Hi Ed, Ed Colmar wrote:
Hey fellow zope fiends.
I've got a little project I'm working on that involves setting up multiple one-time downloads.
I'm curious if anyone out there has done something similar that would like to share ideas and or code.
My concept was to have all the files in a secure directory somewhere. Make a temporary directory somewhere with a random id "oahnw3487cfyawcry7baw385vbyawy348vyaw" or whatever... Set the directory name and a flag into a db somewhere. Then after the download is complete (or after a certain amount of time, delete the dir and the files.
Anyone have something like this already?
No need to create something in Zope for every possible download. You place your file somewhere in a download directory. You remove "view" permission from it for anonymous you can add a role in root folder for example, called "download" - give the view permission to manager and download for this file. Place a python script in the path where you want to provide the download. Give that script proxy role as "download" (you must also have this role to make this - simply edit your user object in acl_users) The script should read like this: cookie,filename=traverse_subpath if context.sqlQueryToCheckId(identification=cookie) file=context.filefolder[filename] response.setHeader('content-type':file.content_type) return file.data return context.ErrorMessageTemplate(context) You can add something to check the filename, although if you do it right the script can only provide access to files when the cookie is the right one and where the fileobject is accessible for the role "download". From your HTML or E-Mail you refer to the file like this: http://yourserver/pathToDownload/DownloadScript/1qwe7aadea7868sfsfd/file_to_... ^^^^^^^^ ^^^^^^ ^^^^ The script above the "cookie" the file HTH Tino Wildenhain