Person A is allowed to see picture 2, but not picture 3. But now he just has to change the path and he has access to every picture in the folder.
Is there any good solution to prevent this? We searched for a few:
- copy the image to a local directory, and display that one (but then we have to clean that directory up and ... )
- we can set security groups on each image but here they change very fast so not really an option
- img alt="" SRC="//SASStoredProcess/do?_program=CheckIfAccessIsOK&pictureNr=2 " (dont know of such a thing is possible). We can see to which product this picture belongs, and we have a list who is allowed to see which product.
so my main question is: how to show the picture without really giving the possibility to the user of seeing where this picture is stored so he can not access all other pictures