Forum: Ruby on Rails Protected documents directory

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
62e2a6d9218988e3b0b9c2869b63a157?d=identicon&s=25 bruce (Guest)
on 2005-12-03 07:11
(Received via mailing list)
What is the best way to restrict access to a set of pdf documents?
I really don't want to have to use additional .htaccess grant or
rewrite rules for this.

given this setup
public/pdfdocs
How do I restrict people from simply entering
http://mysite/pdfdocs/docxxx.pdf
I tried using routes.rb just as a test which sort of worked.

   map.connect '/pdfdocs/:name', :controller => 'account', :action =>
'login'


if they guess the document name correctly then they don't get the login
screen and the file is downloaded if it is wrong then the login screen
is presented, but this should happen always as i am saying here, always
go to the login screen.

Maybe this is totally the wrong thing to do but it seems as though it
could solve my problem easily as I would then just have to check that
they are logged in before offering the document.

Thanks

Bruce
C7669e8b5676f61fdf202230cbcf72d8?d=identicon&s=25 mikkel (Guest)
on 2005-12-03 10:08
dont place them in public and use a pfd controller with a send_data
action

Mikkel

bruce wrote:
> What is the best way to restrict access to a set of pdf documents?
> I really don't want to have to use additional .htaccess grant or
> rewrite rules for this.
>
62e2a6d9218988e3b0b9c2869b63a157?d=identicon&s=25 bruce (Guest)
on 2005-12-04 13:31
(Received via mailing list)
Great it works .... Knew I was being totally dumb.
Thanks Mikkel that is exactly what I wanted.
This topic is locked and can not be replied to.