-
Notifications
You must be signed in to change notification settings - Fork 370
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
File method to check whether an Object is Public #683
Comments
(Following this from the GCP Slack Channel for Storage) The XML API version: A library isn't necessary in this case and requires accessing the object payload which may be large. A workaround for large objects is to not download all the data if the object is public. An alternative it to review ACL and IAM permissions, but it's rather complex given permissions can be set at the Project, Bucket and Object level. I'd recommend not adding support that determines if an object is public by reviewing permissions. |
There is an example of or more generic implementation async function isFilePublic(file: File) {
try {
const [aclObject] = await file.acl.get({entity: 'allUsers'});
if ((aclObject as AccessControlObject).entity === 'allUsers' &&
(aclObject as AccessControlObject).role === 'READER') {
return true;
} else {
return false;
}
} catch (error) {
if (error.code === 404) {
return false;
} else {
throw error;
}
}
} @frankyn would you consider a wrapper method for above? |
Thanks @AVaksman! The issue with the helper function is a user not having the necessary permissions to verify the object and bucket level ACL or IAM policy at a bucket level. This helper method only verifies the object ACL if they're set. Example Case: If a user only has permission to perform a ACL GET request on an object and the Object ACL does not have This can lead to user confusion that the object is not public when it really is public. |
Is it possible to just send a |
Thanks for chiming in with that option @stephenplusplus. I didn't know about that HTTP HEAD request. I recommend using the format |
Right now there exist no method on
File
object to explicitly check whether a given a file is Public or Not.There should be a way to check this.
The text was updated successfully, but these errors were encountered: