Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change S3 uploads to not have usernames in the file path #838

Open
PeterBreen opened this issue Jan 19, 2022 · 0 comments · May be fixed by #1066
Open

Change S3 uploads to not have usernames in the file path #838

PeterBreen opened this issue Jan 19, 2022 · 0 comments · May be fixed by #1066
Assignees
@yiyichu
Labels
Back End Primarily back-end (python/django) code for this task python Pull requests that update Python code

Comments

@PeterBreen
Copy link
Collaborator

Right now, any user-uploaded file to our S3 bucket has their username (which is their email address) in the path, e.g. \thumbnails\[email protected]\filename.file_id.jpg Rather than exposing email addresses this way, we should update our S3 uploader to use a unique identifier of some type which is not a plaintext username and we should make sure to update all our existing uploads without losing or breaking existing uploads. These include project files, project logo images, user profile images -- basically any file uploaded to dlab by a user.

In sum, this issue requires:

  • a unique ID system which is not personal information
  • changing our uploader to use that unique ID
  • migrating all our old files to new links without breaking

Relevant code:
@PeterBreen PeterBreen added python Pull requests that update Python code Back End Primarily back-end (python/django) code for this task labels Jan 19, 2022
@pravalikarouthu pravalikarouthu self-assigned this Feb 28, 2022
@Workhqd Workhqd self-assigned this Apr 23, 2023
@Workhqd Workhqd removed their assignment May 7, 2023
@ashwin-sp ashwin-sp self-assigned this Sep 27, 2023
@yiyichu yiyichu self-assigned this Nov 7, 2023
@yiyichu yiyichu linked a pull request Nov 7, 2023 that will close this issue
Encrypt username in s3 key #1066
Open
@ashwin-sp ashwin-sp removed their assignment Jan 30, 2024
@ddfridley ddfridley moved this from Backlog to Needs review in DemocracyLab Development and Release May 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yiyichu yiyichu

Labels
Back End Primarily back-end (python/django) code for this task python Pull requests that update Python code
Projects
DemocracyLab Development and Release
Status: Needs review
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Encrypt username in s3 key DemocracyLab/CivicTechExchange
5 participants
@ashwin-sp @PeterBreen @pravalikarouthu @yiyichu @Workhqd