Files for work under review can be downloaded by public via direct link #5913
Comments
rjkati
added this to Ready for Dev/Doc (priority ordered)
in Hyrax Maintenance WG - September-December 2022
This was referenced Nov 30, 2022
rjkati
moved this from Ready for Dev/Doc (priority ordered)
to Review
in Hyrax Maintenance WG - September-December 2022
|
@dlpierce The first two bulleted cases work as expected. However, when I try to download the file from https://nurax-dev.curationexperts.com/downloads/xs55mc34x?locale=en I get the following error:
|
|
That is caused by nurax missing the file |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Descriptive summary
In hyrax 4.0.0.beta2, I can download files for works under review if I am logged out and have a direct link to the file.
Expected behavior
Files for works under review should only be downloaded by users with appropriate permissions
Actual behavior
Logged out users can access files for a work under review if they have a direct link to the file
Steps to reproduce the behavior
While logged out, attempt to access:
Both of the links above should not allow access
Next, download the file for the example work: https://nurax-dev.curationexperts.com/downloads/xs55mc34x?locale=en
The text was updated successfully, but these errors were encountered: