mirror of
https://github.com/TronoSfera/Law.git
synced 2026-05-18 10:03:45 +03:00
33 lines
1.3 KiB
Markdown
33 lines
1.3 KiB
Markdown
# File Storage Service Context
|
|
|
|
## Storage
|
|
- Self-hosted S3 (MinIO)
|
|
- Presigned PUT or multipart upload
|
|
- Store metadata in `attachments` table
|
|
|
|
## Rules
|
|
- Max 25MB per file
|
|
- Max 250MB per request
|
|
- Attachments created in previous statuses become immutable after status change
|
|
- Current UX target: download/open file (no mandatory inline preview yet)
|
|
- Download via presigned GET or proxy endpoint
|
|
|
|
## Implemented Enforcement (`P17`)
|
|
- Server-side limit checks in both public/admin upload flows:
|
|
- `init`: checks requested size and current request total
|
|
- `complete`: re-checks actual object size from S3 `head_object` and request total
|
|
- Object key scope validation:
|
|
- public attachment upload accepts only keys under `requests/{request_id}/...`
|
|
- admin request attachment upload accepts only keys under `requests/{request_id}/...`
|
|
- admin avatar upload accepts only keys under `avatars/{user_id}/...`
|
|
- Download access guard (`/api/admin/uploads/object/{key}`):
|
|
- `ADMIN`: full access
|
|
- `LAWYER`: only own avatar and files from own/unassigned requests
|
|
|
|
## Planned Security Audit (`P27`)
|
|
- Security event log for every file operation:
|
|
- upload init/complete
|
|
- download/open
|
|
- denied access attempts
|
|
- Logging fields: actor, role, IP/device, object key, request_id, outcome, timestamp
|
|
- Add periodic integrity/security checks for object metadata and access anomalies
|