FIX: Capture S3 metadata when calling create_multipart (#14161)

The generate_presigned_put endpoint for direct external uploads (such as the one for the uppy-image-uploader) records allowed S3 metadata values on the uploaded object. We use this to store the sha1-checksum generated by the UppyChecksum plugin, for later comparison in ExternalUploadManager. However, we were not doing this for the create_multipart endpoint, so the checksum was never captured and compared correctly. Also includes a fix to make sure UppyChecksum is the last preprocessor to run. It is important that the UppyChecksum preprocessor is the last one to be added; the preprocessors are run in order and since other preprocessors may modify the file (e.g. the UppyMediaOptimization one), we need to checksum once we are sure the file data has "settled".
2025-05-29 01:31:35 +08:00 · 2021-08-27 09:50:23 +10:00
parent 189b4c4992
commit 99ec8eb6df
4 changed files with 73 additions and 43 deletions
--- a/app/controllers/uploads_controller.rb
+++ b/app/controllers/uploads_controller.rb
@ -224,19 +224,7 @@ class UploadsController < ApplicationController
      )
    end

-    # don't want people posting arbitrary S3 metadata so we just take the
-    # one we need. all of these will be converted to x-amz-meta- metadata
-    # fields in S3 so it's best to use dashes in the names for consistency
-    #
-    # this metadata is baked into the presigned url and is not altered when
-    # sending the PUT from the clientside to the presigned url
-    metadata = if params[:metadata].present?
-      meta = {}
-      if params[:metadata]["sha1-checksum"].present?
-        meta["sha1-checksum"] = params[:metadata]["sha1-checksum"]
-      end
-      meta
-    end
+    metadata = parse_allowed_metadata(params[:metadata])

    url = Discourse.store.signed_url_for_temporary_upload(
      file_name, metadata: metadata
@ -313,9 +301,11 @@ class UploadsController < ApplicationController
      )
    end

+    metadata = parse_allowed_metadata(params[:metadata])
+
    begin
      multipart_upload = Discourse.store.create_multipart(
-        file_name, content_type
+        file_name, content_type, metadata: metadata
      )
    rescue Aws::S3::Errors::ServiceError => err
      debug_upload_error(err, "upload.create_mutlipart_failure")
@ -579,4 +569,15 @@ class UploadsController < ApplicationController
    return if !SiteSetting.enable_upload_debug_mode
    Discourse.warn_exception(err, message: I18n.t(translation_key, translation_params))
  end
+
+  # don't want people posting arbitrary S3 metadata so we just take the
+  # one we need. all of these will be converted to x-amz-meta- metadata
+  # fields in S3 so it's best to use dashes in the names for consistency
+  #
+  # this metadata is baked into the presigned url and is not altered when
+  # sending the PUT from the clientside to the presigned url
+  def parse_allowed_metadata(metadata)
+    return if metadata.blank?
+    metadata.permit("sha1-checksum").to_h
+  end
 end