Allow access to files and containers for specific users only

[haexhub]

Hi everyone.

I'm evaluating conduit at the moment and I would like to know, if and how it is possible to limit container and file access through the storage api to specific users. What I would like to achieve is, to create a container per user, so only this user can access his files in this container. With supabase this is pretty straight forward with setting RLS policies, but here I can't find anything like that. Could someone shine a light on this for me please?

[kkopanidis]

Greetings @haexhub, Containers are similar to buckets (in S3 and Google Storage) and Containers in Azure Storage. They are not folders and are not intended to contain a specific user's data. Most of the times you would have different containers for different parts of the application maybe, since containers can have different settings applied to them from the cloud providers.

Folders are supported though, but currently don't have authorization controls implemented on them. What we do have though, is file-level access controls but only on the 0.16 version. Where once enabled through the storage module's config, every created file is owned by the user that uploaded it, and can be read only by them if the file is not public, or by users that the creator gives access to. If the file is public, it can be modified only by the creator but it can be read by anyone.

Let me know if this clears things up a bit. If you have more suggestions on features etc, please feel free open a feature request!