[英]Files saved by carrierwave is being gotten visible to users not logged in
Nginx的美洲狮MySQL的Rails == 5.1.5
我安装了carrierwave,以便在帖子中上传图片和文件。
未登录的用户在浏览器中键入文件URL,然后他们可以访问和查看文件。
该文件只能访问登录的用户。
文件路径为“ uploads / post / images / 1234(post_id)/sample.png”。 到目前为止,我在public,app / assets /和根目录下都找不到上载目录。
任何答案或建议,不胜感激。
Rails.application.routes.draw do
get 'users/index'
get 'users/show'
get 'posts/index'
devise_for :users, module: :users
resources :users, :only => [:index, :show]
get "/" => "posts#index"
get "posts/like_ranking" => "posts#like_rank"
get "posts/post_count_ranking" => "posts#post_count"
get "posts/tags_search" => "posts#tags_search"
get "posts/new" => "posts#new"
get "posts/:id/reply" => "posts#new"
post "posts/create" => "posts#create"
get "posts/:id" => "posts#show"
get "posts/:id/edit" => "posts#edit"
post "posts/:id/update" => "posts#update"
post "posts/:id/destroy" => "posts#destroy"
get 'tags/:tag', to: 'posts#index', as: :tag
get "users/:id/likes" => "users#likes"
get "users/:id/reply" => "users#reply"
resources :posts, only: %w(index)
resources :posts, shallow: true do
resources :likes, only: [:create, :destroy]
end
end
”
class ImageUploader < CarrierWave::Uploader::Base
# Choose what kind of storage to use for this uploader:
storage :file
# Override the directory where uploaded files will be stored.
# This is a sensible default for uploaders that are meant to be mounted:
def store_dir
"uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
end
end
所有资产规模public文件夹是由服务nginx 。 为了使登录用户可以使用它,您可以首先将文件上传到public目录以外的其他目录,并创建由Rails应用程序从该目录提供文件的操作,并检查用户在提供服务之前是否已登录。
从Javascript运行PHP文件以检查在线用户:表示未登录的用户是
[英]Run PHP files from Javascript to check Online users: says users who are not logged in are
如何仅通过浏览器身份验证为有效用户创建下载目录而无需登录?
[英]how to make a download directory for valid users without being logged in, just by browser authentication?
在两个日期之间查询已登录用户而不是未登录用户的PHP查询
[英]Php query for logged in users and not logged in users between two dates
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.