Skip to content

Commit

Permalink
Merge pull request waynehoover#225 from ilyakatz/encryption
Browse files Browse the repository at this point in the history
add option to allow server side encryption
  • Loading branch information
waynehoover authored Sep 16, 2016
2 parents 6972033 + a754f82 commit 6f6decc
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 11 deletions.
8 changes: 1 addition & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,6 @@ Use the `s3_uploader_form` helper to add an s3 upload file field to your view:
* It is required that the file_field_tag is named 'file'.
* A unique :id should be added to file_field_tag if there is many 's3_uploader_form' in the page


Then in your application.js.coffee, call the S3Uploader jQuery plugin on the element you created above:
```coffeescript
jQuery ->
Expand All @@ -86,6 +85,7 @@ Optionally, you can also place this template in the same view for the progress b
* `callback_url:` No default. The url that is POST'd to after file is uploaded to S3. If you don't specify this option, no callback to the server will be made after the file has uploaded to S3.
* `callback_method:` Defaults to `POST`. Use PUT and remove the multiple option from your file field to update a model.
* `callback_param:` Defaults to `file`. Parameter key for the POST to `callback_url` the value will be the full s3 url of the file. If for example this is set to "model[image_url]" then the data posted would be `model[image_url] : http://bucketname.s3.amazonws.com/filename.ext`
* `server_side_encryption:` Default to nothing. Specifies whether [Server-Side encryption](http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) should be used to secure uploaded file. See
* `key:` Defaults to `uploads/{timestamp}-{unique_id}-#{SecureRandom.hex}/${filename}`. It is the key, or filename used on s3. `{timestamp}`, `{unique_id}`, `{extension}` and `{cleaned_filename}` are special substitution strings that will be populated by javascript with values for the current upload. {cleaned_filename} is the original filename with special characters removed. `${filename}` is a special s3 string that will be populated with the original uploaded file name. Needs to be at least `"${filename}"` or `"${cleaned_filename}"`. It is highly recommended to use both `{unique_id}`, which will prevent collisions when uploading files with the same name (such as from a mobile device, where every photo is named image.jpg), and a server-generated random value such as `#{SecureRandom.hex}`, which adds further collision protection with other uploaders.
* `key_starts_with:` Defaults to `uploads/`. Constraint on the key on s3. if you change the `key` option, make sure this starts with what you put there. If you set this as a blank string the upload path to s3 can be anything - not recommended!
* `acl:` Defaults to `public-read`. The AWS acl for files uploaded to s3.
Expand Down Expand Up @@ -140,7 +140,6 @@ To do this remove `s3_direct_upload` from your application.js and include the ne
```
Use the javascript in `s3_direct_upload` as a guide.
## Options for S3Upload jQuery Plugin
* `path:` manual path for the files on your s3 bucket. Example: `path/to/my/files/on/s3`
Expand Down Expand Up @@ -185,9 +184,6 @@ Target for progress bar
</div>
```




### Public methods
You can change the settings on your form later on by accessing the jQuery instance:

Expand Down Expand Up @@ -285,7 +281,6 @@ IE file uploads are working but with a couple caveats.

But IE should still upload your files fine.


## Contributing / TODO
This is just a simple gem that only really provides some javascript and a form helper.
This gem could go all sorts of ways based on what people want and how people contribute.
Expand All @@ -297,7 +292,6 @@ Ideas:
* Model methods.
* Model method to delete files from s3


## Credit
This gem is basically a small wrapper around code that [Ryan Bates](http://github.com/rbates) wrote for [Railscast#383](http://railscasts.com/episodes/383-uploading-to-amazon-s3). Most of the code in this gem was extracted from [gallery-jquery-fileupload](https://github.com/railscasts/383-uploading-to-amazon-s3/tree/master/gallery-jquery-fileupload).

Expand Down
18 changes: 14 additions & 4 deletions lib/s3_direct_upload/form_helper.rb
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,8 @@ def initialize(options)
callback_method: "POST",
callback_param: "file",
key_starts_with: @key_starts_with,
key: key
key: key,
server_side_encryption: nil
)
end

Expand All @@ -53,8 +54,9 @@ def fields
:policy => policy,
:signature => signature,
:success_action_status => "201",
'X-Requested-With' => 'xhr'
}
'X-Requested-With' => 'xhr',
"x-amz-server-side-encryption" => @options[:server_side_encryption]
}.delete_if { |k, v| v.nil? }
end

def key
Expand All @@ -76,10 +78,18 @@ def policy_data
{bucket: @options[:bucket]},
{acl: @options[:acl]},
{success_action_status: "201"}
] + (@options[:conditions] || [])
] + server_side_encryption + (@options[:conditions] || [])
}
end

def server_side_encryption
if @options[:server_side_encryption]
[ { "x-amz-server-side-encryption" => @options[:server_side_encryption] } ]
else
[]
end
end

def signature
Base64.encode64(
OpenSSL::HMAC.digest(
Expand Down
9 changes: 9 additions & 0 deletions spec/helpers/form_helper_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,15 @@
s3_uploader.policy_data[:conditions].should include ["starts-with", "$content-type", ""]
end
end

describe "#policy_data" do
it "includes server side encruption" do
s3_uploader = S3DirectUpload::UploadHelper::S3Uploader.new({:server_side_encryption => "AES256"})
hash = s3_uploader.policy_data[:conditions].select{|c|c.class == Hash}.
select{|h|h.key?("x-amz-server-side-encryption")}[0]
hash["x-amz-server-side-encryption"].should eq("AES256")
end
end
end

end

0 comments on commit 6f6decc

Please sign in to comment.