Skip to content

Restrict access to uploaded files

Nils Brinckmann requested to merge restrict-access-to-uploaded-files into develop

This MR changes the way we allow to access uploaded files:

  • we replace their urls with a custom one for the sms backend
  • we check for the permissions to see a device/platform/configuration (so without user credentials we can't access attachments for internal or private elements)
  • this improves reverse proxy via middleware, so that we can return proper urls

Merge request reports