FIX: Ensure CORS rules exist for S3 using rake task (#14802)

This commit introduces a new s3:ensure_cors_rules rake task that is run as a prerequisite to s3:upload_assets. This rake task calls out to the S3CorsRulesets class to ensure that the 3 relevant sets of CORS rules are applied, depending on site settings: * assets * direct S3 backups * direct S3 uploads This works for both Global S3 settings and Database S3 settings (the latter set directly via SiteSetting). As it is, only one rule can be applied, which is generally the assets rule as it is called first. This commit changes the ensure_cors! method to be able to apply new rules as well as the existing ones. This commit also slightly changes the existing rules to cover direct S3 uploads via uppy, especially multipart, which requires some more headers.
2025-02-25 18:55:32 -06:00 · 2021-11-08 09:16:38 +10:00
parent 18dc2c5040
commit 9a72a0945f
9 changed files with 434 additions and 80 deletions
--- a/app/controllers/uploads_controller.rb
+++ b/app/controllers/uploads_controller.rb
@@ -224,22 +224,15 @@ class UploadsController < ApplicationController
      )
    end

-    metadata = parse_allowed_metadata(params[:metadata])
-
-    url = Discourse.store.signed_url_for_temporary_upload(
-      file_name, metadata: metadata
-    )
-    key = Discourse.store.path_from_url(url)
-
-    upload_stub = ExternalUploadStub.create!(
-      key: key,
-      created_by: current_user,
-      original_filename: file_name,
+    external_upload_data = ExternalUploadManager.create_direct_upload(
+      current_user: current_user,
+      file_name: file_name,
+      file_size: file_size,
      upload_type: type,
-      filesize: file_size
+      metadata: parse_allowed_metadata(params[:metadata])
    )

-    render json: { url: url, key: key, unique_identifier: upload_stub.unique_identifier }
+    render json: external_upload_data
  end

  def complete_external_upload
@@ -307,7 +300,6 @@ class UploadsController < ApplicationController
    file_name = params.require(:file_name)
    file_size = params.require(:file_size).to_i
    upload_type = params.require(:upload_type)
-    content_type = MiniMime.lookup_by_filename(file_name)&.content_type

    if file_size_too_big?(file_name, file_size)
      return render_json_error(
@@ -316,11 +308,13 @@ class UploadsController < ApplicationController
      )
    end

-    metadata = parse_allowed_metadata(params[:metadata])
-
    begin
-      multipart_upload = Discourse.store.create_multipart(
-        file_name, content_type, metadata: metadata
+      external_upload_data = ExternalUploadManager.create_direct_multipart_upload(
+        current_user: current_user,
+        file_name: file_name,
+        file_size: file_size,
+        upload_type: upload_type,
+        metadata: parse_allowed_metadata(params[:metadata])
      )
    rescue Aws::S3::Errors::ServiceError => err
      return render_json_error(
@@ -329,21 +323,7 @@ class UploadsController < ApplicationController
      )
    end

-    upload_stub = ExternalUploadStub.create!(
-      key: multipart_upload[:key],
-      created_by: current_user,
-      original_filename: file_name,
-      upload_type: upload_type,
-      external_upload_identifier: multipart_upload[:upload_id],
-      multipart: true,
-      filesize: file_size
-    )
-
-    render json: {
-      external_upload_identifier: upload_stub.external_upload_identifier,
-      key: upload_stub.key,
-      unique_identifier: upload_stub.unique_identifier
-    }
+    render json: external_upload_data
  end

  def batch_presign_multipart_parts