How to make files private using multiple file uploader plug-in

Need help Plugins
1

Hello

I’m trying to make images private adding them using a Picture uploader (single file).

I’m also trying to make files uploaded with the multiple file uploader plug-in. Unfortunately I can’t make it work.

Could someone take a look at the test page and help me figure out what I am missing?

What I need to achieve is:

  1. login as user A
  2. upload an image using picture uploader
  3. login as user B
  4. see only images uploaded by B
  5. upload multiple images via multiple file uploader plug-in as user B
  6. login as user A
  7. see only images uploaded by A
  8. go to App Data editor, open one row and obtain one S3 link to image
  9. open a browser tab, paste S3 link to image, and receive an error or white page, not displaying the image

Thank you in advance
Mario

2

Sample test page

3

Hello,

You need to create the thing to attach the files first, and then add it in the property editor of the multifile uploader.

4

Hrllo,

Unfortunately my use case is one file - one thing. So In would need to create many things. This creates two issues for me:
1 I can’t know upfront many files a user will upload;
2 I don’t know where to indicate the things since there is only room to specify one

Thanks for your help
Mario

5

Hello,

I have spent some time to understand who privacy works and I have eventually made it work.

However I wanted to point your attention to a potential issue in the Data Privacy section. This is what happens in my sample app (just one page to demonstrate the behaviour).

  1. Navigate to https://se-test-file-upload.bubbleapps.io/version-test?debug_mode=true
  2. Click on “Log user A in” button
  3. Click on the leftmost Image Uploader button and upload an image
  4. You should see a blank image placeholder
  5. Click on Save Image
  6. Goto the Data Privacy section and delete the “administrator” role for the “ImageFile” data type
  7. Go back to the app and upload an image
  8. Now you should see the uploaded image as well as the previously uploaded image

Images for steps above
Step 4 - blank image

Step 5 - saved image (in app fileupload folder, not in appforest)

Step 6 - delete administrator role

after deletion of administrator role:

Step 8 - image is now displaying - also previously uploaded image

So it looks like that the privacy manager ignores the second role attribution and after evaluating “administrator” to false, it defaults to “everyone” which hasn’t got the permissions.
I expected “creator” role to be evaluated as the most permissive, granting access to attached files.

Could you please help understand how the privacy managers evaluates those expressions?

Thanks
Mario

6

Can you create one situation where we don’t need to modify the app to the issue? Basically what we want is an app where you say “the user shouldn’t be able to see this and he can see this”

7

Hi @emmanuel - Please simply go through steps 1-4

At step 4 the user should be able to see the uploaded picture, a white area (see Step 4 - blank image above), replacing the initial “click to upload…” thumbnail, is displayed instead of the uploaded picture.