I'm working out on a mutiple options to tweak the uploaded file logic for users from marketing team (non-cms) to be able to access it without providing them CMS access.
To access the form uploaded link from email, users either need CMS to access the uploaded file. the file is being accessed from contentassets/xyz/uploadedfiles/abc.jpg (for instance) which is form behaviour. As there are many users in marketing team, so we don't want to give them CMS access just for this to access the uploaded file. Is there a way to whitelist our IP's for contentassets folder ? so our users can only access it.
otherwise I'll need a custom solution that allows the uploaded link being accessed from globalassets, public users are also able to access it which isn't a preferred solution, we don't want to expose the uploaded link to public users. so i tried to whitelist our IP address for users to be able to access it only by us. but that doesn't worked for me.
I tried another custom solution to send uploaded link as email attachments instead, the code i use from other forum seems to be an issue in this link (model is coming as null value) https://www.vegaitsourcing.co.uk/media-center/blog/how-to-send-an-email-with-attachments-using-episerver-formsany quick help on this would really save me. much appreciated if you could help me on this.
I'm using Epi forms version 184.108.40.206
Epi DXC version 220.127.116.11
You can define a visitor group that targets an IP range using the visitor group criteria pack:
You can then use the visitor group to set access rights for the users who should be able to access the upload. If you don't want the IPs to be editable in the UI then you can build a virtual role instead of a visitor group: https://world.episerver.com/documentation/developer-guides/CMS/security/Virtual-roles/
Alternate (untested) approach: use Epi Forms ability to submit to a webhook combined with a tool like Zapier or IFTTT or Logic Apps to copy the file to Dropbox or Google Drive or somewhere else that the marketing team can access.
Caveat: I haven't tested it with the file upload element to confirm if the file itself gets passed to the webhook.