Backup_Repos/filestash
1
0
Fork 0
mirror of https://github.com/mickael-kerjean/filestash synced 2025-12-07 17:02:29 +01:00
Code Issues Projects Releases Wiki Activity

feature (S3): integrate S3 encryption mechanism - #90

Browse source
This commit is contained in:
Mickael Kerjean 2018-08-01 21:02:29 +10:00
parent 31f8c273ff
commit 35178ee70e
2 changed files with 43 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
client/pages/connectpage/form.js
View file

@ -364,15 +364,21 @@ const S3Form = formHelper(function(props){
if(value == true){ if(value == true){
props.values.path = ""; props.values.path = "";
props.values.endpoint = ""; props.values.endpoint = "";
props.values.region = "";
props.values.encryption_key = "";
}else{ }else{
delete props.values.path; delete props.values.path;
delete props.values.endpoint; delete props.values.endpoint;
delete props.values.region;
delete props.values.encryption_key;
} }
props.onChange(); props.onChange();
}; };
const is_advanced = props.advanced( const is_advanced = props.advanced(
props.values.path, props.values.path,
props.values.endpoint props.values.endpoint,
props.values.region,
props.values.encryption_key
); );
return ( return (
@ -392,6 +398,9 @@ const S3Form = formHelper(function(props){
<NgIf cond={props.should_appear("path")}> <NgIf cond={props.should_appear("path")}>
<Input value={props.values["path"] || ""} onChange={(e) => props.onChange("path", e.target.value)} type={props.input_type("path")} name="path" placeholder="Path" autoComplete="new-password" /> <Input value={props.values["path"] || ""} onChange={(e) => props.onChange("path", e.target.value)} type={props.input_type("path")} name="path" placeholder="Path" autoComplete="new-password" />
</NgIf> </NgIf>
<NgIf cond={props.should_appear("encryption_key")}>
<Input value={props.values["encryption_key"] || ""} onChange={(e) => props.onChange("encryption_key", e.target.value)} type={props.input_type("encryption_key")} name="encryption_key" placeholder="Encryption Key" autoComplete="new-password" />
</NgIf>
<NgIf cond={props.should_appear("region")}> <NgIf cond={props.should_appear("region")}>
<Input value={props.values["region"] || ""} onChange={(e) => props.onChange("region", e.target.value)} type={props.input_type("region")} name="region" placeholder="Region" autoComplete="new-password" /> <Input value={props.values["region"] || ""} onChange={(e) => props.onChange("region", e.target.value)} type={props.input_type("region")} name="region" placeholder="Region" autoComplete="new-password" />
</NgIf> </NgIf>

41
server/model/backend/s3.go
View file

@ -112,10 +112,15 @@ func (s S3Backend) Cat(path string) (io.Reader, error) {
p := s.path(path) p := s.path(path)
client := s3.New(s.createSession(p.bucket)) client := s3.New(s.createSession(p.bucket))
obj, err := client.GetObject(&s3.GetObjectInput{ input := &s3.GetObjectInput{
Bucket: aws.String(p.bucket), Bucket: aws.String(p.bucket),
Key: aws.String(p.path), Key: aws.String(p.path),
}) }
if s.params["encryption_key"] != "" {
input.SSECustomerAlgorithm = aws.String("AES256")
input.SSECustomerKey = aws.String(s.params["encryption_key"])
}
obj, err := client.GetObject(input)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -200,11 +205,20 @@ func (s S3Backend) Mv(from string, to string) error {
if f.path == "" { if f.path == "" {
return NewError("Can't move this", 403) return NewError("Can't move this", 403)
} }
_, err := client.CopyObject(&s3.CopyObjectInput{
input := &s3.CopyObjectInput{
Bucket: aws.String(t.bucket), Bucket: aws.String(t.bucket),
CopySource: aws.String(f.bucket + "/" + f.path), CopySource: aws.String(f.bucket + "/" + f.path),
Key: aws.String(t.path), Key: aws.String(t.path),
}) }
if s.params["encryption_key"] != "" {
input.CopySourceSSECustomerAlgorithm = aws.String("AES256")
input.CopySourceSSECustomerKey = aws.String(s.params["encryption_key"])
input.SSECustomerAlgorithm = aws.String("AES256")
input.SSECustomerKey = aws.String(s.params["encryption_key"])
}
_, err := client.CopyObject(input)
if err != nil { if err != nil {
return err return err
} }
@ -218,12 +232,18 @@ func (s S3Backend) Touch(path string) error {
if p.bucket == "" { if p.bucket == "" {
return NewError("Can't do that on S3", 403) return NewError("Can't do that on S3", 403)
} }
_, err := client.PutObject(&s3.PutObjectInput{
input := &s3.PutObjectInput{
Body: strings.NewReader(""), Body: strings.NewReader(""),
ContentLength: aws.Int64(0), ContentLength: aws.Int64(0),
Bucket: aws.String(p.bucket), Bucket: aws.String(p.bucket),
Key: aws.String(p.path), Key: aws.String(p.path),
}) }
if s.params["encryption_key"] != "" {
input.SSECustomerAlgorithm = aws.String("AES256")
input.SSECustomerKey = aws.String(s.params["encryption_key"])
}
_, err := client.PutObject(input)
return err return err
} }
@ -234,11 +254,16 @@ func (s S3Backend) Save(path string, file io.Reader) error {
return NewError("Can't do that on S3", 403) return NewError("Can't do that on S3", 403)
} }
uploader := s3manager.NewUploader(s.createSession(path)) uploader := s3manager.NewUploader(s.createSession(path))
_, err := uploader.Upload(&s3manager.UploadInput{ input := s3manager.UploadInput{
Body: file, Body: file,
Bucket: aws.String(p.bucket), Bucket: aws.String(p.bucket),
Key: aws.String(p.path), Key: aws.String(p.path),
}) }
if s.params["encryption_key"] != "" {
input.SSECustomerAlgorithm = aws.String("AES256")
input.SSECustomerKey = aws.String(s.params["encryption_key"])
}
_, err := uploader.Upload(&input)
return err return err
} }