yalelibrary / YUL-DC

Preliminary issue tracking for Yale University Libraries Digital Collections project

3 stars 0 forks source link

Change Staged Download Behavior #2947

Closed K8Sewell closed 3 weeks ago

K8Sewell commented 1 month ago

Summary

Currently if any user visits the /download/888888/staged url they will receive a 200 response and messaging that indicates the process is proceeding as normal and they simply need to check back in a bit while the big file downloads. The purpose of this ticket is to change how the /download/888888/staged url responds to users that are not logged in or not on VPN from displaying a 'wait but all ok' message to 'This file is restricted to logged in users or users on campus. To determine if you have access please log in or visit campus and visit this page again.'

Acceptance Criteria

[x] a not logged in user will receive a notification that they do not have access to the resource
[x] the /download/888888888/staged page returns a 401 when user not on campus or not logged in

jpengst commented 1 month ago

Current behavior is that the user auth check passes if the object is Public. Do we want to change this to check user login/on campus for staging public object tiff downloads?

jpengst commented 1 month ago

PR: https://github.com/yalelibrary/yul-dc-blacklight/pull/1069

K8Sewell commented 4 weeks ago

Deployed to Test with release v1.64.9

K8Sewell commented 4 weeks ago

Was able to confirm on Test that for public objects I can download the tiff and when on VPN I can download tiff as well. Because I have to be on VPN to reach Test I don't have a way to manually test that the downloads are restricted as expected for off campus / not logged in users. Until I finish the smoke tests of course.

sshetenhelm commented 4 weeks ago

Thanks Kait. Depending on when smoke tests are finished, I'm also OK with just coordinating deployment with @laurenb33 and having a plan to roll back immediately if the TIFFs don't work in PROD. So we can bump up to UAT.

jillpe commented 3 weeks ago

Waiting until next deployment.

sshetenhelm commented 3 weeks ago

Confirmed not logged in and not on VPN can download public Confirmed not logged in and not on VPN get 'unauthorized' for Yale Community Only Confirmed logged in and not on VPN can download YCO Confirmed not logged in and on VPN can download YCO

Ready to close! Thank you :)