From 7224a1ccec0a5f27a2f44d433379c87c706256bb Mon Sep 17 00:00:00 2001
From: Pete Matsyburka <pete@docuseal.com>
Date: Mon, 1 Sep 2025 13:36:55 +0300
Subject: [PATCH] adjust expire link

---
 .../api/active_storage_blobs_proxy_controller.rb    | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/app/controllers/api/active_storage_blobs_proxy_controller.rb b/app/controllers/api/active_storage_blobs_proxy_controller.rb
index 8df3b523..72575fff 100644
--- a/app/controllers/api/active_storage_blobs_proxy_controller.rb
+++ b/app/controllers/api/active_storage_blobs_proxy_controller.rb
@@ -45,16 +45,17 @@ module Api
     def authorization_check!(attachment, record, exp)
       return if attachment.name == 'logo'
       return if exp.to_i >= Time.current.to_i
-
       return if current_user && current_ability.can?(:read, record)
 
-      configs = record.account.account_configs.where(key: [AccountConfig::DOWNLOAD_LINKS_AUTH_KEY,
-                                                           AccountConfig::DOWNLOAD_LINKS_EXPIRE_KEY])
+      if exp.blank?
+        configs = record.account.account_configs.where(key: [AccountConfig::DOWNLOAD_LINKS_AUTH_KEY,
+                                                             AccountConfig::DOWNLOAD_LINKS_EXPIRE_KEY])
 
-      require_auth = configs.any? { |c| c.key == AccountConfig::DOWNLOAD_LINKS_AUTH_KEY && c.value }
-      require_ttl = configs.none? { |c| c.key == AccountConfig::DOWNLOAD_LINKS_EXPIRE_KEY && c.value == false }
+        require_auth = configs.any? { |c| c.key == AccountConfig::DOWNLOAD_LINKS_AUTH_KEY && c.value }
+        require_ttl = configs.none? { |c| c.key == AccountConfig::DOWNLOAD_LINKS_EXPIRE_KEY && c.value == false }
 
-      return if !require_ttl && !require_auth
+        return if !require_ttl && !require_auth
+      end
 
       Rollbar.error('Blob aunauthorized') if defined?(Rollbar)