feat: private content (#1137)

* save images as private and serve via signed url from images.info api

* download private images to directory on export

* fix lint errors

* private s3 default, AWS.s3 module level scope, default s3 url expiry

* combine regex to one, and only replace when there are matches

* fix lint

* code not needed anymore, remove

* updates after pulling master

* revert the uploadToS3FromUrl url return

* use model gettr to compact code, rename to attachments api

* basic checking of document read permission to allow attachment viewing

* fix: Continue to upload avatars as public
fix: Allow redirect for non-private attachments

* add support for publicly shared documents

* catch errors which crash the app during zip export and user creation

* add tests

* enable AWS signature v4 for s3

* switch to use factories to build models for testing

* add isDocker flag for local serving of attachment redirect url

* fix redirect tests

Co-authored-by: Tom Moor <tom.moor@gmail.com>

server/models/User.js

@@ -128,14 +128,21 @@ const uploadAvatar = async model => {
 
   if (
     avatarUrl &&
+    !avatarUrl.startsWith('/api') &&
     !avatarUrl.startsWith(endpoint) &&
     !avatarUrl.startsWith(DEFAULT_AVATAR_HOST)
   ) {
-    const newUrl = await uploadToS3FromUrl(
-      avatarUrl,
-      `avatars/${model.id}/${uuid.v4()}`
-    );
-    if (newUrl) model.avatarUrl = newUrl;
+    try {
+      const newUrl = await uploadToS3FromUrl(
+        avatarUrl,
+        `avatars/${model.id}/${uuid.v4()}`,
+        'public-read'
+      );
+      if (newUrl) model.avatarUrl = newUrl;
+    } catch (err) {
+      // we can try again next time
+      console.error(err);
+    }
   }
 };