feat: Add support for uploading a file directly to the file provider from the client (#12224)

* feat: Add support for uploading a file directly to the file provider from the client * fix: Add missing types and add a couple of module tests * fix: Allow nested routes, add test for it
2025-04-18 10:22:00 +02:00
parent 6b1d8cd3d4
commit c4a0b63778
11 changed files with 314 additions and 5 deletions
--- a/packages/core/types/src/file/common.ts
+++ b/packages/core/types/src/file/common.ts
@@ -1,3 +1,8 @@
 /**
 * The access level of the file.
 */
 export type FileAccessPermission = "public" | "private"
 /**
 * The File details.
 */
@@ -24,3 +29,14 @@ export interface FilterableFileProps {
   */
  id?: string
 }
 export interface UploadFileUrlDTO {
  /**
   * The URL of the file.
   */
  url: string
  /**
   * The key of the file.
   */
  key: string
 }
--- a/packages/core/types/src/file/mutations.ts
+++ b/packages/core/types/src/file/mutations.ts
@@ -1,3 +1,5 @@
 import { FileAccessPermission } from "./common"
 /**
 * The File to be created.
 */
@@ -9,7 +11,7 @@ export interface CreateFileDTO {
  /**
   * The mimetype of the uploaded file
-   * 
+   *
   * @example
   * image/png
   */
@@ -23,5 +25,22 @@ export interface CreateFileDTO {
  /**
   * The access level of the file. Defaults to private if not passed
   */
-  access?: "public" | "private"
+  access?: FileAccessPermission
 }
 export interface GetUploadFileUrlDTO {
  /**
   * The name of the file to be uploaded
   */
  filename: string
  /**
   * The mimetype of the file to be uploaded
   */
  mimeType?: string
  /**
   * The access level of the file to be uploaded. Defaults to private if not passed
   */
  access?: FileAccessPermission
 }
--- a/packages/core/types/src/file/provider.ts
+++ b/packages/core/types/src/file/provider.ts
@@ -1,3 +1,5 @@
 import { FileAccessPermission } from "./common"
 /**
 * @interface
 *
@@ -71,7 +73,34 @@ export type ProviderUploadFileDTO = {
  /**
   * The access level of the file. Defaults to private if not passed
   */
-  access?: "public" | "private"
+  access?: FileAccessPermission
 }
 /**
 * @interface
 *
 * The details of the file to get a presigned upload URL for.
 */
 export type ProviderGetPresignedUploadUrlDTO = {
  /**
   * The filename of the file to get a presigned upload URL for.
   */
  filename: string
  /**
   * The mimetype of the file to get a presigned upload URL for.
   */
  mimeType?: string
  /**
   * The access level of the file to get a presigned upload URL for.
   */
  access?: FileAccessPermission
  /**
   * The validity of the presigned upload URL in seconds.
   */
  expiresIn?: number
 }
 export interface IFileProvider {
@@ -103,4 +132,16 @@ export interface IFileProvider {
   *
   */
  getPresignedDownloadUrl(fileData: ProviderGetFileDTO): Promise<string>
  /**
   * This method is used to get a presigned upload URL for a file.
   * If the file provider does not support direct upload, an exception will be thrown when calling this method.
   *
   * @param {ProviderGetPresignedUploadUrlDTO} fileData - The details of the file to get a presigned upload URL for.
   * @returns {Promise<ProviderFileResultDTO>} The presigned URL and file key to upload the file to
   *
   */
  getPresignedUploadUrl?(
    fileData: ProviderGetPresignedUploadUrlDTO
  ): Promise<ProviderFileResultDTO>
 }
--- a/packages/core/types/src/file/service.ts
+++ b/packages/core/types/src/file/service.ts
@@ -1,8 +1,8 @@
 import { IModuleService } from "../modules-sdk"
-import { FileDTO, FilterableFileProps } from "./common"
+import { FileDTO, FilterableFileProps, UploadFileUrlDTO } from "./common"
 import { FindConfig } from "../common"
 import { Context } from "../shared-context"
-import { CreateFileDTO } from "./mutations"
+import { CreateFileDTO, GetUploadFileUrlDTO } from "./mutations"
 export interface IFileModuleService extends IModuleService {
  /**
@@ -41,6 +41,43 @@ export interface IFileModuleService extends IModuleService {
  createFiles(data: CreateFileDTO, sharedContext?: Context): Promise<FileDTO>
  /**
   * This method gets the upload URL for a file.
   *
   * @param {GetUploadFileUrlDTO} data - The file information to get the upload URL for.
   * @param {Context} sharedContext - A context used to share resources, such as transaction manager, between the application and the module.
   * @returns {Promise<UploadFileUrlDTO>} The upload URL for the file.
   *
   * @example
   * const uploadInfo = await fileModuleService.getUploadFileUrls({
   *   filename: "product.png",
   *   mimeType: "image/png",
   * })
   */
  getUploadFileUrls(
    data: GetUploadFileUrlDTO,
    sharedContext?: Context
  ): Promise<UploadFileUrlDTO>
  /**
   * This method uploads files to the designated file storage system.
   *
   * @param {GetUploadFileUrlDTO[]} data - The file information to get the upload URL for.
   * @param {Context} sharedContext - A context used to share resources, such as transaction manager, between the application and the module.
   * @returns {Promise<UploadFileUrlDTO[]>} The upload URLs for the files.
   *
   * @example
   * const [uploadInfo] = await fileModuleService.getUploadFileUrls([{
   *   filename: "product.png",
   *   mimeType: "image/png",
   * }])
   */
  getUploadFileUrls(
    data: GetUploadFileUrlDTO[],
    sharedContext?: Context
  ): Promise<UploadFileUrlDTO[]>
  /**
   * This method deletes files by their IDs.
   *
--- a/packages/modules/file/integration-tests/fixtures/providers/default-provider.ts
+++ b/packages/modules/file/integration-tests/fixtures/providers/default-provider.ts
@@ -27,6 +27,15 @@ export class FileProviderServiceFixtures extends AbstractFileProviderService {
    return ""
  }
  async getPresignedUploadUrl(
    fileData: FileTypes.ProviderGetPresignedUploadUrlDTO
  ): Promise<FileTypes.ProviderFileResultDTO> {
    return {
      url: "presigned-url/" + fileData.filename,
      key: fileData.filename,
    }
  }
 }
 export const services = [FileProviderServiceFixtures]
--- a/packages/modules/file/integration-tests/tests/module.spec.ts
+++ b/packages/modules/file/integration-tests/tests/module.spec.ts
@@ -63,6 +63,31 @@ moduleIntegrationTestRunner<IFileModuleService>({
        const downloadUrl = await service.retrieveFile("test.jpg")
        expect(await new Response(downloadUrl.url).text()).toEqual("test")
      })
      it("generates a presigned upload URL", async () => {
        const res = await service.getUploadFileUrls({
          filename: "test.jpg",
          mimeType: "image/jpeg",
        })
        expect(res).toEqual({
          url: "presigned-url/test.jpg",
          key: "test.jpg",
        })
      })
      it("fails to get a presigned upload URL if a filename isn't provided", async () => {
        const err = await service
          .getUploadFileUrls({
            filename: "",
            mimeType: "image/jpeg",
          })
          .catch((err) => err)
        expect(err.message).toEqual(
          "File name is required to get a presigned upload URL"
        )
      })
    })
  },
 })
--- a/packages/modules/file/src/services/file-module-service.ts
+++ b/packages/modules/file/src/services/file-module-service.ts
@@ -1,7 +1,9 @@
 import {
  Context,
  CreateFileDTO,
  GetUploadFileUrlDTO,
  FileDTO,
  UploadFileUrlDTO,
  FileTypes,
  FilterableFileProps,
  FindConfig,
@@ -49,6 +51,27 @@ export default class FileModuleService implements FileTypes.IFileModuleService {
    return Array.isArray(data) ? result : result[0]
  }
  getUploadFileUrls(
    data: GetUploadFileUrlDTO[],
    sharedContext?: Context
  ): Promise<UploadFileUrlDTO[]>
  getUploadFileUrls(
    data: GetUploadFileUrlDTO,
    sharedContext?: Context
  ): Promise<UploadFileUrlDTO>
  async getUploadFileUrls(
    data: GetUploadFileUrlDTO[] | GetUploadFileUrlDTO
  ): Promise<UploadFileUrlDTO[] | UploadFileUrlDTO> {
    const input = Array.isArray(data) ? data : [data]
    const result = await Promise.all(
      input.map((file) => this.fileProviderService_.getPresignedUploadUrl(file))
    )
    return Array.isArray(data) ? result : result[0]
  }
  async deleteFiles(ids: string[], sharedContext?: Context): Promise<void>
  async deleteFiles(id: string, sharedContext?: Context): Promise<void>
  async deleteFiles(ids: string[] | string): Promise<void> {
--- a/packages/modules/file/src/services/file-provider-service.ts
+++ b/packages/modules/file/src/services/file-provider-service.ts
@@ -48,4 +48,24 @@ export default class FileProviderService {
  ): Promise<string> {
    return this.fileProvider_.getPresignedDownloadUrl(fileData)
  }
  getPresignedUploadUrl(
    fileData: FileTypes.ProviderGetPresignedUploadUrlDTO
  ): Promise<FileTypes.ProviderFileResultDTO> {
    if (!this.fileProvider_.getPresignedUploadUrl) {
      throw new MedusaError(
        MedusaError.Types.INVALID_DATA,
        "Provider does not support presigned upload URLs"
      )
    }
    if (!fileData.filename) {
      throw new MedusaError(
        MedusaError.Types.INVALID_DATA,
        "File name is required to get a presigned upload URL"
      )
    }
    return this.fileProvider_.getPresignedUploadUrl(fileData)
  }
 }
--- a/packages/modules/providers/file-s3/integration-tests/fixtures/catphoto.jpg
+++ b/packages/modules/providers/file-s3/integration-tests/fixtures/catphoto.jpg
--- a/packages/modules/providers/file-s3/integration-tests/tests/services.spec.ts
+++ b/packages/modules/providers/file-s3/integration-tests/tests/services.spec.ts
@@ -81,4 +81,83 @@ describe.skip("S3 File Plugin", () => {
      expect(response.status).toEqual(404)
    })
  })
  it("gets a presigned upload URL and uploads a file successfully", async () => {
    const fileContent = await fs.readFile(fixtureImagePath)
    const fixtureAsBinary = fileContent.toString("binary")
    const resp = await s3Service.getPresignedUploadUrl({
      filename: "catphoto.jpg",
      mimeType: "image/jpeg",
      access: "private",
    })
    expect(resp).toEqual({
      key: expect.stringMatching(/tests\/catphoto.*\.jpg/),
      url: expect.stringMatching(/https:\/\/.*catphoto\.jpg/),
    })
    const uploadResp = await axios.put(resp.url, fileContent, {
      headers: {
        // On Digitalocean, among others, despite the ACL set on the upload URL, the caller can set the acl to anything they want.
        // On AWS passing the ACL in the upload will fail since it's set on the signed URL.
        // "x-amz-acl": "private",
        "Content-Type": "image/jpeg",
      },
    })
    expect(uploadResp.status).toEqual(200)
    const signedUrl = await s3Service.getPresignedDownloadUrl({
      fileKey: resp.key,
    })
    const signedUrlFile = Buffer.from(
      await axios
        .get(signedUrl, { responseType: "arraybuffer" })
        .then((r) => r.data)
    )
    expect(signedUrlFile.toString("binary")).toEqual(fixtureAsBinary)
    await s3Service.delete({ fileKey: resp.key })
  })
  it("gets a presigned upload URL for a nested filename structure and uploads a file successfully", async () => {
    const fileContent = await fs.readFile(fixtureImagePath)
    const fixtureAsBinary = fileContent.toString("binary")
    const resp = await s3Service.getPresignedUploadUrl({
      filename: "testfolder/catphoto.jpg",
      mimeType: "image/jpeg",
      access: "private",
    })
    expect(resp).toEqual({
      key: expect.stringMatching(/tests\/testfolder\/catphoto.*\.jpg/),
      url: expect.stringMatching(/https:\/\/.*testfolder\/catphoto\.jpg/),
    })
    const uploadResp = await axios.put(resp.url, fileContent, {
      headers: {
        "Content-Type": "image/jpeg",
      },
    })
    expect(uploadResp.status).toEqual(200)
    const signedUrl = await s3Service.getPresignedDownloadUrl({
      fileKey: resp.key,
    })
    const signedUrlFile = Buffer.from(
      await axios
        .get(signedUrl, { responseType: "arraybuffer" })
        .then((r) => r.data)
    )
    expect(signedUrlFile.toString("binary")).toEqual(fixtureAsBinary)
    await s3Service.delete({ fileKey: resp.key })
  })
 })
--- a/packages/modules/providers/file-s3/src/services/s3-file.ts
+++ b/packages/modules/providers/file-s3/src/services/s3-file.ts
@@ -1,6 +1,7 @@
 import {
  DeleteObjectCommand,
  GetObjectCommand,
  ObjectCannedACL,
  PutObjectCommand,
  S3Client,
  S3ClientConfigType,
@@ -36,6 +37,8 @@ interface S3FileServiceConfig {
  additionalClientConfig?: Record<string, any>
 }
 const DEFAULT_UPLOAD_EXPIRATION_DURATION_SECONDS = 60 * 60
 export class S3FileService extends AbstractFileProviderService {
  static identifier = "s3"
  protected config_: S3FileServiceConfig
@@ -175,4 +178,41 @@ export class S3FileService extends AbstractFileProviderService {
      expiresIn: this.config_.downloadFileDuration,
    })
  }
  // Note: Some providers (eg. AWS S3) allows IAM policies to further restrict what can be uploaded.
  async getPresignedUploadUrl(
    fileData: FileTypes.ProviderGetPresignedUploadUrlDTO
  ): Promise<FileTypes.ProviderFileResultDTO> {
    if (!fileData?.filename) {
      throw new MedusaError(
        MedusaError.Types.INVALID_DATA,
        `No filename provided`
      )
    }
    const fileKey = `${this.config_.prefix}${fileData.filename}`
    let acl: ObjectCannedACL | undefined
    if (fileData.access) {
      acl = fileData.access === "public" ? "public-read" : "private"
    }
    // Using content-type, acl, etc. doesn't work with all providers, and some simply ignore it.
    const command = new PutObjectCommand({
      Bucket: this.config_.bucket,
      ContentType: fileData.mimeType,
      ACL: acl,
      Key: fileKey,
    })
    const signedUrl = await getSignedUrl(this.client_, command, {
      expiresIn:
        fileData.expiresIn ?? DEFAULT_UPLOAD_EXPIRATION_DURATION_SECONDS,
    })
    return {
      url: signedUrl,
      key: fileKey,
    }
  }
 }