search

ahmedkandel / nova-s3-multipart-upload

A Laravel Nova resource tool to upload files directly to Amazon S3. You can (upload | download | delete) single, multiple, small or big files.
MIT License
23 stars 22 forks source link

Can't set public read permision #13

Closed matthewswallace closed 3 years ago

matthewswallace commented 3 years ago

I don't see anything in the documentation or the code that will allow me to set the files read permissions once it's uploaded to S3. Am I missing something ?

matthewswallace commented 3 years ago

In order to get this to work I had to do the following by adding a File field to my resource. 

File::make('Media Asset', 'url')
                ->disk('s3')
                ->prunable()
                ->thumbnail(function ($value, $disk) {
                    if($value)
                    {
                        Storage::disk($disk)->setVisibility($value, 'public');
                    }
                    return $value
                        ? Storage::disk($disk)->url($value)
                        : null;
                })->onlyOnIndex()->showOnDetail(),
ahmedkandel commented 3 years ago

It is more related to AWS rather than to this package but I can help.

AWS S3 buckets and objects are not public by default. You can use your approach to set Visibility for every single file you upload but it doesn't make sense. Also in your approach the setVisibility will be invoked each time you view the file in nova.

If it is a must for you to call setVisibility for example to make only certain files public, we are planning to add events feature to this package that you may use to invoke a callback once the file is uploaded.

My suggestion is to make all the uploads public by setting up your S3 Bucket as following:

Under your "Amazon S3 Console > YOUR BUCKET > Permissions"

  1. In "Block public access" section make those options OFF.
  2. In "Bucket policy" section add the following policy: 
    {
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "AddPerm",
        "Effect": "Allow",
        "Principal": "*",
        "Action": "s3:GetObject",
        "Resource": "arn:aws:s3:::YOUR BUCKET/*"
    }
]
}

    Please replace YOUR BUCKET with your actual bucket name.

Now the objects/files are publicly accessible.

matthewswallace commented 3 years ago

Thank you. this is a better solution and I've implemented your suggestion.