pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

More secure SAS permissions for Azure upload

Browse Source
This commit is contained in:
richard-dds 2019-08-06 13:43:57 -04:00
parent 989e28e5fb
commit 59de01031c
2 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
atst/domain/csp/file_uploads.py
View File

@ -1,5 +1,5 @@
from azure.storage.common import CloudStorageAccount from azure.storage.common import CloudStorageAccount
from azure.storage.blob import ContainerPermissions from azure.storage.blob import BlobPermissions
from datetime import datetime, timedelta from datetime import datetime, timedelta
from uuid import uuid4 from uuid import uuid4
@ -52,10 +52,11 @@ class AzureUploader(Uploader):
) )
bbs = account.create_block_blob_service() bbs = account.create_block_blob_service()
object_name = self.object_name() object_name = self.object_name()
sas_token = bbs.generate_container_shared_access_signature( sas_token = bbs.generate_blob_shared_access_signature(
self.container_name, self.container_name,
ContainerPermissions.WRITE, object_name,
datetime.utcnow() + self.timeout, permission=BlobPermissions.CREATE,
expiry=datetime.utcnow() + self.timeout,
protocol="https", protocol="https",
) )
return ({"token": sas_token}, object_name) return ({"token": sas_token}, object_name)

2
js/lib/upload.js
View File

@ -27,7 +27,7 @@ class AzureUploader {
fileReader.addEventListener('load', f => { fileReader.addEventListener('load', f => {
blobService.createBlockBlobFromText( blobService.createBlockBlobFromText(
this.containerName, this.containerName,
`${objectName}.pdf`, `${objectName}`,
f.target.result, f.target.result,
options, options,
function(err, result) { function(err, result) {