Using a similar path as found here, it is possible to hide a file with a specific file extension for users that are not staff?
In our install we frequently have customers upload backups which could include private information that we would like to auto-hide for non admin users. I was thinking something like this would work but I would have to capture the .tar extension?
I would love a second opinion.
Why don’t you ask your customers to uploads the backups in a PM to staff? Then, only them and the staff will be able to see the files.
This is actually how we are doing it now which does work however many customers frequently forget which then requires us to manually move them over or hide them in a staff whisper. In a perfect world this would work however we frequently have staff forget to do this which leads to a liability risk on our end.
At the risk of featureitis, would it be a useful thing to have another site setting allowed extensions in PMs? We could make it impossible for them to upload these files to public topics.