1

We are using S3 for our image upload process. We approve all the images that are uploaded on our website. The process is like:

  1. Clients upload images on S3 from javascript at a given path. (using token)
  2. Once, we get back the url from S3, we save the S3 path in our database with 'isApproved flag false' in photos table.
  3. Once the image is approved through our executive, the images start displaying on our website.

The problem is that the user may change the image (to some obscene image) after the approval process through the token generated. Can we somehow stop users from modifying the images like this?

One temporary fix is to shorten the token lifetime interval i.e. 5 minutes and approve the images after that interval only.

I saw this but didn't help as versioning is also replacing the already uploaded image and moving previously uploaded image to new versioned path.

Any better solutions?

Sahil Sharma
  • 3,027
  • 3
  • 29
  • 71
  • 4
    You could move the approved images to another bucket (or folder) that has a different set of permissions (read-only access). – Khalid T. Aug 07 '17 at 06:52
  • 1
    Expanding on @KhalidT.'s comment, it seems like you shouldn't be letting users write the object to the path where it will ultimately be published. You should be doing that when you "approve" them. – Michael - sqlbot Aug 07 '17 at 14:06

1 Answers1

1

You should create a workflow around the uploaded images. The process would be:

  • The client uploads the image
  • This triggers an Amazon S3 event notification to you/your system
  • If you approve the image, move it to the public bucket that is serving your content
  • If you do not approve the image, delete it

This could be an automated process using an AWS Lambda function to update your database and flag photos for approval, or it could be done manually after receiving an email notification via Amazon SNS. The choice is up to you.

The benefit of this method is that nothing can be substituted once approved.

John Rotenstein
  • 165,783
  • 13
  • 223
  • 298
  • One problem - we have two category of images, 1. any website user can upload, 2. the other category of image is internal upload. We just need to do approval process for user uploaded images. How can I do that? – Sahil Sharma Aug 07 '17 at 07:31
  • "If you approve the image, move it to the public bucket that is serving your content".. we have single bucket only and the image in that bucket can be created/edited/deleted – Sahil Sharma Aug 07 '17 at 18:38
  • Then move it to a different directory. Otherwise an unapproved upload will overwrite an approved upload. You can set permissions so the client can only upload to an "uploads directory", and once approved you can move it to the "public directory". – John Rotenstein Aug 07 '17 at 21:45