When I need to work with files (display/download) in security mode, I use this method:
The method works well and allows you to display/download files only to those users who have access to them.
However, I needed to access the files using the API from another project (so that I could display/download them on another project). In this scenario, the method does not work.
I am receiving an answer not in the form of a binary file, but in the form of a string:
Hi, Patrick. Maybe I don't understand something, but what you're suggesting can't work in my case.
I will explain my problem in more detail.
I have a Project1 in which all files are stored in a non-public folder. Access to these files (display/download) is based on security rules and uses the following server actions:
It all works perfectly. In Project1, files are available only to those users who have access to them. Without access, you will not be able to view/download the file.
I have a Project2 that should give users access to the Project1 files. I cannot use the File Download component directly in Project2, because the files are not publicly available. That's why I use the API Action component:
I get access to the right file as the task requires. However, this file is transmitted via the API not as a binary file, but as text, as I indicated in the first post.
I also tried using a File Download component that would use the API Action response as a source. However, nothing came of it:
I also assume that I will have problems when uploading files via API. I.e., I will not be able to use the Wappler to make it so that the user can upload a file from Project2 to Project1 using the API Action component on the server side (to achieve security mode). But in the community I have seen a solution that can help with this:
Although I haven't tried this solution yet, I think it will help me in the task of uploading files using the API from Project2 to Project1.
So, how can I solve the problem of getting non-public files from Project1 to users from Project2?
You can take a reference from the File Upload Action, and build out a File Download Action custom module.
Create a API in project1 which allows secure file download using Wappler’s download component. Security could be based on some predefined key or some DB-based token system.
In project2, use the Download Action to call the project1 API with an Absolute URL and secure tokens/keys.
The API will return a file, which you custom module can download and save to a defined path.
Before making a custom component, I decided to try to recreate your instructions based on standard components. However, I was unable to get this algorithm to work.
That's what I was doing.
For the test in Project1, I made a very simple API that uses a standard download component (I specify a static path in it):
If I call this API in the browser, it works correctly and the file is downloaded.
For the test in Project2, I also made a very simple API that uses a standard download component (I use an absolute path that points to the API of Project1):
Wappler's API Action does not support File Downloads, as you have discovered.
Wappler's File download does not support files from a remote URL.. only local file path can be passed here.
Which is why I suggested you to create a custom module which would support downloading a file from remote URL and then storing it in local server, or returning the file itself as output.
