Allow the configuration of security policies that will allow or not a blob to be downloaded by a user based on various factors.
A rule can be coded in JavaScript to determine whether download is allowed based on the following values:
- the document,
- the blob,
- the blob's xpath,
- the current user,
- the blob provenance (i.e. the download reason, for instance "rendition"),
- the rendition name, or other extended info available in the download context.
The new configuration is done through the following extension point:
<extension target="org.nuxeo.ecm.core.io.download.DownloadService" point="permissions"> <permission name="myperm"> <script language="JavaScript"> function run() { if (CurrentUser.getName() != "bob") { return false; } if (!CurrentUser.getGroups().contains("members")) { return false; } if (Document.getPropertyValue("dc:format") != "pdf") { return false; } if (Reason != "rendition") { return false; } if (Rendition != "myrendition") { return false; } if (Blob.getFilename() != "myfile.txt") { return false; } if (XPath == "file:content" || XPath == "blobholder:0") { return false; } return true; } </script> </permission> </extension>
The language can be any JVM scripting language, the default is "JavaScript".
The script must define a run() function that returns a boolean:
- true means that downloading the blob is not disallowed by this permission.
- false means that downloading the blob is forbidden.
The method will get called with the following global context (some values may be null): Document (DocumentModel), XPath (String), Blob (Blob), CurrentUser (NuxeoPrincipal), Reason (String), Rendition (String), Infos (Map).
If there are several permissions defined, a single one returning false is sufficient to forbid the blob download.
See the full documentation at https://doc.nuxeo.com/x/BI_RAQ