Question

Spaces default permissions

Posted March 5, 2019 1.2k views
Ruby on Rails

Hi,
I am trying to use spaces as an active storage provider with ruby on rails.

Rails seems to expect the files to be public with no (obvious) way of setting the permission on upload.

I am trying to set the default permission for a spaces to public, but only find resources showing how to change permission after the upload. What I need is set the default to public.

Is it possible to do? Without it we can’t deploy to digital ocean :-/

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

5 answers

Managed to make it work by upgrading rails. It works with the presigned url now.

Don’t need it anymore, but can’t figure out how to change default permission.

This seems to imply it is possible:
https://developers.digitalocean.com/documentation/spaces/#create-a-bucket

Tried with the ruby aws api, it crash with
Aws::S3::Errors::XAmzContentSHA256Mismatch ()

Then I used the Aws ruby api to generate the sign header that I use directly with curl.
Spaces did returned HTTP/1.1 200 OK, but nothing changed. New file are still privates. Though maybe I misunderstood the api and it just set the listing setting to public, but no this one stays private too.

We have the same problem. Did you figure it out? There support send a link on the ACL (https://developers.digitalocean.com/documentation/spaces/#set-bucket-acls) but i don’t know how to implement it.

Hi there. The documentation says the API is S3-compatible (https://developers.digitalocean.com/documentation/spaces/#introduction). So I just went and used the s3cmd tool like this:

s3cmd --access-key=xxx --secret-key=yyy --host=<region>.digitaloceanspaces.com --host-bucket=<bucket>.<region>.digitaloceanspaces.com --region=<region> s3://<bucket> --acl-public

Oops, correcting myself. The command should be:

s3cmd --access_key=xxx --secret_key=yyy --host=<region>.digitaloceanspaces.com --host-bucket=<bucket>.<region>.digitaloceanspaces.com --region=<region> setacl s3://<bucket> --acl-public

Turns out this does not help. When uploading files via a client without explicitely setting an ACL, they are still set to private.

Submit an Answer