FIX: Do not attempt S3 ACL call if secure status did not change (#24785)

When rebaking and in various other places for posts, we run through the uploads and call `update_secure_status` on each of them. However, if the secure status didn't change, we were still calling S3 to change the ACL, which would have been a noop in many cases and takes ~1 second per call, slowing things down a lot. Also, we didn't account for the s3_acls_enabled site setting being false here, and in the specs doing an assertion that `Discourse.store.update_ACL` is not called doesn't work; `Discourse.store` isn't a singleton, it re-initializes `FileStore::S3Store.new` every single time.
2025-02-25 18:55:32 -06:00 · 2023-12-08 12:58:45 +10:00
parent d5fe9b4f8c
commit d9a422cf61
3 changed files with 18 additions and 2 deletions
--- a/app/models/upload.rb
+++ b/app/models/upload.rb
@@ -470,7 +470,7 @@ class Upload < ActiveRecord::Base
    secure_status_did_change = self.secure? != mark_secure
    self.update(secure_params(mark_secure, reason, source))

-    if Discourse.store.external?
+    if secure_status_did_change && SiteSetting.s3_use_acls && Discourse.store.external?
      begin
        Discourse.store.update_upload_ACL(self)
      rescue Aws::S3::Errors::NotImplemented => err