adjust expire link

2 months ago · 7224a1ccec
parent c4a693846e
commit 7224a1ccec
1 changed files with 7 additions and 6 deletions
--- a/app/controllers/api/active_storage_blobs_proxy_controller.rb
+++ b/app/controllers/api/active_storage_blobs_proxy_controller.rb
@ -45,16 +45,17 @@ module Api
    def authorization_check!(attachment, record, exp)
      return if attachment.name == 'logo'
      return if exp.to_i >= Time.current.to_i
-
      return if current_user && current_ability.can?(:read, record)

-      configs = record.account.account_configs.where(key: [AccountConfig::DOWNLOAD_LINKS_AUTH_KEY,
-                                                           AccountConfig::DOWNLOAD_LINKS_EXPIRE_KEY])
+      if exp.blank?
+        configs = record.account.account_configs.where(key: [AccountConfig::DOWNLOAD_LINKS_AUTH_KEY,
+                                                             AccountConfig::DOWNLOAD_LINKS_EXPIRE_KEY])

-      require_auth = configs.any? { |c| c.key == AccountConfig::DOWNLOAD_LINKS_AUTH_KEY && c.value }
-      require_ttl = configs.none? { |c| c.key == AccountConfig::DOWNLOAD_LINKS_EXPIRE_KEY && c.value == false }
+        require_auth = configs.any? { |c| c.key == AccountConfig::DOWNLOAD_LINKS_AUTH_KEY && c.value }
+        require_ttl = configs.none? { |c| c.key == AccountConfig::DOWNLOAD_LINKS_EXPIRE_KEY && c.value == false }

-      return if !require_ttl && !require_auth
+        return if !require_ttl && !require_auth
+      end

      Rollbar.error('Blob aunauthorized') if defined?(Rollbar)