Hello,
thank you for the response. Could you please give an example as to how to
do that above mentioned?
Thank you.
On Friday, February 6, 2015 at 11:10:50 PM UTC+5:30, Nikolas
Stevenson-Molnar wrote:
>
> It sounds like you want to use signed URLs. Since you're using storages,
> this should be the default if you use the "url" property. E.g.,
>
> signed_url = status_obj.image.url
>
> Then keep the file itself private. No one will be able to access it
> without a signed URL, and you can control who gets a signed URL in your
> Django app.
>
> _Nik
>
> On 2/6/2015 7:51 AM, Kakar Nyori wrote:
>
> I am using amazon s3 to store uploaded user images. My problems are:
>
> - If I permit or grantee for me, I cannot upload or download the
> contents.
> - If I permit or grantee for everyone, all the users and (especially)
> anonymous users will be able to see the contents, which I don't want.
>
> So, my question is, what do I do so that only the users from my website
> can upload, download and delete the content?
>
> In that I have conditions that:
>
> 1. Only the users (user1, user2, user3, ...) who are following the user
> (user0) can download/view the content?
> 2. Only the user who uploaded the view can delete the content.
>
> models.py:
>
> * def get_upload_file_name(instance, filename):*
> * return "uploaded_files/%s_%s" %(str(time()).replace('.','_'),
> filename)*
>
> * PRIVACY = (*
> * ('H','Hide'),*
> * ('F','Followers'),*
> * ('A','All'),*
> * )*
>
> * class Status(models.Model):*
> * body = models.TextField(max_length=200)*
> * image = models.ImageField(blank=True, null=True,
> upload_to=get_upload_file_name)*
> * privacy = models.CharField(max_length=1,choices=PRIVACY,
> default='F')*
> * pub_date = models.DateTimeField(auto_now_add=True,
> auto_now=False)*
> * user = models.ForeignKey(User)*
>
> settings.py:
>
> * DEFAULT_FILE_STORAGE = 'storages.backends.s3boto.S3BotoStorage'*
>
> * AWS_ACCESS_KEY_ID = 'AKIAJQWEN46SZLYWFDMMA'*
>
> * AWS_SECRET_ACCESS_KEY = '2COjFM30gC+rty571E8eNSDYnTdV4cE3aEd1iFTH'*
>
> * AWS_STORAGE_BUCKET_NAME = 'yesme'*
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users...@googlegroups.com <javascript:>.
> To post to this group, send email to django...@googlegroups.com
> <javascript:>.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/cbc5c0d5-cc42-4a67-9414-2fb74fceed1e%40googlegroups.com
>
> <https://groups.google.com/d/msgid/django-users/cbc5c0d5-cc42-4a67-9414-2fb74fceed1e%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/b62f01f0-c775-4b8a-afe8-4d6da8e4a351%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
