EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #02269


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

[EP-tech] Allowing access to thumbnails of secure documents


Hi,
I’m trying to allow access to thumbnails of non-public documents.

I’ve already added a thumbnail security option to the documents, and the generated thumbnails now have an appropriate 'security' set.
When a request for a thumbnail is submitted e.g. http://repo.ac.uk/123/1.hassmallThumbnailVersion/filename.tif, the HTTP response is based on the security of the owning document, not the thumbnail document.

When the request is processed by the code in ~/archives/ARCHIVEID/cfg/cfg.d/security.pl, the $doc is already the parent document.
$c->{can_request_view_document} = sub
{
        my( $doc, $r ) = @_;
…
}

The $r passed to can_request_view_document does contain the correct document in $r->pnotes->{dataobj}, but is there an elegant way of determining that the request is for a related-document?

This:
if($r->pnotes->{dataobj}->get_value("security") eq “public” && $status eq "archive" ){
  return( “ALLOW” );
}
feels a little hacky - but seems to work OK…

Cheers,
John