mirror of
https://gh.wpcy.net/https://github.com/discourse/discourse.git
synced 2026-05-10 13:22:25 +08:00
b02bc707de
This commit introduces a `s3_enable_access_control_tags` site setting which, when enabled, adds a `discourse:acl` tag with values `public` or `private` to S3 objects created by the application. The presence of the tags on S3 objects enables bucket administrators to implement tag-based access control policies, providing an alternative to object ACLs which AWS now discourages. The `discourse:acl` tag can be customized via the `s3_access_control_tag_key ` site setting. Values for `public` and `private` can also be customized via the `s3_access_control_tag_public_value` and `s3_access_control_tag_private_value ` site settings respectively. ### Reviewer Notes To test it locally, run the following commands in your working discourse directory: 1. `script/install_minio_binaries.rb` 2. Start a local minio server by running: `bundle exec rails runner script/local_minio_s3.rb` 3. bundle exec rails runner "SiteSetting.enable_s3_uploads = true" 5. Start your development rails server with the following environment variables: `DISCOURSE_ENABLE_S3_UPLOADS=true DISCOURSE_S3_ENABLE_ACCESS_CONTROL_TAGS=true DISCOURSE_BACKUP_LOCATION=s3` |
||
|---|---|---|
| .. | ||
| db_provider.rb | ||
| defaults_provider.rb | ||
| deprecated_settings.rb | ||
| hidden_provider.rb | ||
| local_process_provider.rb | ||
| type_supervisor.rb | ||
| validations.rb | ||
| yaml_loader.rb | ||
