git.heureux-cyclage.org - lhc/web/wiklou.git/commit

author	Aaron Schulz <aschulz@wikimedia.org>
	Fri, 17 Oct 2014 19:32:58 +0000 (12:32 -0700)
committer	Aaron Schulz <aschulz@wikimedia.org>
	Tue, 21 Oct 2014 18:46:05 +0000 (18:46 +0000)
commit	103d6f77c36d0758f5f373f4770392462ad0f927
tree	fa87d6e9e9f0bab5a32be39e66877fa0268ead04	tree \| snapshot
parent	ade753ae4899656ca154ee1e1808db481da16f8b	commit \| diff

Treat the "temp" repo zone as private

* The primary user is the upload stash. Both stashed originals and thumbnails can
  be viewed through Special:UploadStash, which checks the appropriate permissions.
  There is no need for direct web access.
* Note that the scaler URL has to point to something that does no authentication
  checks since the HTTP GET has no cookie headers propagated. However the file
  name is the URL is determined by us_path, which is not exposed to the author
  but rather stored in the DB and linked by the file key. The author should only
  know the key.
* Also changed getTempRepo() to set the thumb/transcoded zones to nest in
  the base repo temp zone. This way, the temp and base repo do not conflict
  as to whether a container might be private or not.

Change-Id: I403520053b2053094e5f90083b6375bc04c351f4

RELEASE-NOTES-1.25		diff \| blob \| history
includes/filerepo/FileRepo.php		diff \| blob \| history