User the secure s3 endpoint and store our files encrypted.

2013-10-31 11:32:08 -04:00 · 2013-10-31 11:32:08 -04:00 · b96f678df8
commit b96f678df8
parent 65aad1a2d9
2 changed files with 127 additions and 129 deletions
--- a/data/userfiles.py
+++ b/data/userfiles.py
@ -20,8 +20,7 @@ class S3FileWriteException(Exception):

 class UserRequestFiles(object):
  def __init__(self, s3_access_key, s3_secret_key, bucket_name):
-    self._s3_conn = boto.connect_s3(s3_access_key, s3_secret_key,
-                                    is_secure=False)
+    self._s3_conn = boto.connect_s3(s3_access_key, s3_secret_key)
    self._bucket_name = bucket_name
    self._bucket = self._s3_conn.get_bucket(bucket_name)
    self._access_key = s3_access_key
@ -34,7 +33,8 @@ class UserRequestFiles(object):
    file_id = str(uuid4())
    full_key = os.path.join(self._prefix, file_id)
    k = Key(self._bucket, full_key)
-    url = k.generate_url(300, 'PUT', headers={'Content-Type': mime_type})
+    url = k.generate_url(300, 'PUT', headers={'Content-Type': mime_type},
+                         encrypt_key=True)
    return (url, file_id)

  def store_file(self, flask_file):
@ -43,7 +43,7 @@ class UserRequestFiles(object):
    k = Key(self._bucket, full_key)
    logger.debug('Setting s3 content type to: %s' % flask_file.content_type)
    k.set_metadata('Content-Type', flask_file.content_type)
-    bytes_written = k.set_contents_from_file(flask_file)
+    bytes_written = k.set_contents_from_file(flask_file, encrypt_key=True)

    if bytes_written == 0:
      raise S3FileWriteException('Unable to write file to S3')
--- a/storage/s3.py
+++ b/storage/s3.py
@ -36,9 +36,7 @@ class S3Storage(Storage):

  def __init__(self, storage_path, s3_access_key, s3_secret_key, s3_bucket):
    self._s3_conn = \
-            boto.s3.connection.S3Connection(s3_access_key,
-                                            s3_secret_key,
-                                            is_secure=False)
+      boto.s3.connection.S3Connection(s3_access_key, s3_secret_key)
    self._s3_bucket = self._s3_conn.get_bucket(s3_bucket)
    self._root_path = storage_path

@ -70,7 +68,7 @@ class S3Storage(Storage):
  def put_content(self, path, content):
    path = self._init_path(path)
    key = boto.s3.key.Key(self._s3_bucket, path)
-        key.set_contents_from_string(content)
+    key.set_contents_from_string(content, encrypt_key=True)
    return path

  def stream_read(self, path):
@ -97,7 +95,7 @@ class S3Storage(Storage):
    if self.buffer_size > buffer_size:
      buffer_size = self.buffer_size
    path = self._init_path(path)
-        mp = self._s3_bucket.initiate_multipart_upload(path)
+    mp = self._s3_bucket.initiate_multipart_upload(path, encrypt_key=True)
    num_part = 1
    while True:
      try: