small_public and none_public) to the documents, and the generated thumbnails now inherit a security based on this value.

 

By default, when a request for a thumbnail is submitted e.g. http://repo.ac.uk/123/1.hassmallThumbnailVersion/filename.png, the HTTP response is based on the security of the parent document, not the thumbnail document.

 

When the request is processed (in ~/archives/ARCHIVEID/cfg/cfg.d/security.pl), the $doc is the parent document.

$c->{can_request_view_document} = sub

{

        my( $doc, $r ) = @_;

}

 

The $r passed to can_request_view_document does contain the correct document in $r->pnotes->{dataobj}, but is there an elegant way of determining that the request is for a related-document?

 

This seems to work OK:

my $tn_doc =  $r->pnotes->{dataobj};

if( defined $tn_doc && $tn_doc->get_value( "security" ) eq "public" && $status eq "archive" )

{

    return( “ALLOW” );

}

but it feels a little ‘hacky’. Is there a better way to achieve this?

 

Cheers,

John