Menu
▾
▴
#51 Secure pictures and snapshots
Problem is only with space's/actor's profile image and snapshots (I probably called them attachments during discussion),
because they are put to public folder.
For example, this is my private asset (you can't see it):
http://graaasp.epfl.ch/#item=asset_606
But I still can see the snapshot and its image:
http://graaasp.epfl.ch/asset/picture_full/758/asset758-full.png
Solution (the same way it is done for attachments)
1. move assets,actors,spaces,widgets from public folder to a closed one on the server and do it during deploy
2. define a route similar to attachments /picture/:id/:size (:size => thumb, small, etc.)
3. add rails controller with checks.
