@gravitywelluk/aws/dist/s3/pre-signed-s3-url.js

Library of commonly used AWS wrapper functions to communicate with the AWS SDK

"use strict";
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
}) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
    Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
    o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
    if (mod && mod.__esModule) return mod;
    var result = {};
    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
    __setModuleDefault(result, mod);
    return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.preSignedS3Url = void 0;
const Joi = __importStar(require("joi"));
const ts_enum_util_1 = require("ts-enum-util");
const validation_utils_1 = require("@gravitywelluk/validation-utils");
const aws_error_1 = require("../utils/aws-error");
const s3_configure_1 = require("./s3-configure");
/**
 * Creates a pre-signed S3 URL request to perform either a 'getObject' or 'putObject'
 *
 * @param signedUrlParams - The parameters required to get a signed S3 URL
 * @param awsS3ConfigOverrides - Configuration option overrides
 */
const preSignedS3Url = async (signedUrlParams, awsS3ConfigOverrides = {}) => {
    const s3 = (0, s3_configure_1.s3Configure)(awsS3ConfigOverrides);
    let key = "";
    const { error } = Joi.object({
        bucket: Joi.string().required(),
        path: Joi.string().required(),
        userSub: Joi.when("level", {
            is: s3_configure_1.S3Level.protected || s3_configure_1.S3Level.private,
            then: Joi.string().required()
        }),
        operation: Joi.string().required().allow("put", "get"),
        level: Joi.string().required().allow(...(0, ts_enum_util_1.$enum)(s3_configure_1.S3Level).getValues())
    }).unknown(true).validate(signedUrlParams);
    // Error if there any Joi validation errors
    if (error) {
        throw new validation_utils_1.JoiError(error);
    }
    key = signedUrlParams.path;
    // Prefix namespacing
    if (signedUrlParams.level === s3_configure_1.S3Level.public) {
        key = `${s3_configure_1.S3Level.public}/${key}`;
    }
    else if (signedUrlParams.level === s3_configure_1.S3Level.admin) {
        key = `${s3_configure_1.S3Level.admin}/${key}`;
    }
    else if (signedUrlParams.userSub) {
        // save to the users private directory in s3 so that only they can access it
        key = `${signedUrlParams.level}/${signedUrlParams.userSub}/${key}`;
    }
    // Perform the pre-signed URL request
    try {
        const signedUrl = await s3.getSignedUrlPromise(`${signedUrlParams.operation}Object`, {
            Bucket: signedUrlParams.bucket,
            Key: key
        });
        return {
            url: signedUrl,
            key,
            level: signedUrlParams.level
        };
    }
    catch (error) {
        throw new aws_error_1.AwsError(error);
    }
};
exports.preSignedS3Url = preSignedS3Url;