adamnet's avatar

How to access a private folder (Storage app/private/documents) from another Laravel project

I have two projects. In project 1 users can upload documents in a private storage folder named documents.

In a project 2 another group of users must have access to the these documents which have been created in project 1. Is this possible and how? Any help will be much appreciated.

0 likes
8 replies
imranbru's avatar

If both projects are on the same server, the quickest way is a symbolic link.

ln -s /path/to/project-1/storage/app/private/documents /path/to/project-2/storage/app/private/project1_docs

However, if you're looking for the "correct" architectural way or if these projects might move to different servers, you have two main options:

You can do this one

Move the files to an S3 bucket or DigitalOcean Space. Both projects can then use the s3 driver in config/filesystems.php to point to the same bucket. It handles permissions and scaling without you worrying about physical paths.

or do via API Proxy

If Project 1 must remain the "owner" of the files, create a secured endpoint in Project 1 that streams the file:

// Project 1 - Controller
public function show(Document $doc) {
    // Validate Project 2's request/token
    return Storage::disk('private')->download($doc->path);
}

Then, in Project 2, you'd use Http::withToken(...)->get() to fetch or stream it to the user.

1 like
adamnet's avatar

Hello imranbru. Thank you for answering. To give you a somehow better picture of the situation: In project 1users will be able to only submit (post) pdf documents. Maybe in the future I must give them the possibility to display/delete their own documents. In project 2 the administrators must be able to see all the pdf documents which have been submitted up to now and also must be able to download or display them (inline) or even delete per their choice one or some of them. I do not want for some reasons to go to third party solutions like Amazon S3 Bucket or Digital Ocean. Can you think of any solution?

imranbru's avatar

In Project 1 (The Storage Owner)

Create a protected controller that handles the file logic. Use a custom middleware or a simple API token to ensure only Project 2 can hit these endpoints.

// routes/api.php
Route::prefix('internal-docs')->group(function () {
    Route::get('/', [DocumentController::class, 'index']);      // List files
    Route::get('/{name}', [DocumentController::class, 'show']); // Stream/Download
    Route::delete('/{name}', [DocumentController::class, 'destroy']); // Delete
});

// DocumentController.php
public function show($name) {
    if (!Storage::disk('private')->exists("documents/{$name}")) abort(404);
    
    return Storage::disk('private')->response("documents/{$name}");
}

public function destroy($name) {
    Storage::disk('private')->delete("documents/{$name}");
    return response()->json(['message' => 'Deleted']);
}

Project 2 (The Admin Project)

You don't need the physical files. You just need to "proxy" the requests. When an admin wants to see a PDF, Project 2 fetches it from Project 1 and serves it to the admin's browser.

// Project 2 Controller
public function proxyView($fileName) {
    $response = Http::withToken('your-secret-token')
        ->get("https://project1.test/api/internal-docs/{$fileName}");

    return response($response->body(), 200, [
        'Content-Type' => 'application/pdf',
        'Content-Disposition' => 'inline; filename="'.$fileName.'"'
    ]);
}
martinbean's avatar

In project 1users will be able to only submit (post) pdf documents. […] In project 2 the administrators must be able to see all the pdf documents

@adamnet Why are these two different projects in the first place? They’re clearly the same project, just with users with different roles.

Also, @imranbru is just regurgitating an LLM response to you, so you’re essentially chatting with a bot.

imranbru's avatar

@martinbean Ouch! Not a bot, I just like formatting my answers clearly with markdown and code snippets. But I actually agree with your primary point @adamnet, Martin is right that handling this via roles/permissions in a single project is usually the standard Laravel way to handle this, unless there is a strict hardware/business reason forcing them to live on completely different servers.

adamnet's avatar

Hello martinbean

Yes the two projects must be only one project and users will have access to the files according to their roles. You are absolutely right. Thst's the way it should be right fom the very beginning. In reality project 1 (documents submission) was designed alone and started operating a few months ago. Project 2 was something newer which was targeting some newer challenges. Then it came out as a question if a user/manager in project 2 among others could possibly manage the documents that had been uploaded through project 1. Now I realize that this is not possible. Maybe would it be possible to import all the documents from the private storage of project 1 into project 2? Do you have some opinion on this?

martinbean's avatar

@imranbru Wasn’t calling you a bot; just that you were giving OP answers copied from an LLM so it was like OP was chatting with a bot. It’s clear from your comments which ones are written by you (inconsistent formatting and grammar) and which one’s have been sourced from an LLM (suddenly perfect formatting and grammar).

If OP wanted answers from an LLM then they could ask Lary, or something like ChatGPT, themselves instead of waiting for you to do and then copy-and-paste the response.

martinbean's avatar

@adamnet It’s all going to depend on how the projects are hosted, and where the stored files actually live (i.e. on disk, or in some third party store like S3).

If the files are stored on disk, and both projects are hosted on the same server, then you could create a symbolic link so both applications can access the files. If the applications are stored on separate servers with separate file systems, then this obviously becomes much, much more difficult.

Please or to participate in this conversation.