Source code for scipost.storage

__copyright__ = "Copyright © Stichting SciPost (SciPost Foundation)"
__license__ = "AGPL v3"


from django.conf import settings
from django.core.files.storage import FileSystemStorage
from django.utils.functional import cached_property


[docs]class SecureFileStorage(FileSystemStorage): """ Inherit default FileStorage system to prevent files from being publicly accessible from a server location that is opened without this permission having been explicitly given. """ @cached_property def location(self): """ This method determines the storage location for a new file. To secure the file from 'the public', we'll store it outside the publicly accessible MEDIA_ROOT folder. This also means you need to explicitly handle the file reading/opening! """ if hasattr(settings, "MEDIA_ROOT_SECURE"): return self._value_or_setting(self._location, settings.MEDIA_ROOT_SECURE) return super().location @cached_property def base_url(self): return settings.MEDIA_URL_SECURE