From dfcc041e26d774c64331fccd9c506cbc279cdb0d Mon Sep 17 00:00:00 2001 From: Mark Kuiphuis Date: Wed, 6 May 2020 16:32:12 +1000 Subject: [PATCH 1/3] Allow the ACL (Access Control List) to be set via a property instead of hardcoded in the script. --- Classes/S3Target.php | 11 +++++++++-- Configuration/Settings.yaml | 4 ++++ 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/Classes/S3Target.php b/Classes/S3Target.php index 8ae9ee2..7be0b32 100644 --- a/Classes/S3Target.php +++ b/Classes/S3Target.php @@ -23,6 +23,13 @@ */ class S3Target implements TargetInterface { + /** + * The ACL when uploading a file + * @Flow\InjectConfiguration(package="Flownative.Aws.S3", path="profiles.default.acl") + * @var string + */ + protected $acl; + /** * Name which identifies this resource target * @@ -208,7 +215,7 @@ public function publishCollection(CollectionInterface $collection, callable $cal unset($potentiallyObsoleteObjects[$objectName]); } else { $options = array( - 'ACL' => 'public-read', + 'ACL' => $this->acl, 'Bucket' => $this->bucketName, 'CopySource' => urlencode($storageBucketName . '/' . $storage->getKeyPrefix() . $object->getSha1()), 'ContentType' => $object->getMediaType(), @@ -277,7 +284,7 @@ public function publishResource(PersistentResource $resource, CollectionInterfac $sourceObjectArn = $storage->getBucketName() . '/' . $storage->getKeyPrefix() . $resource->getSha1(); $objectName = $this->keyPrefix . $this->getRelativePublicationPathAndFilename($resource); $options = array( - 'ACL' => 'public-read', + 'ACL' => $this->acl, 'Bucket' => $this->bucketName, 'CopySource' => urlencode($sourceObjectArn), 'ContentType'=> $resource->getMediaType(), diff --git a/Configuration/Settings.yaml b/Configuration/Settings.yaml index 9698462..915e9e5 100644 --- a/Configuration/Settings.yaml +++ b/Configuration/Settings.yaml @@ -6,6 +6,10 @@ Flownative: # For more documentation regarding options, see http://docs.aws.amazon.com/aws-sdk-php/v2/guide/configuration.html#client-configuration-options default: + # Access Control List. Override in your own Settings.yaml with '' to not provide public read access to an object in S3 + # To access these objects use SignedCookie or SignedURL method in combination with AWS CloudFront + acl: 'public-read' + # Select the API version to use version: '2006-03-01' From 52d6bd4bd587e49f8efa36326be788e8b87820c4 Mon Sep 17 00:00:00 2001 From: Mark Kuiphuis Date: Wed, 16 Dec 2020 10:30:16 +1100 Subject: [PATCH 2/3] Update requirements to include Flow 7 Initial test --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 323528e..1db2a3b 100644 --- a/composer.json +++ b/composer.json @@ -14,7 +14,7 @@ "MIT" ], "require": { - "neos/flow": "^5.0 || ^6.0", + "neos/flow": "^5.0 || ^6.0 || ^7.0", "aws/aws-sdk-php": "~3.0" }, "autoload": { From 3a0637666a13ffa5f07511209f383859583162fd Mon Sep 17 00:00:00 2001 From: Mark Kuiphuis Date: Thu, 17 Dec 2020 09:37:17 +1100 Subject: [PATCH 3/3] Removal of deprecated functions getMd5() and setMd5() --- Classes/S3Storage.php | 14 +++++++------- Classes/S3Target.php | 12 ++++++------ 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/Classes/S3Storage.php b/Classes/S3Storage.php index 432dac8..fa938da 100644 --- a/Classes/S3Storage.php +++ b/Classes/S3Storage.php @@ -203,7 +203,7 @@ public function importResource($source, $collectionName) public function importResourceFromContent($content, $collectionName) { $sha1Hash = sha1($content); - $md5Hash = md5($content); + //$md5Hash = md5($content); $filename = $sha1Hash; $resource = new PersistentResource(); @@ -211,7 +211,7 @@ public function importResourceFromContent($content, $collectionName) $resource->setFileSize(strlen($content)); $resource->setCollectionName($collectionName); $resource->setSha1($sha1Hash); - $resource->setMd5($md5Hash); + //$resource->setMd5($md5Hash); $this->s3Client->putObject(array( 'Bucket' => $this->bucketName, @@ -253,14 +253,14 @@ public function importUploadedResource(array $uploadInfo, $collectionName) } $sha1Hash = sha1_file($newSourcePathAndFilename); - $md5Hash = md5_file($newSourcePathAndFilename); + //$md5Hash = md5_file($newSourcePathAndFilename); $resource = new PersistentResource(); $resource->setFilename($originalFilename); $resource->setCollectionName($collectionName); $resource->setFileSize(filesize($newSourcePathAndFilename)); $resource->setSha1($sha1Hash); - $resource->setMd5($md5Hash); + //$resource->setMd5($md5Hash); $this->s3Client->putObject(array( 'Bucket' => $this->bucketName, @@ -388,14 +388,14 @@ public function getObjectsByCollection(CollectionInterface $collection) protected function importTemporaryFile($temporaryPathAndFilename, $collectionName) { $sha1Hash = sha1_file($temporaryPathAndFilename); - $md5Hash = md5_file($temporaryPathAndFilename); + //$md5Hash = md5_file($temporaryPathAndFilename); $objectName = $this->keyPrefix . $sha1Hash; $resource = new PersistentResource(); $resource->setFileSize(filesize($temporaryPathAndFilename)); $resource->setCollectionName($collectionName); $resource->setSha1($sha1Hash); - $resource->setMd5($md5Hash); + //$resource->setMd5($md5Hash); try { $this->s3Client->headObject([ @@ -418,7 +418,7 @@ protected function importTemporaryFile($temporaryPathAndFilename, $collectionNam 'ContentType' => $resource->getMediaType(), 'Key' => $objectName ]); - $this->systemLogger->info(sprintf('Successfully imported resource as object "%s" into bucket "%s" with MD5 hash "%s"', $objectName, $this->bucketName, $resource->getMd5() ?: 'unknown')); + $this->systemLogger->info(sprintf('Successfully imported resource as object "%s" into bucket "%s" with SHA1 hash "%s"', $objectName, $this->bucketName, $resource->getSha1() ?: 'unknown')); } else { $this->systemLogger->info(sprintf('Did not import resource as object "%s" into bucket "%s" because that object already existed.', $objectName, $this->bucketName)); } diff --git a/Classes/S3Target.php b/Classes/S3Target.php index 7be0b32..d6613b6 100644 --- a/Classes/S3Target.php +++ b/Classes/S3Target.php @@ -211,7 +211,7 @@ public function publishCollection(CollectionInterface $collection, callable $cal /** @var \Neos\Flow\ResourceManagement\Storage\StorageObject $object */ $objectName = $this->keyPrefix . $this->getRelativePublicationPathAndFilename($object); if (array_key_exists($objectName, $potentiallyObsoleteObjects)) { - $this->systemLogger->debug(sprintf('The resource object "%s" (MD5: %s) has already been published to bucket "%s", no need to re-publish', $objectName, $object->getMd5() ?: 'unknown', $this->bucketName)); + $this->systemLogger->debug(sprintf('The resource object "%s" (SHA1: %s) has already been published to bucket "%s", no need to re-publish', $objectName, $object->getSha1() ?: 'unknown', $this->bucketName)); unset($potentiallyObsoleteObjects[$objectName]); } else { $options = array( @@ -224,7 +224,7 @@ public function publishCollection(CollectionInterface $collection, callable $cal ); try { $this->s3Client->copyObject($options); - $this->systemLogger->debug(sprintf('Successfully copied resource as object "%s" (MD5: %s) from bucket "%s" to bucket "%s"', $objectName, $object->getMd5() ?: 'unknown', $storageBucketName, $this->bucketName)); + $this->systemLogger->debug(sprintf('Successfully copied resource as object "%s" (SHA1: %s) from bucket "%s" to bucket "%s"', $objectName, $object->getSha1() ?: 'unknown', $storageBucketName, $this->bucketName)); } catch (S3Exception $e) { $message = sprintf('Could not copy resource with SHA1 hash %s of collection %s from bucket %s to %s: %s', $object->getSha1(), $collection->getName(), $storageBucketName, $this->bucketName, $e->getMessage()); $this->systemLogger->critical($e); @@ -292,7 +292,7 @@ public function publishResource(PersistentResource $resource, CollectionInterfac 'Key' => $objectName ); $this->s3Client->copyObject($options); - $this->systemLogger->debug(sprintf('Successfully published resource as object "%s" (MD5: %s) by copying from bucket "%s" to bucket "%s"', $objectName, $resource->getMd5() ?: 'unknown', $storage->getBucketName(), $this->bucketName)); + $this->systemLogger->debug(sprintf('Successfully published resource as object "%s" (SHA1: %s) by copying from bucket "%s" to bucket "%s"', $objectName, $resource->getSha1() ?: 'unknown', $storage->getBucketName(), $this->bucketName)); } catch (S3Exception $e) { $message = sprintf('Could not publish resource with SHA1 hash %s of collection %s (source object: %s) through "CopyObject" because the S3 client reported an error: %s', $resource->getSha1(), $collection->getName(), $sourceObjectArn, $e->getMessage()); $this->systemLogger->critical($e); @@ -323,7 +323,7 @@ public function unpublishResource(PersistentResource $resource) 'Bucket' => $this->bucketName, 'Key' => $objectName )); - $this->systemLogger->debug(sprintf('Successfully unpublished resource as object "%s" (MD5: %s) from bucket "%s"', $objectName, $resource->getMd5() ?: 'unknown', $this->bucketName)); + $this->systemLogger->debug(sprintf('Successfully unpublished resource as object "%s" (SHA1: %s) from bucket "%s"', $objectName, $resource->getSha1() ?: 'unknown', $this->bucketName)); } catch (\Exception $e) { } } @@ -375,9 +375,9 @@ protected function publishFile($sourceStream, $relativeTargetPathAndFilename, Re try { $this->s3Client->upload($this->bucketName, $objectName, $sourceStream, 'public-read', $options); - $this->systemLogger->debug(sprintf('Successfully published resource as object "%s" in bucket "%s" with MD5 hash "%s"', $objectName, $this->bucketName, $metaData->getMd5() ?: 'unknown')); + $this->systemLogger->debug(sprintf('Successfully published resource as object "%s" in bucket "%s" with SHA1 hash "%s"', $objectName, $this->bucketName, $metaData->getSha1() ?: 'unknown')); } catch (\Exception $e) { - $this->systemLogger->debug(sprintf('Failed publishing resource as object "%s" in bucket "%s" with MD5 hash "%s": %s', $objectName, $this->bucketName, $metaData->getMd5() ?: 'unknown', $e->getMessage())); + $this->systemLogger->debug(sprintf('Failed publishing resource as object "%s" in bucket "%s" with SHA1 hash "%s": %s', $objectName, $this->bucketName, $metaData->getSha1() ?: 'unknown', $e->getMessage())); if (is_resource($sourceStream)) { fclose($sourceStream); }