From a92f61e926e513654cc257bd6f7f70abfaa9a2ca Mon Sep 17 00:00:00 2001
From: Sam <sam.saffron@gmail.com>
Date: Wed, 22 Nov 2017 10:50:55 +1100
Subject: [PATCH] FIX: allow login required sites access to attachements

---
 app/controllers/uploads_controller.rb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb
index 2869beaf123..65aa5e2b9ff 100644
--- a/app/controllers/uploads_controller.rb
+++ b/app/controllers/uploads_controller.rb
@@ -52,7 +52,6 @@ class UploadsController < ApplicationController
     RailsMultisite::ConnectionManagement.with_connection(params[:site]) do |db|
       return render_404 unless Discourse.store.internal?
       return render_404 if SiteSetting.prevent_anons_from_downloading_files && current_user.nil?
-      return render_404 if SiteSetting.login_required? && db == "default" && current_user.nil?
 
       if upload = Upload.find_by(sha1: params[:sha]) || Upload.find_by(id: params[:id], url: request.env["PATH_INFO"])
         opts = {