From 3600c8b28d6afcffb19a485be932da33d812ab10 Mon Sep 17 00:00:00 2001 From: Lorenz Padberg Date: Thu, 4 Apr 2024 11:27:33 +0200 Subject: [PATCH] bla --- docs/media_files_handling.md | 73 ++++++++++++++++++++++++++++++++++++ server/lorenz.env | 6 +-- 2 files changed, 76 insertions(+), 3 deletions(-) create mode 100644 docs/media_files_handling.md diff --git a/docs/media_files_handling.md b/docs/media_files_handling.md new file mode 100644 index 00000000..40551bc9 --- /dev/null +++ b/docs/media_files_handling.md @@ -0,0 +1,73 @@ +# Files handling + +This document describes how files are handled in this appication. + +# Types of files + +static files: files that are not changed by the application, e.g. images, fonts, etc.ยจ + +### content documents: + +Files that belong to the content and are managed by the content editors in the CMS (pdf, excel, word, etc.) + +### user documents: + +Files that are uploaded by the users (pdf, etc.). Therefore not visible in the CMS. +Images are handled seprately from documents since images require additional processing (resizing, cropping, etc.). +Visible in the django admin. + +### content images: + +Images that belong to the content and are managed by the content editors in the CMS. + +### user images: + +Images that are uploaded by the users. Therefore not visible in the CMS. Visible in the django admin. + +## Static files + +These files are publicly served on S3. + +## Content documents + +These files are part of the content. Such as a pdf thas cointains additional information to a course. +These files are not publicly available. The content files are uploaded by the editors in the wagtail cms. + +https://www.hacksoft.io/blog/direct-to-s3-file-upload-with-django + +Django handles the permissions to these files. Via a view django checks if the user has permissions to access the file, +and gerates a temporary url that is valid for a limited time. Still the documents are served by django. This done for +usability reasons. The user sees the url mydomain.com/media/documents/ and not a url to S3. Therefore the +user can share the url with other users. (still they need to login and have the permissions to access the file) + +The downside of this is that the django server processes these files. (could be circumvented by django-sendfile). + +![](./assets/files-presign.png) + +- These Files are handled stored as wagtail documents. As a model and the file itself is stored in S3. + +### Frontend access to content documents + +For the frontend django generates a fixed url per file /media/documents/ + +When the frontend requests this file, django checks if the user has permissions to access the file. +If so, django generates a temporary url that is valid for a limited time. Then sends a redirect to the frontend. + +In this waz the frontend does not need to know about the permissions. Content grapql can be cached if needed and urls +can be shared by the users. + +content_documents +user_documents + +public files + +## User documents + +- User uploaded files are stored in S3. but the permissions is handled by django. Same process as content files. + +Same process as content files. But the url is /media/user-uploads/ +And the files are not managed by Wagtail. Due to another model, they are not visible to the user in the CMS. + +## Content images + +Content Images are served directly from S3. The permissions are handled by dja diff --git a/server/lorenz.env b/server/lorenz.env index dca09e30..3a3bc88a 100644 --- a/server/lorenz.env +++ b/server/lorenz.env @@ -4,10 +4,10 @@ export DATABASE_URL=postgres://skillbox:skillbox@localhost:5432/skillbox export DEBUG=True export ENABLE_SILKY=False export SECRET_KEY=FOOBAR -export USE_AWS=False +export USE_AWS=True export WAGTAILADMIN_BASE_URL=/ export ALLOW_BETA_LOGIN=True -export USE_404_FALLBACK_IMAGE=True - +export AWS_STORAGE_BUCKET_NAME=skillbox-files-preprod +export AWS_REGION=eu-central-1 #export THEME=my-kv #export APP_FLAVOR=my-kv