Modules are currently not able to add to “User data” so modules like, VTTA Tokenizer and VTTA dndbeyond intergretion fail. Because they try to add pictures to a folder. And it doesn’t quite work with the Assets plugin, because it assumes it’s in “Data”.
I have part of the solution already implemented there. If someone tries to access a file that it can’t find, the backend will auto redirect it to the same path in the assets library of the game owner if such an asset exists (so trying to read
worlds/<world>/uploads/avatar.png will redirect to the full asset url instead if that file doesn’t exist in the world directory)
Now I have 2 choices :
- let the files be uploaded to the game data folder and just be served normally. This has the disadvantage of making world exports bigger as they’d contain those thumbnails and avatars, etc… and the files won’t be fetched from your local region servers, making them slower to load
- On upload, auto-upload the file to the assets library instead, and when a module tries to access the file, auto-redirect to the assets library, all transparently. This has the advantage of freeing up the data quota, keeping world exports small and having the assets regionalized, but it adds a cost in trying to read the file from the local folder then getting a “file not found” before having to browse the assets library to find it before redirecting to it. So there’s an added latency in exchange for faster download speed.
Disadvantage of using the upload to auto-upload to the assets library is that it would potentially allow anyone with access to the game to upload stuff to the game owner’s assets library even if they aren’t the owner, which could be used to force fill up a user’s quota by malicious players
I could check for the ‘trusted player’ option but I don’t have access to the mapping from a logged in user to the player inside FVTT. Not until I add advanced user management and even in that case, it won’t be for everyone.
I think I’ll add an option in the game setup page for “Allow invited players to upload to my assets library (for use by modules only)”
I’ll always allow the owner to transparently upload to their assets library when they try to upload to the world data, and auto-resolve it as well, but if a user tries, they need to be logged in, have been invited, and the option to be enabled in the table settings.
So, this hasn’t been an issue anymore since the upload API is used by everyone now, so I think we’re good to closing this now.