Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Force uploads to be private by default #4159

Merged
merged 6 commits into from
Oct 2, 2017
Merged

Force uploads to be private by default #4159

merged 6 commits into from
Oct 2, 2017

Conversation

bcornwellmott
Copy link
Contributor

Uploads should be private by default so that sensitive information doesn't accidentally get shared with the public.

Demo:
private_uploads

@rmehta
Copy link
Member

rmehta commented Sep 22, 2017

I think we should let image files be public by default, others private. What do you think? Otherwise users will not be able to send images in their quotes etc.

@bcornwellmott
Copy link
Contributor Author

I've added a check to see if the options type is image, in which case it will make it public. I think that addresses the issue.

@bcornwellmott
Copy link
Contributor Author

private_uploads2

@rmehta
Copy link
Member

rmehta commented Sep 28, 2017

Let me check this in a bit. I am not sure we tag images in options... Maybe we can use popular extensions like gif, jpg, png, jpeg (I can push a fix too)

@bcornwellmott
Copy link
Contributor Author

bcornwellmott commented Sep 28, 2017
edited

Thanks! I think having Item images default to public is a good idea, but that doing all images might be a problem. You might have a scanned receipt, invoice etc that you attach to a document and you don't want that defaulting to public.

EDIT: Maybe we should default to private for standard document attachments (done through the frappe Attach+ button on the left), but for fields (attach or attach image) we can create an option for making the field default to attach public.

@rmehta
Copy link
Member

rmehta commented Sep 29, 2017

I agree, lets make all "Image" type fields as public by default and others private. I think you have to update the attach_image.js file for that.

@bcornwellmott
Copy link
Contributor Author

So I made a simple change which I think addresses the issue. If the docfield option (in "Attach" and "Attach Image" field types) says either "image" or "public", the attachment will default to public. If there is nothing (or something else in options), the attachment will default to private.

Does this address it well enough? This way it can be configured for each field.

@rmehta rmehta merged commit 2191a7d into frappe:develop Oct 2, 2017
rmehta added a commit that referenced this pull request Oct 3, 2017
@rmehta
Revert "Force uploads to be private by default (#4159)"
9262bef 
This reverts commit 2191a7d.
rmehta added a commit that referenced this pull request Oct 4, 2017
@rmehta
Revert "[fix] Disabled document not validated on save/submit #10571" (#…
550acb5 
…4240)

* Revert "Force uploads to be private by default (#4159)"

This reverts commit 2191a7d.

* Revert "[fix] Disabled document not validated on save/submit #10571 (#4195)"

This reverts commit 13a3205.
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 1, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@rmehta rmehta Awaiting requested review from rmehta

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@bcornwellmott @rmehta