[英]Files saved by carrierwave is being gotten visible to users not logged in
Nginx的美洲獅MySQL的Rails == 5.1.5
我安裝了carrierwave,以便在帖子中上傳圖片和文件。
未登錄的用戶在瀏覽器中鍵入文件URL,然后他們可以訪問和查看文件。
該文件只能訪問登錄的用戶。
文件路徑為“ uploads / post / images / 1234(post_id)/sample.png”。 到目前為止,我在public,app / assets /和根目錄下都找不到上載目錄。
任何答案或建議,不勝感激。
Rails.application.routes.draw do
get 'users/index'
get 'users/show'
get 'posts/index'
devise_for :users, module: :users
resources :users, :only => [:index, :show]
get "/" => "posts#index"
get "posts/like_ranking" => "posts#like_rank"
get "posts/post_count_ranking" => "posts#post_count"
get "posts/tags_search" => "posts#tags_search"
get "posts/new" => "posts#new"
get "posts/:id/reply" => "posts#new"
post "posts/create" => "posts#create"
get "posts/:id" => "posts#show"
get "posts/:id/edit" => "posts#edit"
post "posts/:id/update" => "posts#update"
post "posts/:id/destroy" => "posts#destroy"
get 'tags/:tag', to: 'posts#index', as: :tag
get "users/:id/likes" => "users#likes"
get "users/:id/reply" => "users#reply"
resources :posts, only: %w(index)
resources :posts, shallow: true do
resources :likes, only: [:create, :destroy]
end
end
”
class ImageUploader < CarrierWave::Uploader::Base
# Choose what kind of storage to use for this uploader:
storage :file
# Override the directory where uploaded files will be stored.
# This is a sensible default for uploaders that are meant to be mounted:
def store_dir
"uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
end
end
所有資產規模public文件夾是由服務nginx 。 為了使登錄用戶可以使用它,您可以首先將文件上傳到public目錄以外的其他目錄,並創建由Rails應用程序從該目錄提供文件的操作,並檢查用戶在提供服務之前是否已登錄。
從Javascript運行PHP文件以檢查在線用戶:表示未登錄的用戶是
[英]Run PHP files from Javascript to check Online users: says users who are not logged in are
如何僅通過瀏覽器身份驗證為有效用戶創建下載目錄而無需登錄?
[英]how to make a download directory for valid users without being logged in, just by browser authentication?
在兩個日期之間查詢已登錄用戶而不是未登錄用戶的PHP查詢
[英]Php query for logged in users and not logged in users between two dates
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.