Hello,
thank you for the response. Could you please give an example as to how to
do that above mentioned?
Thank you.
On Friday, February 6, 2015 at 11:10:50 PM UTC+5:30, Nikolas
Stevenson-Molnar wrote:
>
> It sounds like you want to use signed URLs. Since you're using storages,
> this should be the default if you use the "url" property. E.g.,
>
> signed_url = status_obj.image.url
>
> Then keep the file itself private. No one will be able to access it
> without a signed URL, and you can control who gets a signed URL in your
> Django app.
>
> _Nik
>
> On 2/6/2015 7:51 AM, Kakar Nyori wrote:
>
> I am using amazon s3 to store uploaded user images. My problems are:
>
> - If I permit or grantee for me, I cannot upload or download the
> contents.
> - If I permit or grantee for everyone, all the users and (especially)
> anonymous users will be able to see the contents, which I don't want.
>
> So, my question is, what do I do so that only the users from my website
> can upload, download and delete the content?
>
> In that I have conditions that:
>
> 1. Only the users (user1, user2, user3, ...) who are following the user
> (user0) can download/view the content?
> 2. Only the user who uploaded the view can delete the content.
>
> models.py:
>
> * def get_upload_file_name(instance, filename):*
> * return "uploaded_files/%s_%s" %(str(time()).replace('.','_'),
> filename)*
>
> * PRIVACY = (*
> * ('H','Hide'),*
> * ('F','Followers'),*
> * ('A','All'),*
> * )*
>
> * class Status(models.Model):*
> * body = models.TextField(max_length=200)*
> * image = models.ImageField(blank=True, null=True,
> upload_to=get_upload_file_name)*
> * privacy = models.CharField(max_length=1,choices=PRIVACY,
> default='F')*
> * pub_date = models.DateTimeField(auto_now_add=True,
> auto_now=False)*
> * user = models.ForeignKey(User)*
>
> settings.py:
>
> * DEFAULT_FILE_STORAGE = 'storages.backends.s3boto.S3BotoStorage'*
>
> * AWS_ACCESS_KEY_ID = 'AKIAJQWEN46SZLYWFDMMA'*
>
> * AWS_SECRET_ACCESS_KEY = '2COjFM30gC+rty571E8eNSDYnTdV4cE3aEd1iFTH'*
>
> * AWS_STORAGE_BUCKET_NAME = 'yesme'*
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected] <javascript:>.
> To post to this group, send email to [email protected]
> <javascript:>.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/cbc5c0d5-cc42-4a67-9414-2fb74fceed1e%40googlegroups.com
>
> <https://groups.google.com/d/msgid/django-users/cbc5c0d5-cc42-4a67-9414-2fb74fceed1e%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/b62f01f0-c775-4b8a-afe8-4d6da8e4a351%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
