Add support for signed URLs used by the render_file function

2022-09-23 11:26:56 +02:00
parent 5881795d5f
commit 16c00ec136
16 changed files with 229 additions and 31 deletions
--- a/app/policies/code_ocean/file_policy.rb
+++ b/app/policies/code_ocean/file_policy.rb
@ -26,6 +26,14 @@ module CodeOcean
      end
    end

+    def render_protected_upload?
+      return no_one if @record.native_file? && !@record.native_file_location_valid?
+      return no_one if @record.context.is_a?(Exercise) && (@record.context.unpublished || @record.hidden)
+
+      # The AuthenticatedUrlHelper will check for more details, but we cannot determine a specific user
+      everyone
+    end
+
    def create?
      if @record.context.is_a?(Exercise)
        admin? || author?
--- a/app/policies/submission_policy.rb
+++ b/app/policies/submission_policy.rb
@ -6,11 +6,15 @@ class SubmissionPolicy < ApplicationPolicy
  end

  # insights? is used in the flowr_controller.rb as we use it to authorize the user for a submission
-  %i[download? download_file? render_file? run? score? show? statistics? stop? test?
+  %i[download? download_file? run? score? show? statistics? stop? test?
     insights?].each do |action|
    define_method(action) { admin? || author? }
  end

+  def render_file?
+    everyone
+  end
+
  def index?
    admin?
  end