You use paperclip to handle file uploads, sending to s3, and storing the info in the database. The model that stores the image information should belong_to a User, so that you can implement per-user access controls. Then when a file is to be downloaded, assuming the currently logged-in user can access the file, you render a time-limited (5 minutes or so) s3 URL so that user can download it without leaving the file wide open on s3. -- Benjamin Curtis http://railskits.com/ - Ready-made Rails code http://catchthebest.com/ - Team-powered recruiting http://www.bencurtis.com/ - Personal blog
On Thu, May 14, 2009 at 1:25 AM, Chris B. <[email protected]>wrote: > > Hi Conrad, > > the users should be able to upload/download files, but download only > these they are authenticated to (like only files of group x). > > afaik s3 buckets are either protected or public - so i'm not sure how to > do this. > -- > Posted via http://www.ruby-forum.com/. > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
