Allow unsetting x-amz-acl S3 Permission headers (#20510)

Some "S3 Compatible" storage providers (Cloudflare R2 is one such example) don't support setting ACLs on individual uploads with the `x-amz-acl` header, and instead just have a visibility for the whole bucket. To support uploads to such providers without getting unsupported errors back, lets use a black `S3_PERMISSION` env var to indicate that these headers shouldn't be sent. This is tested as working with Cloudflare R2.
author: David Hewitt <davidmhewitt@users.noreply.github.com> 2022-11-13 05:57:10 +0000
committer: GitHub <noreply@github.com> 2022-11-13 06:57:10 +0100
commit: 290d78cea4850982a2843dc1a2954f0d66fe58d8 (patch)
tree: ba31b11b4fb913c71057ad36f99de5f136c3c1cc /config/initializers
parent: cf77d938f8fff0193225781f77f03e1616acc88f (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/config/initializers/paperclip.rb b/config/initializers/paperclip.rb
index 26b0a2f7c..5c182ade4 100644
--- a/config/initializers/paperclip.rb
+++ b/config/initializers/paperclip.rb
@@ -67,6 +67,12 @@ if ENV['S3_ENABLED'] == 'true'
       retry_limit: 0,
     }
   )
+  
+  if ENV['S3_PERMISSION'] == ''
+    Paperclip::Attachment.default_options.merge!(
+      s3_permissions: ->(*) { nil }
+    )
+  end
 
   if ENV.has_key?('S3_ENDPOINT')
     Paperclip::Attachment.default_options[:s3_options].merge!(
author	David Hewitt <davidmhewitt@users.noreply.github.com>	2022-11-13 05:57:10 +0000
committer	GitHub <noreply@github.com>	2022-11-13 06:57:10 +0100
commit	290d78cea4850982a2843dc1a2954f0d66fe58d8 (patch)
tree	ba31b11b4fb913c71057ad36f99de5f136c3c1cc /config/initializers
parent	cf77d938f8fff0193225781f77f03e1616acc88f (diff)