EPrints Technical Mailing List Archive

Message: #02267

< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

[EP-tech] Allowing access to thumbnails of secure documents

Hi (tried sending this previously, but the mailing list seemed non-responsive – apologies if you get it more than once!),

I’m trying to allow access to thumbnails of non-public documents.


I’ve already added a thumbnail_security option (all_public, small_public and none_public) to the documents, and the generated thumbnails now inherit a security based on this value.


By default, when a request for a thumbnail is submitted e.g. http://repo.ac.uk/123/1.hassmallThumbnailVersion/filename.png, the HTTP response is based on the security of the parent document, not the thumbnail document.


When the request is processed (in ~/archives/ARCHIVEID/cfg/cfg.d/security.pl), the $doc is the parent document.

$c->{can_request_view_document} = sub


        my( $doc, $r ) = @_;



The $r passed to can_request_view_document does contain the correct document in $r->pnotes->{dataobj}, but is there an elegant way of determining that the request is for a related-document?


This seems to work OK:

my $tn_doc =  $r->pnotes->{dataobj};

if( defined $tn_doc && $tn_doc->get_value( "security" ) eq "public" && $status eq "archive" )


    return( “ALLOW” );


but it feels a little ‘hacky’. Is there a better way to achieve this?