لماذا يتم تشغيل UpdatePostUploadsSecureStatus حتى عند تعطيل التحميلات الآمنة؟

saulshanabrook · 18 فبراير 2023، 4:45م

Thanks for your work on allowing different S3 backends! I am using minio and it is working great…

The only slight issue I have is that the UpdatePostUploadsSecureStatus job is failing because Minio does not support ACLs:

github.com/minio/minio

Support Object ACLs

opened 02:26PM - 06 Sep 19 UTC

closed 03:58AM - 07 Sep 19 UTC

rfornea

community wont fix triage

I've read through a few github issues and the minio docs, and it seems you don't… support setting object ACLs (nor intend to). You claim to be an S3 compatible server, but if you aren't supporting this feature, that's not really true IMO. Regardless of whether or not AWS recommends using ACLs, they nevertheless still support them and it is a good enough solution for plenty of people's usage. Not supporting object ACLs prevents Minio from being a drop-in replacement for S3. Someone who wanted to switch to Minio would have to start adding prefixes to everything which could break their existing naming scheme for objects. This is a problem if they wanted to be able to support objects stored in S3 and in Minio, and if they already had pre-existing data in S3 which used Object ACLs. This is the situation I personally am in. I really think you should reconsider this.

Is there a way I can disable this job from running?

Falco · 18 فبراير 2023، 4:51م

Have you enabled SiteSetting.secure_uploads ?

saulshanabrook · 19 فبراير 2023، 1:08م

Nope, I have not.

EDIT: I did import some emails which had images embedded I’m them. I am reading the Secure uploads in emails docs, is that saying that all uploads from emails will be “secure”?

Falco · 19 فبراير 2023، 1:35م

Why do we schedule this job for every upload on every post even when the setting is disabled @martin ?

martin · 19 فبراير 2023، 11:38م

Good question – this is called in two places. PostCreator:

github.com

discourse/discourse/blob/3c57db5c633297f076c9e2ed09beff41e4133573/lib/post_creator.rb#L405-L407


      
          def update_uploads_secure_status
            @post.update_uploads_secure_status(source: "post creator") if SiteSetting.secure_uploads?
          end

And PostRevisor:

github.com

discourse/discourse/blob/3c57db5c633297f076c9e2ed09beff41e4133573/lib/post_revisor.rb#L250-L252


      
          # This must be done before post_process_post, because that uses
          # post upload security status to cook URLs.
          @post.update_uploads_secure_status(source: "post revisor")

However as you can see I neglected to do the SiteSetting.secure_uploads? check in the latter…I will make a PR to fix this and just move the check to post.update_uploads_secure_status.

Edit: PR is here, hopefully should merge today FIX: Do not enqueue UpdatePostUploadsSecureStatus unnecessarily by martin-brennan · Pull Request #20366 · discourse/discourse · GitHub

الموضوع		الردود	مرات العرض
Minio: A header you provided implies S3 functionality that is not implemented Support	20	9840	5 أبريل 2021
Can not edit topics with picture with S3 backend Bug	11	1105	12 يوليو 2021
Secure Uploads Announcements secure-uploads	46	16516	24 يوليو 2025
Upload objects to private S3 is not working Support s3	5	2519	14 يونيو 2022
Image upload error: The bucket does not allow ACL's Support s3	5	1699	10 يونيو 2022

لماذا يتم تشغيل UpdatePostUploadsSecureStatus حتى عند تعطيل التحميلات الآمنة؟

الموضوعات ذات الصلة