Policy for Upload

Hi. Is it possible to add policy for uploading a file? Example i have book content type and user. a user is related to a certain book. If i want to change the image of the book, i want only the user related to the book can change that. Right now any user can change the image of the book as long as the user is authenticated.

Hi, I hope this helps:

Hi. thank you. but this only scopes with content type. for uploads anyone can upload as long as the user is authenticated.

is there a way to create custom route for upload.

I will be able to watch it in the evening or tomorrow morning, I remember for sure that only the owners could upload photos to the gallery on my project.

can you share me the code you used?

im doing ‘post’ and endpoint is api/upload/ . then on body im using appending to FormData() like refId,field, ref and files

thank you

Sorry I can not provide the code, as it turns out I no longer have access to this project.

I myself puzzle over how it was done.
Most likely a custom plugin was written.

I finally did it!

Strapi 3.6.8 (node v14.16.0)

go to node_modules/strapi-plugin-upload/config
here you need to copy routes.json file
this file put to extensions/upload/config

Specify the policy in the required route in this file
create this policy in extensions/upload/config/policies