feat(storage): add fetch action to file viewset

In order to have the backend download the file and deliver it to the client, the client needs to actually request it. The client could use the download-url directly but only if there is no SSE-C in place.
projectcaluma · Nov 24, 2023 · 864630b · 864630b
1 parent 15fe5b9
commit 864630b
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 6 deletions.
diff --git a/.home/.bash_history b/.home/.bash_history
@@ -0,0 +1,2 @@
+./manage.py shell_plus
+poetry install
diff --git a/alexandria/core/views.py b/alexandria/core/views.py
@@ -219,3 +219,8 @@ def create(self, request, *args, **kwargs):
         return Response(
             serializer.data, status=status.HTTP_201_CREATED, headers=headers
         )
+
+    @action(methods=["get"], detail=True)
+    def fetch(self, request, *args, **kwargs):
+        obj = self.get_object()
+        return FileResponse(obj.path.file.file, as_attachment=False, filename=obj.name)
diff --git a/alexandria/settings/alexandria.py b/alexandria/settings/alexandria.py
@@ -4,7 +4,7 @@
 It's imported by the main alexandria settings and is intended to also be used by third party
 applications integrating alexandria.
 """
-
+import base64
 import os
 
 import environ
@@ -84,10 +84,21 @@ def default(default_dev=env.NOTSET, default_prod=env.NOTSET):
 AWS_S3_USE_SSL = env.bool("AWS_S3_USE_SSL", default=False)
 AWS_STORAGE_BUCKET_NAME = env.str("AWS_STORAGE_BUCKET_NAME", default="alexandria-media")
 
-ALEXANDRIA_STORAGE_SSE_SECRET = env.str(
-    "ALEXANDRIA_STORAGE_SSE_SECRET", default="not-very-secret"
-)
+AWS_STORAGE_ENABLE_SSEC = env.str("AWS_STORAGE_ENABLE_SEE", default=False)
 
+AWS_S3_OBJECT_PARAMETERS = {}
+
+if AWS_STORAGE_ENABLE_SSEC is True:
+    AWS_S3_OBJECT_PARAMETERS.update(
+        {
+            "SSECustomerKey": env.str(
+                "ALEXANDRIA_STORAGE_SSE_SECRET",
+                default=base64.b64encode(
+                    b"not-very-secretive-secret-to-be-encoded-anyway"
+                )[:32],
+            )
+        }
+    )
 
 # Thumbnails
 ALEXANDRIA_ENABLE_THUMBNAIL_GENERATION = env.bool(

diff --git a/docker-compose.override.yml b/docker-compose.override.yml
@@ -26,8 +26,11 @@ services:
     environment:
       - ENV=dev
       - DEBUG=true
-      - ALEXANDRIA_MINIO_STORAGE_ACCESS_KEY=minio
-      - ALEXANDRIA_MINIO_STORAGE_SECRET_KEY=minio123
+      - AWS_S3_ACCESS_KEY_ID=${AWS_S3_ACCESS_KEY_ID:-minio}
+      - AWS_S3_SECRET_ACCESS_KEY=${AWS_S3_SECRET_ACCESS_KEY:-minio123}
+      - AWS_S3_ENDPOINT_URL=${AWS_S3_ENDPOINT_URL:-http://minio:9000}
+      - AWS_S3_USE_SSL=${AWS_S3_USE_SSL:-false}
+      - AWS_STORAGE_BUCKET_NAME=${AWS_STORAGE_BUCKET_NAME:-alexandria-media}
       - ALEXANDRIA_DEV_AUTH_BACKEND=true
       - ALEXANDRIA_ALLOW_ANONYMOUS_WRITE=true
   minio: