Closed ashish-greycube closed 6 months ago
@shridarpatil , request you to kindly check it and suggest any workaround/fix
@shridarpatil , happy holi! This issue is critical as client is not able to attach PDF and view it. Let me know if you have any findings. Thanks!
This access denied is from your S3 bucket nothing to do with the app. Can you check your S3 bucket policy?
@shridarpatil , for all file types other than PDF it works..so my guess is it is not a policy issue What i have observed is PDF link that gets generated is different, it doesnot have response-content-disposition etc I have put below two links for your input PDF link : https://s3.amazonaws.com/tiepls3bucket/erpnext/2024/03/20/Purchase%20Invoice/LUKOUT4R_Item_404825_label_22.pdf
@shridarpatil , sorry to bug you if i have bucket policy as below
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AddCannedAcl",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::111:user/frappe_s3"
},
"Action": [
"s3:PutObject",
"s3:PutObjectAcl"
],
"Resource": "arn:aws:s3:::tiepls3bucket/erpnext",
"Condition": {
"StringEquals": {
"s3:x-amz-acl": "public-read"
}
}
}
]
}
Does it mean i can only upload and view files as private only? What i have observed is private files of all types (pdf,jpeg..etc) works (ie. upload/view etc) whereas if it is public file..on view it gives access denied error as mentioned earlier pl guide
@shridarpatil , everything works i.e. PDF/other file type .. private/public etc with following settings
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AddCannedAcl",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::111:user/username"
},
"Action": [
"s3:PutObject",
"s3:PutObjectAcl"
],
"Resource": "arn:aws:s3:::bucket/folder/*",
"Condition": {
"StringEquals": {
"s3:x-amz-acl": "public-read"
}
}
}
]
}
whereas marketplace notes has following, ie. all off your response will help! thanks
This is to make sure to secure your files to private.
Closing this issue as this was not related to the app.
https://github.com/zerodha/frappe-attachments-s3/blob/f7d3963a95a5ca9dd4159ca3e9117d8dd65cd1b8/frappe_s3_attachment/controller.py#L130 <-- this has NO impact unless you uncheck above 2 boxes @shridarpatil
Expected behaviour
PDF file attached, should open
Actual behaviour
Attach a PDF file and try to open it, it fails
Step to reproduce
Go to any doctype, ex purchase invoice Attach a PDF file. It attaches without issue Try to open it. it gives error
Note: when checked in amazon bucket the PDF file is there and it opens inside amazon without issue
Version
14