On Sep 30, 2011, at 4:26 PM, Garrett S. wrote:
> I think I like what you're saying, but the only problem I have with it
> is controlling access to the paperclip url. This may mean I just don't
> understand how the paperclip urls work. But I'm also trying to ensure
> that only the user who uploaded it, can access it. I wasn't sure if I
> would be able to control this once a url for an audio file was exposed.
That's the beauty of how this works. When you save the file to S3, you have two
basic options. Usually, you want these to be world-readable, so you pass
:s3_permissions => :public
in your has_attached_file call.
But if you pass :private instead, then the file can only be accessed through
your S3 credentials. Okay, now only your app can read it. But that's what the
expiring_url method is for. That gins up a one-time token that expires in N
minutes, and allows one download during that window, after which it simply
won't work at all. Your keys are used to create this token, but it's a one-way
hash so you don't have any leakage possible of your actual credentials.
Walter
>
> --
> Posted via http://www.ruby-forum.com/.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ruby on Rails: Talk" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/rubyonrails-talk?hl=en.
>
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
