Docker/documize
Docker/documize
1
0
Fork 0
mirror of https://github.com/documize/community.git synced 2025-07-19 13:19:43 +02:00
Code Releases Activity

Fix edge case for attachments download auth checks

Browse source 
Edit permissions no longer interfere with download checks.
This commit is contained in:
McMatts 2019-05-24 12:29:46 +01:00
parent 2bbeaf91a0
commit e37782e5b7
1 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

18
gui/app/components/document/sidebar-attachment.js
View file

@ -37,6 +37,15 @@ export default Component.extend(Modals, Notifier, {
didInsertElement() {
this._super(...arguments);
// For authenticated users we send server auth token.
let qry = '';
if (this.get('session.hasSecureToken')) {
qry = '?secure=' + this.get('session.secureToken');
} else if (this.get('session.authenticated')) {
qry = '?token=' + this.get('session.authToken');
}
this.set('downloadQuery', qry);
if (!this.get('permissions.documentEdit') || this.get('document.protection') === this.get('constants').ProtectionType.Lock) {
return;
}
@ -86,15 +95,6 @@ export default Component.extend(Modals, Notifier, {
dzone.removeFile(file);
});
}
// For authenticated users we send server auth token.
let qry = '';
if (this.get('session.hasSecureToken')) {
qry = '?secure=' + this.get('session.secureToken');
} else if (this.get('session.authenticated')) {
qry = '?token=' + this.get('session.authToken');
}
this.set('downloadQuery', qry);
},
getAttachments() {