feat: store assets in database (#3290)

* feat: use database as asset storage * being only uploading assets if allowed * tests * fixes * cleanup after merge * renaming * various fixes * fix: change to repository event types and removed unused code * feat: set default features * error handling * error handling and naming * fix tests * fix tests * fix merge * rename
2025-08-11 21:17:32 +00:00 · 2022-04-06 08:13:40 +02:00
parent b949b8fc65
commit 4a0d61d75a
36 changed files with 2016 additions and 967 deletions
--- a/internal/command/statics.go
+++ b/internal/command/statics.go
@@ -1,27 +1,70 @@
 package command

 import (
+	"bytes"
 	"context"
 	"io"
+	"strings"

-	"github.com/caos/zitadel/internal/domain"
+	"github.com/superseriousbusiness/exifremove/pkg/exifremove"
+
+	"github.com/caos/zitadel/internal/api/authz"
+	"github.com/caos/zitadel/internal/static"
 )

-func (c *Commands) UploadAsset(ctx context.Context, bucketName, objectName, contentType string, file io.Reader, size int64) (*domain.AssetInfo, error) {
+type AssetUpload struct {
+	ResourceOwner string
+	ObjectName    string
+	ContentType   string
+	ObjectType    static.ObjectType
+	File          io.Reader
+	Size          int64
+}
+
+func (c *Commands) uploadAsset(ctx context.Context, upload *AssetUpload) (*static.Asset, error) {
+	//TODO: handle location as soon as possible
+	file, size, err := removeExif(upload.File, upload.Size, upload.ContentType)
+	if err != nil {
+		return nil, err
+	}
 	return c.static.PutObject(ctx,
-		bucketName,
-		objectName,
-		contentType,
+		authz.GetInstance(ctx).InstanceID(),
+		"",
+		upload.ResourceOwner,
+		upload.ObjectName,
+		upload.ContentType,
+		upload.ObjectType,
 		file,
 		size,
-		true,
 	)
 }

-func (c *Commands) RemoveAsset(ctx context.Context, bucketName, storeKey string) error {
-	return c.static.RemoveObject(ctx, bucketName, storeKey)
+func (c *Commands) removeAsset(ctx context.Context, resourceOwner, storeKey string) error {
+	return c.static.RemoveObject(ctx, authz.GetInstance(ctx).InstanceID(), resourceOwner, storeKey)
 }

-func (c *Commands) RemoveAssetsFolder(ctx context.Context, bucketName, path string, recursive bool) error {
-	return c.static.RemoveObjects(ctx, bucketName, path, recursive)
+func (c *Commands) removeAssetsFolder(ctx context.Context, resourceOwner string, objectType static.ObjectType) error {
+	return c.static.RemoveObjects(ctx, authz.GetInstance(ctx).InstanceID(), resourceOwner, objectType)
+}
+
+func removeExif(file io.Reader, size int64, contentType string) (io.Reader, int64, error) {
+	if !isAllowedContentType(contentType) {
+		return file, size, nil
+	}
+	buf := new(bytes.Buffer)
+	_, err := buf.ReadFrom(file)
+	if err != nil {
+		return file, 0, err
+	}
+	data, err := exifremove.Remove(buf.Bytes())
+	if err != nil {
+		return nil, 0, err
+	}
+	return bytes.NewReader(data), int64(len(data)), nil
+}
+
+func isAllowedContentType(contentType string) bool {
+	return strings.HasSuffix(contentType, "png") ||
+		strings.HasSuffix(contentType, "jpg") ||
+		strings.HasSuffix(contentType, "jpeg")
 }