Skip to content

Commit 310f0d9

Browse files
IhorMasechkoIhor Masechko
andauthored
[1035] Fix S3 attachment uploads for ACL-disabled buckets (#264)
fix(uploadfs): disable S3 ACL usage for attachment uploads ## Summary - Fixes Apostrophe attachment upload failures caused by S3 buckets with ACLs disabled (`AccessControlListNotSupported`). - Updates `@apostrophecms/uploadfs` config to avoid sending ACL by default (`acl: null`) unless explicitly provided via `APOS_S3_ACL`. - Makes S3 `endpoint`, `style`, and `https` options optional so production AWS S3 works without LocalStack-specific env vars. - Aligns local LocalStack bucket initialization with `APOS_S3_BUCKET` to prevent local `NoSuchBucket` errors. ## Root Cause Uploads were sending ACL-related settings to buckets configured with Object Ownership that disallows ACLs, causing `500` errors from `/api/v1/@apostrophecms/attachment/upload`. ## Validation - Verified local upload now succeeds. - Confirmed previous ACL error is no longer triggered. - Confirmed local bucket mismatch issue was resolved for development environment. ## Notes - `docker-compose.yml` LocalStack bucket change is development-only. - Production impact comes from `uploadfs` ACL/config handling changes. - For production, keep `APOS_S3_ACL` unset unless explicitly needed. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> Updated S3 upload configuration in the uploadfs module to support buckets with ACLs disabled. This change makes endpoint, style, and https options conditional (only set when corresponding environment variables are present) and defaults the ACL setting to null unless APOS_S3_ACL is explicitly configured, preventing AccessControlListNotSupported errors during attachment uploads. <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: Ihor Masechko <ihormasechko@Ihors-MacBook-Air.local>
1 parent 3a3a823 commit 310f0d9

File tree

1 file changed

+16
-4
lines changed
  • website/modules/@apostrophecms/uploadfs

1 file changed

+16
-4
lines changed

website/modules/@apostrophecms/uploadfs/index.js

Lines changed: 16 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,21 +1,33 @@
11
const { getEnv } = require('../../../utils/env');
22

33
const aposS3Secret = process.env.APOS_S3_SECRET;
4-
const aposS3Https = getEnv('APOS_S3_HTTPS');
4+
const aposS3Endpoint = process.env.APOS_S3_ENDPOINT;
5+
const aposS3Style = process.env.APOS_S3_STYLE;
6+
const aposS3Https = process.env.APOS_S3_HTTPS;
57

68
const uploadfsOptions = {
79
storage: 's3',
810
bucket: getEnv('APOS_S3_BUCKET'),
911
region: getEnv('APOS_S3_REGION'),
10-
endpoint: getEnv('APOS_S3_ENDPOINT'),
11-
style: getEnv('APOS_S3_STYLE'),
12-
https: aposS3Https.toLowerCase() === 'true',
12+
acl: process.env.APOS_S3_ACL || null,
1313
cdn: {
1414
enabled: true,
1515
url: getEnv('APOS_CDN_URL'),
1616
},
1717
};
1818

19+
if (aposS3Endpoint) {
20+
uploadfsOptions.endpoint = aposS3Endpoint;
21+
}
22+
23+
if (aposS3Style) {
24+
uploadfsOptions.style = aposS3Style;
25+
}
26+
27+
if (aposS3Https) {
28+
uploadfsOptions.https = aposS3Https.toLowerCase() === 'true';
29+
}
30+
1931
if (aposS3Secret) {
2032
uploadfsOptions.secret = aposS3Secret;
2133
uploadfsOptions.key = getEnv('APOS_S3_KEY');

0 commit comments

Comments
 (0)