coop-cloud-chaos-patchs/outline
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix: Put public and private uploads in separate folders to allow for restrictive AWS policies

Browse Source 
closes #1581
This commit is contained in:
Tom Moor
2020-10-21 21:00:40 -07:00
parent a9c05adc3c
commit dba5dd14e7
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/api/attachments.js
View File

@ -27,13 +27,15 @@ router.post("attachments.create", auth(), async (ctx) => {
const { user } = ctx.state; const { user } = ctx.state;
const s3Key = uuid.v4(); const s3Key = uuid.v4();
const key = `uploads/${user.id}/${s3Key}/${name}`;
const acl = const acl =
ctx.body.public === undefined ctx.body.public === undefined
? AWS_S3_ACL ? AWS_S3_ACL
: ctx.body.public : ctx.body.public
? "public-read" ? "public-read"
: "private"; : "private";
const bucket = acl === "public-read" ? "public" : "uploads";
const key = `${bucket}/${user.id}/${s3Key}/${name}`;
const credential = makeCredential(); const credential = makeCredential();
const longDate = format(new Date(), "YYYYMMDDTHHmmss\\Z"); const longDate = format(new Date(), "YYYYMMDDTHHmmss\\Z");
const policy = makePolicy(credential, longDate, acl); const policy = makePolicy(credential, longDate, acl);