New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
File attachments are publicly accessible by default - if url is known #263
Comments
Thanks for opening this @symbioquine. Just want to link to my comment here specifically for background: https://farmos.discourse.group/t/file-attachements-public-by-default-if-so-whats-the-best-strategy-for-making-them-private/268/2 And also I will change the title of this to reflect that it is not just logs. |
First, I want to emphasize: We are already planning on defaulting to private filesystem uploads in the next version of farmOS on Drupal 8. So, this is mainly a question/consideration for Drupal 7 farmOS... There are a few considerations if we want to change this in farmOS on Drupal 7:
|
This also assumes that there will be an automated migration from D7->D8 that moves all the files to private. |
Thanks @mstenta, this is really helpful! So if I'm understanding correctly, fixing this on a one-off basis would require configuring Drupal through the UI so it "knows" how/where to save private uploads, then modifying the code for the Further if I'm understanding correctly, changing this behavior in the farmOS D7 codebase would require;
It occurs to me that one sort of ugly work-around to both problems might be to just add an additional pair of fields. e.g. |
That's correct, as far as I know.
Yes, and also: is it even possible to change the schema in the first place through the UI? Some field configuration cannot be changed once a field is created. Anything is possible via code, of course, but that might require more work. So first check to see if it can be changed in the UI (which would then override the config in code).
I would say it's safe to assume private files is always a good starting point. The nice thing about the private file system approach is it will then use Drupal's roles and permissions system, and probably has an access function we could hook into, which means we could also create our own ability to make certain files "public" in the future.
Agreed - I'd rather keep the data model simple. And as described above, we may be able to make them "public" on a per-file basis using the access control system, which would be all around better. But we can cross that bridge if/when needed, and as part of a separate feature request. |
Update: I've done some testing with this... I added the following hook implementation to a custom module, which overrides the base field settings for
Note this does NOT change the actual field base configuration itself that is defined in the Once that is done, when a file/photo is uploaded to one of those fields, it is put into the private file system path that is configured at And: files that were uploaded BEFORE this override continue to work fine, it seems. However, they are NOT automatically moved to the private file directory. So: this is a quick way to override the setting in a custom module, which will ensure that all files uploaded from that point forward will be private. I am going to investigate what is required for moving old files to the private file system next, but my assumption is that it simply involves:
The next things to figure out after that are:
|
Here is an update hook sketch that can be used to migrate all files from public to private:
Note that this will only work if no private files have been uploaded already (it checks that |
I'm going to close this. We've made "private" the default in farmOS 2.x, and instructions/considerations for using private filesystem in 1.x are described above. |
RE: https://farmos.discourse.group/t/file-attachements-public-by-default-if-so-whats-the-best-strategy-for-making-them-private
Installation created according to: https://farmos.org/development/configure-local-https-reverse-proxy/
The text was updated successfully, but these errors were encountered: