EPrints Technical Mailing List Archive

Message: #02280

< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

[EP-tech] Re: Allowing access to thumbnails of secure documents

Hi John,

In 3.3, you have triggers, in your context I'd suggest you look at the EP_TRIGGER_DOC_URL_REWRITE trigger called by Apache::Rewrite.

Look this up for inspiration: http://bazaar.eprints.org/295/1/epm/coversheets/cfg/cfg.d/z_coversheet_trigger.pl

Give us a shout if you ran into problems.


On 10/10/13 14:22, John Salter wrote:

Hi (tried sending this previously, but the mailing list seemed non-responsive – apologies if you get it more than once!),

I’m trying to allow access to thumbnails of non-public documents.


I’ve already added a thumbnail_security option (all_public, small_public and none_public) to the documents, and the generated thumbnails now inherit a security based on this value.


By default, when a request for a thumbnail is submitted e.g. http://repo.ac.uk/123/1.hassmallThumbnailVersion/filename.png, the HTTP response is based on the security of the parent document, not the thumbnail document.


When the request is processed (in ~/archives/ARCHIVEID/cfg/cfg.d/security.pl), the $doc is the parent document.

$c->{can_request_view_document} = sub


        my( $doc, $r ) = @_;



The $r passed to can_request_view_document does contain the correct document in $r->pnotes->{dataobj}, but is there an elegant way of determining that the request is for a related-document?


This seems to work OK:

my $tn_doc =  $r->pnotes->{dataobj};

if( defined $tn_doc && $tn_doc->get_value( "security" ) eq "public" && $status eq "archive" )


    return( “ALLOW” );


but it feels a little ‘hacky’. Is there a better way to achieve this?





*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/