From 9209f403116b9eac3ba92e030d6790115bd67cd6 Mon Sep 17 00:00:00 2001 From: Kyle Hornberg Date: Tue, 30 May 2023 10:29:32 -0500 Subject: [PATCH] Optionally ignore ACLs [Since April 2023, buckets by default have ACLs off](https://aws.amazon.com/blogs/aws/heads-up-amazon-s3-security-changes-are-coming-in-april-of-2023/). --- README.md | 4 +++- index.js | 10 ++++++++-- tests/unit/index-test.js | 20 ++++++++++++++++++++ 3 files changed, 31 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5339c19..16a411c 100644 --- a/README.md +++ b/README.md @@ -110,6 +110,8 @@ A file matching this pattern will be uploaded to S3. The active key in S3 will b The ACL to apply to the objects. +Set to `false` to not apply any ACLs. + *Default:* `'public-read'` ### cacheControl @@ -151,7 +153,7 @@ or Openstack Swift If `endpoint` set the `region` option will be ignored. -*Default:* `[region].s3.amazonaws.com` +*Default:* `[region].s3.amazonaws.com` ### serverSideEncryption diff --git a/index.js b/index.js index b4ff74b..d052831 100644 --- a/index.js +++ b/index.js @@ -66,7 +66,6 @@ module.exports = { var options = { bucket: bucket, prefix: prefix, - acl: acl, cacheControl: cacheControl, filePattern: filePattern, filePath: filePath, @@ -77,6 +76,10 @@ module.exports = { urlEncodeSourceObject: urlEncodeSourceObject }; + if (acl) { + options.acl = acl; + } + if (serverSideEncryption) { options.serverSideEncryption = serverSideEncryption; } @@ -99,12 +102,15 @@ module.exports = { var options = { bucket: bucket, prefix: prefix, - acl: acl, filePattern: filePattern, revisionKey: revisionKey, urlEncodeSourceObject: urlEncodeSourceObject, }; + if (acl) { + options.acl = acl; + } + if (serverSideEncryption) { options.serverSideEncryption = serverSideEncryption; } diff --git a/tests/unit/index-test.js b/tests/unit/index-test.js index 3246ab9..769bc6e 100644 --- a/tests/unit/index-test.js +++ b/tests/unit/index-test.js @@ -147,6 +147,16 @@ describe('s3-index plugin', function() { }); }); + it('filters acl when not defined', function() { + context.config['s3-index'].acl = false; + var promise = plugin.upload(context); + + return assert.isFulfilled(promise) + .then(function() { + assert.equal(Object.prototype.hasOwnProperty.call(s3Options, 'acl'), false, 'acl filtered correctly'); + }); + }); + it('passes cacheControl options based on the cacheControl option to the s3-abstraction', function() { var cacheControl = 'max-age=3600'; context.config['s3-index'].cacheControl = cacheControl; @@ -264,6 +274,16 @@ describe('s3-index plugin', function() { }); }); + it('filters acl when not defined', function() { + context.config['s3-index'].acl = false; + var promise = plugin.upload(context); + + return assert.isFulfilled(promise) + .then(function() { + assert.equal(Object.prototype.hasOwnProperty.call(s3Options, 'acl'), false, 'acl filtered correctly'); + }); + }); + it('displays activation message when revision is activated', function() { var promise = plugin.activate(context);