Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 184
  • Last Modified:

how to distinguish private and public files(logical design question)

Hi guys

I am creating a content management software where  admins are able to attach documents which the user would be able to see ont the website.
There are 2 types of users public and members. The admin can specify if the want everybody to see the doument or just the user. Now the problem is that
I store all the docments in one directory /attachement/documents whether private or public. The website takes care of what to show if they are logged in and what not to show.
but if they get the url of the docment such as http://xxx.com/attachemnets/docments/privatedocument.doc they would be able to open it even if they are not logged in.

Now what i need is a way to distinguish private and public documents. Would anyone have any good idea regarding this

--Thanks

0
huzefaq
Asked:
huzefaq
2 Solutions
 
Jorge FraserCommented:
The easiest way to manage this is to store the documents in a database, that way you can mark the document at will. If this is not possible or do not want to do this, you could move the documents out of the server context and write a servlet that reads the documents and serves them to the user based on who the requestor is and what access they have.

Hope this helps.
0
 
hoomanvCommented:
> and write a servlet that reads the documents and serves them

However you still need a way to distinguish between public and private files
Only store documents' names in database plus a flag indicating the access privilege
And access them like this
http://xyz.com/ContentManager?document=something
0
 
huzefaqAuthor Commented:
Thnak you guys for your help

But what I ended up doing was to make two different directory for public and private and made the access tot thw directory restricted in the filter.

0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now