Use signed url for local sync

[beastoin]

Summary by Entelligence.AI

• New Feature: Added enhanced security for file syncing operations. The system now generates temporal signed URLs with a 15-minute expiry time, improving the safety and integrity of data during transfer processes. This change ensures that only authorized entities can access the syncing files within the specified timeframe.

[github-actions]

Entelligence.AI

Walkthrough

This changeset introduces a more secure way of handling file syncing by generating temporal signed URLs. The sync.py router now uses the get_syncing_file_temporal_signed_url function from storage.py, which provides a URL that expires after 15 minutes, enhancing the security of file access.

Changes

File	Summary
backend/routers/sync.py	Updated to use get_syncing_file_temporal_signed_url for secure file syncing.
backend/utils/other/storage.py	Added get_syncing_file_temporal_signed_url function to generate signed URLs with a 15-minute expiry time.

🎉🤖

In the realm of code where data does dwell,

A change was made, and made quite well.

Now files sync with a safer trend,

With signed URLs that timely end.

So celebrate this code so bright,

For it brings us closer to the light. 🌟

---

Uplevel your code reviews with Entelligence.AI Pro

Entelligence.AI Pro

If you like this project, please support us by purchasing the Pro version. The Pro version has advanced context, superior noise reduction and several proprietary improvements compared to the open source version. Moreover, Entelligence.AI Pro is free for open source projects.

[github-actions]

Entelligence.AI

Commits

Files that changed from the base of the PR and between 3e53cf4 and ac05dc9 commits.

Files selected (2)

• backend/routers/sync.py (2)
• backend/utils/other/storage.py (1)

Review comments generated (4)

• Review: 1
• LGTM: 3

---

Tips

Chat with Entelligence.AI Bot (@Entelligence.AI)

• Reply on review comments left by this bot to ask follow-up questions. A review comment is a comment on a diff or a file.
• Invite the bot into a review comment chain by tagging @Entelligence.AI in a reply.

Code suggestions

• The bot may make code suggestions, but please review them carefully before committing since the line number ranges may be misaligned.
• You can edit the comment made by the bot and manually tweak the suggestion if it is slightly off.

Pausing incremental reviews

• Add @Entelligence.AI: ignore anywhere in the PR description to pause further reviews from the bot.

[github-actions]

Entelligence.AI

The get_syncing_file_temporal_signed_url function uploads a file to the bucket and then returns a signed URL for that file. However, it seems like this function is supposed to generate a signed URL for an existing file in the bucket, not upload a new one. The line blob.upload_from_filename(file_path) should probably be removed.

-    blob.upload_from_filename(file_path)
     return _get_signed_url(blob, 15)

Also, there's no error handling here. What if the file doesn't exist in the bucket? You should add some error handling to check if the blob exists before trying to get its signed URL.

if not blob.exists():
    raise FileNotFoundError(f"The file {file_path} does not exist in the bucket.")
return _get_signed_url(blob, 15)