Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat/attachments extra attrs #535

Merged
merged 24 commits into from
Jan 17, 2025
Merged

Feat/attachments extra attrs #535

merged 24 commits into from
Jan 17, 2025

Conversation

marrouchi
Copy link
Contributor

@marrouchi marrouchi commented Jan 8, 2025
edited
Loading

Motivation

In this PR, we add extra attributes to the attachment schema in order to have more control over access:

  • createdByRef : user / subscriber
  • createdBy : id
  • resourceRef : The context where the attachment is used.
  • access : Either public or private (access is public : blocks, content, and is private for message and avatars)

To achieve this we need to:

  • Centralize file upload and access using attachmentService.store() method.
  • Refactor Attachment DTOs
  • Add ability guard to check access to the attachement based on the context.
  • Use public signed Urls to download attachments and preserve "url" for extenal links
  • Add extra attributes to the Attachment schema : createdByRef, createdBy, resourceRef and access
  • Add support for Stream when storing files and enforce security around multipart upload
  • Refactor channels design to allow the subscriber and avatar to be linked to each others.
  • Update migration 2.2.0 to include new attributes
  • Update frontend to send the resourceRef on each upload.

Related PRs:

All channels extensions developed so far have been updated to accomodate the new changes:

How to test

The features below should be working as usual and must check the new attributes in DB + file in root directory (attachments or avatars)

  • Previous DB data should be upgraded
  • Attachment / Carousel / List blocks
  • User avatar update
  • Triggering Attachment blocks from any channel should respond accordinly
  • Sending an attachment via the chat
  • Access the attachment from the inbox
  • Fetching and storing the subscriber avatar
  • Attempt to access an attachment without the right permission should fail.

Type of change:

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

Checklist:

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added unit tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes

@marrouchi marrouchi changed the base branch from main to refactor/avatar-upload January 8, 2025 15:44
@marrouchi marrouchi force-pushed the feat/attachments-extra-attrs branch from 400937e to 5be799d Compare January 8, 2025 16:52
@marrouchi marrouchi changed the base branch from refactor/avatar-upload to main January 8, 2025 16:52
@marrouchi marrouchi force-pushed the feat/attachments-extra-attrs branch 2 times, most recently from ed39571 to 3f44e2b Compare January 15, 2025 15:07
@marrouchi marrouchi marked this pull request as ready for review January 15, 2025 15:19
This was referenced Jan 15, 2025
Merged
Merged
Merged
Merged
@marrouchi marrouchi force-pushed the feat/attachments-extra-attrs branch from 3f44e2b to 0b4a108 Compare January 15, 2025 18:06
@yassinedorbozgithub
Copy link
Collaborator

I have faced an issue when trying to edit a content
image

@yassinedorbozgithub
Copy link
Collaborator

yassinedorbozgithub commented Jan 17, 2025
edited
Loading

I have faced an issue with the migrations
image
Also, have the same issue by running this command from the container shell

npm run cli migration migrate up
image

@marrouchi
Merge pull request #583 from Hexastack/feat/storage-mode-env-var
bb2d0d4 
feat: make storage mode configurable env var
@marrouchi marrouchi merged commit caae134 into main Jan 17, 2025
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MohamedAliBouhaouala MohamedAliBouhaouala MohamedAliBouhaouala left review comments

@yassinedorbozgithub yassinedorbozgithub yassinedorbozgithub approved these changes

@IkbelTalebHssan IkbelTalebHssan IkbelTalebHssan approved these changes

@abdou6666 abdou6666 abdou6666 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@marrouchi @yassinedorbozgithub @abdou6666 @IkbelTalebHssan @MohamedAliBouhaouala