Paperclip supports AWS S3 with a default of public-read access policy. This allows anyone who knows the URL of the resource to access it.

For some applications, you might want a more restricted access policy. The authenticated-read access policy requires that the URL of the resource be presented by an authenticated user.

To use authenticated-read with Paperclip:

1:s3_permssions => 'authenticated-read'
1def s3_url(style = nil, time_limit = 15.minutes)
2  attachment.s3.interface.get_link(attachment.s3_bucket.to_s, attachment.path(style), time_limit)
3end

If you do not normally need to time limit the access, use nil as the default value for time_limit

blog comments powered by Disqus