I’ve been getting user complaints since our upgrade to v1.8.0.beta1 +3 last week, so this seems to be due to a recent change (sorry we don’t have an older environment for me verify).
We are an environment that requires all users to be logged in via SSO to be able to interact with our forum.
Before the upgrade, a user could click on a link to a file in their email (either from a digest for mailing list mode) and download the associated file. It appears this could happen even if they weren’t logged into Discourse.
After the upgrade, when a user clicks on a link to a file from their email and they haven’t logged in, they get a 404 error.
What were getting is regular complaints from users that the links we’re sending via email are broken because they don’t know that they need to log in FIRST and then click on the link.
While I’m in favor of not allowing them to view the file until they log in, it is confusing to them that it generates a 404 error. I think that a 401 or a 403 with the prompt to log-in via SSO would be more appropriate.