MM-9698 Fixing Minio with server side encryption. (#8367)

* Fixig Minio with server side encryption. * Add png file backend test
2025-02-25 18:55:24 -06:00 · 2018-02-26 06:45:35 -08:00
parent f0f4f68def
commit ae1acbda49
2 changed files with 40 additions and 8 deletions
--- a/utils/file_backend_s3.go
+++ b/utils/file_backend_s3.go
@@ -138,16 +138,14 @@ func (b *S3FileBackend) WriteFile(f []byte, path string) *model.AppError {
 		return model.NewAppError("WriteFile", "api.file.write_file.s3.app_error", nil, err.Error(), http.StatusInternalServerError)
 	}

-	options := s3.PutObjectOptions{}
-	if b.encrypt {
-		options.UserMetadata["x-amz-server-side-encryption"] = "AES256"
+	var contentType string
+	if ext := filepath.Ext(path); model.IsFileExtImage(ext) {
+		contentType = model.GetImageMimeType(ext)
+	} else {
+		contentType = "binary/octet-stream"
 	}

-	if ext := filepath.Ext(path); model.IsFileExtImage(ext) {
-		options.ContentType = model.GetImageMimeType(ext)
-	} else {
-		options.ContentType = "binary/octet-stream"
-	}
+	options := s3PutOptions(b.encrypt, contentType)

 	if _, err = s3Clnt.PutObject(b.bucket, path, bytes.NewReader(f), -1, options); err != nil {
 		return model.NewAppError("WriteFile", "api.file.write_file.s3.app_error", nil, err.Error(), http.StatusInternalServerError)
@@ -230,6 +228,17 @@ func (b *S3FileBackend) RemoveDirectory(path string) *model.AppError {
 	return nil
 }

+func s3PutOptions(encrypt bool, contentType string) s3.PutObjectOptions {
+	options := s3.PutObjectOptions{}
+	if encrypt {
+		options.UserMetadata = make(map[string]string)
+		options.UserMetadata["x-amz-server-side-encryption"] = "AES256"
+	}
+	options.ContentType = contentType
+
+	return options
+}
+
 func s3CopyMetadata(encrypt bool) map[string]string {
 	metaData := make(map[string]string)
 	metaData["x-amz-server-side-encryption"] = "AES256"
--- a/utils/file_backend_test.go
+++ b/utils/file_backend_test.go
@@ -36,6 +36,14 @@ func TestLocalFileBackendTestSuite(t *testing.T) {
 }

 func TestS3FileBackendTestSuite(t *testing.T) {
+	runBackendTest(t, false)
+}
+
+func TestS3FileBackendTestSuiteWithEncryption(t *testing.T) {
+	runBackendTest(t, true)
+}
+
+func runBackendTest(t *testing.T, encrypt bool) {
 	s3Host := os.Getenv("CI_HOST")
 	if s3Host == "" {
 		s3Host = "dockerhost"
@@ -56,6 +64,7 @@ func TestS3FileBackendTestSuite(t *testing.T) {
 			AmazonS3Bucket:          model.MINIO_BUCKET,
 			AmazonS3Endpoint:        s3Endpoint,
 			AmazonS3SSL:             model.NewBool(false),
+			AmazonS3SSE:             model.NewBool(encrypt),
 		},
 	})
 }
@@ -86,6 +95,20 @@ func (s *FileBackendTestSuite) TestReadWriteFile() {
 	s.EqualValues(readString, "test")
 }

+func (s *FileBackendTestSuite) TestReadWriteFileImage() {
+	b := []byte("testimage")
+	path := "tests/" + model.NewId() + ".png"
+
+	s.Nil(s.backend.WriteFile(b, path))
+	defer s.backend.RemoveFile(path)
+
+	read, err := s.backend.ReadFile(path)
+	s.Nil(err)
+
+	readString := string(read)
+	s.EqualValues(readString, "testimage")
+}
+
 func (s *FileBackendTestSuite) TestCopyFile() {
 	b := []byte("test")
 	path1 := "tests/" + model.NewId()