refactor(asset-storage): fix security problems

2026-05-06 02:18:08 +08:00 · 2026-01-25 03:44:11 +08:00
parent 22287e16e2
commit c035133353
32 changed files with 852 additions and 135 deletions
--- a/api/core/sandbox/initializer/app_assets_initializer.py
+++ b/api/core/sandbox/initializer/app_assets_initializer.py
@ -1,11 +1,9 @@
 import logging

 from core.app_assets.constants import AppAssetsAttrs
-from core.app_assets.paths import AssetPaths
+from core.app_assets.storage import AssetPath, app_asset_storage
 from core.sandbox.sandbox import Sandbox
 from core.virtual_environment.__base.helpers import pipeline
-from extensions.ext_storage import storage
-from extensions.storage.file_presign_storage import FilePresignStorage
 from services.app_asset_service import AppAssetService

 from ..entities import AppAssets
@ -28,8 +26,9 @@ class AppAssetsInitializer(AsyncSandboxInitializer):
        sandbox.attrs.set(AppAssetsAttrs.FILE_TREE, app_assets.asset_tree)
        sandbox.attrs.set(AppAssetsAttrs.APP_ASSETS_ID, self._assets_id)
        vm = sandbox.vm
-        zip_key = AssetPaths.build_zip(self._tenant_id, self._app_id, self._assets_id)
-        download_url = FilePresignStorage(storage.storage_runner).get_download_url(zip_key)
+        asset_storage = app_asset_storage
+        zip_ref = AssetPath.build_zip(self._tenant_id, self._app_id, self._assets_id)
+        download_url = asset_storage.get_download_url(zip_ref, for_external=False)

        (
            pipeline(vm)
--- a/api/core/sandbox/initializer/draft_app_assets_initializer.py
+++ b/api/core/sandbox/initializer/draft_app_assets_initializer.py
@ -1,7 +1,7 @@
 import logging

 from core.app_assets.constants import AppAssetsAttrs
-from core.app_assets.paths import AssetPaths
+from core.app_assets.storage import AssetPath, app_asset_storage
 from core.sandbox.entities import AppAssets
 from core.sandbox.sandbox import Sandbox
 from core.sandbox.services import AssetDownloadService
@ -32,18 +32,18 @@ class DraftAppAssetsInitializer(AsyncSandboxInitializer):
        vm = sandbox.vm
        build_id = self._assets_id
        tree = app_assets.asset_tree
-        storage = AppAssetService.assets_storage()
+        storage = app_asset_storage
        nodes = list(tree.walk_files())
        if not nodes:
            return
        # FIXME(Mairuis): should be more graceful
-        storage_keys = [
-            AssetPaths.build_resolved_file(self._tenant_id, self._app_id, build_id, node.id)
+        refs = [
+            AssetPath.resolved(self._tenant_id, self._app_id, build_id, node.id)
            if node.extension == "md"
-            else AssetPaths.draft_file(self._tenant_id, self._app_id, node.id)
+            else AssetPath.draft(self._tenant_id, self._app_id, node.id)
            for node in nodes
        ]
-        urls = storage.get_download_urls(storage_keys, DRAFT_ASSETS_EXPIRES_IN)
+        urls = storage.get_download_urls(refs, DRAFT_ASSETS_EXPIRES_IN, for_external=False)
        items = [AssetDownloadItem(path=tree.get_path(node.id).lstrip("/"), url=url) for node, url in zip(nodes, urls)]
        script = AssetDownloadService.build_download_script(items, AppAssets.PATH)
        pipeline(vm).add(