File Document when change guid it opens other user files.
Hi, Mendix I have used Download file document activity with show file in browser option. After open the file in browser in url when I change guid it opens other user files. If I use delete after download as true it works but when user refreshes the browser, file document not found. “http://localhost:8080/file?guid=16325548649220949&changedDate=1694604285395&name=filedocument.pdf&target=window” I want the sollution like restrict the user not to change the guid. If user changes the guid it opens previous downloaded files.
I’m pretty sure you’ll have to restrict access using XPath constrains in the domain model security. Make sure that only that users only have access to their own documents by adding an XPath constraint with a path to the user from the FileDocument entity.
Marius van der Knaap