sam wrote: >I want to use FileField to upload files but I don't want the file URIs >directly visible to the user. > Simple way is just to no tell them the URL (i.e. not using {{ object.get_field_url }} in templates).
Another way is to copy files to the directory inaccessible from web upon file receiving. >I think what this boils down to is to map a logical >URL such as myapp/<file-name> to a view that checks permission first >then retrieves the file from MEDIA_ROOT/<file-name>. But how to do >that? > > urls.py: (r'^download/(.*)/$', 'download'), views.py: def download(request,filename): obj = get_object_or_404(files,filename__exact=filename) # Check permissions f = file(obj.get_file_filename()) try: content = f.read(os.path.getsize(obj.get_file_filename())) finally: f.close() response = HttpResponse(content,mimetype='application/octet-stream') response['Content-Disposition']='attachment; filename="%s"'%filename return response --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~----------~----~----~----~------~----~------~--~---