Access to attached files – Attachments
-
Hi,
When a user A sends a file to user B, the file can be accessed…
– here :
https://mysite.com/messages/?fepaction=download&fep_id=X&fep_parent_id=Y (download it)
– and here :
https://mysite.com/messages/?fepaction=view-download&fep_id=X&fep_parent_id=Y (displays it in the browser)Then…
IF
(Case #1) A deletes the message with the file :
– A can not access to the file anymore
– B can still access to the file
– The file is still in this folder : https://mysite.com/wp-admin/admin.php?page=fep-all-attachments
OR
(Case #2) B deletes the message with the file :
– B can not access to the file anymore
– A can still access to the file
– The file is still in this folder : https://mysite.com/wp-admin/admin.php?page=fep-all-attachments—-
(Case #3) IF A AND B delete the file :
– A and B can not access to the file anymore
– The file is no more in this folder : https://mysite.com/wp-admin/admin.php?page=fep-all-attachments—-
The problem is with the (Case #1) : If someone sends a file to someone else, then deletes the file, this file should not be accessible anymore by this someone else.
Moreover, if a user delete its WP account (or the account is deleted by Admin), then all the files sent by this user should not be accessible anymore (deleted).
—
=> The “owner” of the file should keep the control on its files.
I have considered “Settings” > “Privacy” menu and put “Erase” on all options, but that did not solve this issue.
I think it is a security matter, and may be related with GDPR rules, don’t you ?
How to manage that please (A to B relation, and Account deletion) ?
Best regards,
Law
- The topic ‘Access to attached files – Attachments’ is closed to new replies.
