Restricted file downloads

[pozylon]

Currently unchained does not restrict access to a file, so once you get the URL of a media uploaded, that stays permanent and is only restricted by webserver rules.

I suggest extending this:

• When creating media upload tickets, allow to set it as a "private" file, signaling the file plugin to generate temporary download url's and not persistent ones
• Add "action.downloadFile" and wire it with the Media.url field resolver. By default it just checks for the file to be public and returns true, else it checks if the file has been uploaded by logged in user.
• Extend Media.url field resolver to generate a signed url through the file plugin when a file is "private"
• When accessing the url of a "Media" and the file is "private", generate a signature guarded url that expires based on fileSettings.privateFileSharingMaxAge o.e.
• Extend gridfs webhook to check if the file is public or if the provided signature works and the shared url is not expired.

The end goal is that one can overwrite the permission "action.downloadFile" and make it dependent on context: It can be extended for any use case, for ex. completely lock it down and reject download access even for the uploader for form submission files for example.

[pozylon]

@Mikearaya can you check this concept and tell me what you think?