Put files behind auth #65

New Issue

Closed

opened 2026-02-04 16:57:40 +03:00 by OVERLORD · 1 comment

OVERLORD commented 2026-02-04 16:57:40 +03:00

Owner

Copy Link

Originally created by @NickKelly1 on GitHub (Feb 3, 2021).

Hi, love the project! My wife and I have been making great use of it.

So far as I can tell files are always publicly accessible meaning we can't upload anything sensitive.

Can we put files behind authentication so they aren't accessible without authentication and authorisation?

To recreate this issue:

1. Attach a file to a card
2. Open the file
3. Copy the URL and open in Incognito mode (proving access without authentication and authorisation)

PS. would love to contribute. Are PR's being accepted and are there any contribution guidelines?

Originally created by @NickKelly1 on GitHub (Feb 3, 2021). Hi, love the project! My wife and I have been making great use of it. So far as I can tell files are always publicly accessible meaning we can't upload anything sensitive. Can we put files behind authentication so they aren't accessible without authentication and authorisation? ## To recreate this issue: 1. Attach a file to a card 2. Open the file 3. Copy the URL and open in Incognito mode (proving access without authentication and authorisation) PS. would love to contribute. Are PR's being accepted and are there any [contribution guidelines](https://docs.github.com/en/github/building-a-strong-community/setting-guidelines-for-repository-contributors)?

OVERLORD added the enhancement label 2026-02-04 16:57:40 +03:00

OVERLORD closed this issue 2026-02-04 16:57:41 +03:00

OVERLORD commented 2026-02-04 16:57:52 +03:00

Author

Owner

Copy Link

@meltyshev commented on GitHub (Feb 8, 2021):

Hi, sorry for the long answer. Yes, files should only be accessible to authorized users. I will change it in the release version. Thank you!

About contribution guidelines: I will add them after we release the stable version of Planka (currently working on that huge roles change). It will become more stable to contribute - there will be stable API and migrations between versions.

@meltyshev commented on GitHub (Feb 8, 2021): Hi, sorry for the long answer. Yes, files should only be accessible to authorized users. I will change it in the release version. Thank you! About contribution guidelines: I will add them after we release the stable version of Planka (currently working on that huge roles change). It will become more stable to contribute - there will be stable API and migrations between versions.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

dependabot/npm_and_yarn/client/multi-5543462fab

gh-pages

dependabot/npm_and_yarn/multi-795903f3f3

dependabot/npm_and_yarn/server/multi-60f2582fdd

dependabot/npm_and_yarn/client/qs-6.14.2

dependabot/npm_and_yarn/client/markdown-it-14.1.1

v2.0.2

planka-2.0.2

v2.0.1

planka-2.0.1

v2.0.0

planka-2.0.0

planka-1.1.2

planka-1.1.1

planka-1.1.0

planka-1.0.5

planka-1.0.4

v2.0.0-rc.4

v1.26.3

planka-0.2.26

planka-1.0.3

planka-1.0.2

v2.0.0-rc.3

planka-1.0.1

planka-1.0.0

v2.0.0-rc.2

planka-0.2.25

v1.26.2

v1.26.1

planka-0.2.24

v1.26.0

planka-0.2.23

v1.25.1

planka-0.2.22

v1.25.0

planka-0.2.21

v1.24.4

planka-0.2.20

v1.24.3

planka-0.2.19

planka-0.2.18

v1.24.2

planka-0.2.17

planka-0.2.16

v1.24.1

planka-0.2.15

v1.24.0

planka-0.2.14

v1.23.5

v1.23.4

planka-0.2.13

planka-0.2.12

v1.23.3

planka-0.2.11

v1.23.2

planka-0.2.10

v1.23.1

planka-0.2.9

v1.23.0

v1.22.0

planka-0.2.8

Labels

Clear labels

bug

bug

documentation

documentation

duplicate

enhancement

good first issue

help wanted

pull-request

Mirrored from GitHub Pull Request

question

wontfix

No Label enhancement

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/planka#65