-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Companion server s3 configuration to let bucket key to be a function and passing down the request #4488
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the PR ! I think we should refactor this to allow more code reuse
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with Mikael, we should avoid the code repetition when we can
adjusted with the suggestions |
Does this mean you're blindly setting the bucket based on the client request? Could this be abused? bucket: (req) => {
return req.context.bucket;
}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should validate the bucket after the function has been called. Also we should probably not disclose to the client the actual error but instead log an error on the server console.
should we fallback to config.bucket? in case of error in the condition from isValidBucket since theres 2 config keys now and bucket is required. |
you should not use this with uncontrolled inputs for sure like req.params, req.query etc.. in my case i have a middleware that finds a DB record and i add it to req with bucket target. |
good! now we just need to actually use the new |
@@ -36,12 +48,20 @@ module.exports = function s3 (config) { | |||
const client = req.companion.s3Client | |||
|
|||
if (!client || typeof config.bucket !== 'string') { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we'd want to support passing a function here, right?
if (!client || typeof config.bucket !== 'string') { | |
if (!client) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it's using config.getBucket key for the function, lines: 27-29
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
huh that's confusing, I think there should be only one config key for the bucket.
@@ -16,6 +24,10 @@ module.exports = function s3 (config) { | |||
throw new TypeError('s3: The `getKey` option must be a function') | |||
} | |||
|
|||
function getBucket (req) { | |||
return typeof config.getBucket === 'function' ? config.getBucket(req) : config.bucket |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
shouldn't we use config.bucket
instead of config.getBucket
? then it can be either a string or a function, and it will be backwards compatible
const bucket = getBucket(req) | ||
|
||
if (!isValidBucket(bucket)) { | ||
logger.error(new TypeError(ERROR_BAD_BUCKET)) | ||
res.status(400).json({ error: ERROR_BAD_CONFIG }) | ||
return | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This code is repeated many times. I feel like it could be rewritten to something like this:
function validateBucket(req, res) {
const bucket = getBucket(req)
if (isValidBucket(bucket)) return true
logger.error(ERROR_BAD_BUCKET)
res.status(400).json({ error: ERROR_BAD_CONFIG })
return false
}
then call:
if (!validateBucket(req, res)) return
(also I don't think we need to wrap the log message in a TypeError
)
@rmoura-92 are you still working on this? The diff now shows 0 file changes. |
yes tomorrow will try to submit a final version. i clicked on discard by mistake due commits ahead |
had a very specific need to target dynamically buckets based on some req property defined in the implementation of the server config.
typically we do this config for s3.
now we can augment the bucket key passing a function, the previous way still valid.