- Login as a user, e.g: user1
- Create a portfolio by going to https://app.mavenlink.com/users/1234567-user1/work_samples/new
note: replace 1234567-user1 with the actual user id/name endpoint.
- Uploading any file to the new portfolio and click save. On the right side of profile info, you will see the created portfolio with attached file,
- Click on the file, notic the link is https://app.mavenlink.com/attachments/xxxxxxxx Where xxxxxxxx is the file ID in 8 number lenght.
- Copy the file link and open it in other browser with different login user, e.g: user2, you will see the file is accessible.
- On user1, delete the file/portfolio.
- The link is still accessible,
This is my uploaded portfolio file: https://app.mavenlink.com/attachments/79279255 (I've delete all the portfolio on the web interface),
- Provide mechanism to check if the uploaded file link is associated with coresponding account.
- Delete the uploaded file (in AWS?) with portfolio as user desired.
As user profile and portfolio (with files) can only seen if the user is in the same team/group, otherwise the information should be private, as going throgh any profile link (https://app.mavenlink.com/profiles/[user-id]) getting "Private Profile" message