feat: s3 public read (#1080)

* fix: repeated modification session notification * fix: repeated modification session notification * fix: jpush return a nil pointer panic * fix: push redis pkg * fix: OANotification * feat: add rpc GetConversationNeedOfflinePushUserIDs * update pkg * cicd: robot automated Change * offlinePushMsg * conversation * conversation * cicd: robot automated Change * conversation * cicd: robot automated Change * conversation * url 2 im s3 * url 2 im s3 * cicd: robot automated Change * url 2 im s3 * s3 public read * cicd: robot automated Change * s3 public read * cicd: robot automated Change * s3 public read * s3 public read * s3 public read * s3 public read * s3 public read * cicd: robot automated Change * s3 public read * s3 public read * fix: SendMsg api * config scripts * config scripts --------- Co-authored-by: withchao <withchao@users.noreply.github.com>
2026-05-08 19:16:35 +08:00 · 2023-09-19 15:23:46 +08:00
parent bba662f404
commit 5c31d12253
14 changed files with 108 additions and 62 deletions
@@ -1,15 +0,0 @@
-// Copyright © 2023 OpenIM. All rights reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package minio // import "github.com/openimsdk/open-im-server/v3/pkg/common/db/s3/minio"
@@ -0,0 +1,11 @@
+package minio
+
+import (
+	"net/url"
+	_ "unsafe"
+
+	"github.com/minio/minio-go/v7"
+)
+
+//go:linkname makeTargetURL github.com/minio/minio-go/v7.(*Client).makeTargetURL
+func makeTargetURL(client *minio.Client, bucketName, objectName, bucketLocation string, isVirtualHostStyle bool, queryValues url.Values) (*url.URL, error)
@@ -139,6 +139,15 @@ func (m *Minio) initMinio(ctx context.Context) error {
 			return fmt.Errorf("make bucket error: %w", err)
 		}
 	}
+	if conf.PublicRead {
+		policy := fmt.Sprintf(
+			`{"Version": "2012-10-17","Statement": [{"Action": ["s3:GetObject","s3:PutObject"],"Effect": "Allow","Principal": {"AWS": ["*"]},"Resource": ["arn:aws:s3:::%s/*"],"Sid": ""}]}`,
+			conf.Bucket,
+		)
+		if err := m.core.Client.SetBucketPolicy(ctx, conf.Bucket, policy); err != nil {
+			return err
+		}
+	}
 	m.location, err = m.core.Client.GetBucketLocation(ctx, conf.Bucket)
 	if err != nil {
 		return err
@@ -375,7 +384,15 @@ func (m *Minio) presignedGetObject(ctx context.Context, name string, expire time
 	} else if expire < time.Second {
 		expire = time.Second
 	}
-	rawURL, err := m.sign.PresignedGetObject(ctx, m.bucket, name, expire, query)
+	var (
+		rawURL *url.URL
+		err    error
+	)
+	if config.Config.Object.Minio.PublicRead {
+		rawURL, err = makeTargetURL(m.sign, m.bucket, name, m.location, false, query)
+	} else {
+		rawURL, err = m.sign.PresignedGetObject(ctx, m.bucket, name, expire, query)
+	}
 	if err != nil {
 		return "", err
 	}