PENDING: Profile Images Issue

[idabblewith]

Hi!

Quick test of profiles app demonstrates that display pictures are now working. However, not for the public; only logged in users can see it - which defeats the point.

The django backend has allowed read only access to avatars if not logged in, however, due to extra layer of SSO on the base website, trying to access the avatar presents a 403 if visiting the profiles website in private mode/as a public anonymoususer.

For example, attempting to load this avatar in private mode results in 403, causing the image to not display on the webapp, and directly accessing the link prompts login via SSO: scienceprojects.dbca.wa.gov.au/files/user_avatars/Adrian_Carnegie.jpg

@ben3000 If you get the chance can you ask Ashley to allow access to the /files/user_avatars folder on the backend to the public. I know the previous SPMS had full access to the entire files directory, which I'm not sure is the best, but we need to at least move /files/user_avatars away from SSO, so the public can see profile images in that folder.

If he changes it, it should reflect without redeploying because it is an OIM/SSO issue.

[idabblewith]

PENDING: Change request submitted

[idabblewith]

Change request approved, awaiting implementation by OIM