diff --git a/README.md b/README.md index 9fbeb82..5db2ac7 100644 --- a/README.md +++ b/README.md @@ -101,6 +101,7 @@ Options can be passed into the Signature class as a fifth parameter, below is a | expires | +6 hours | Request expiration time, specified in relative time format or in seconds. min: 1 (+1 second), max: 604800 (+7 days) | | valid_prefix | | Server will check that the filename starts with this prefix and fail with a AccessDenied 403 if not. | | content_type | | Strictly only allow a single content type, blank will allow all. Will fail with a AccessDenied 403 is this condition is not met. | +| content_type_starts_with | | If the content_type option (above) is blank, then this option allows a range of content types, through starts-with ([#30](/eddturtle/direct-upload/issues/30)) (added in v3.1). | | encryption | false | Sets whether AWS server side encryption should be applied to the uploaded files, so that files will be encrypted with AES256 when at rest. Should be a true or false bool. | | custom_url | null | Allow S3 compatible solutions by specifying the domain it should POST to. Must be a valid url (inc. http/https) otherwise will throw InvalidOptionException. | | accelerate | false | Set Amazon S3 Transfer Acceleration - more info @ [http://amzn.to/2xKblKe](http://amzn.to/2xKblKe). Should be a true or false bool. | diff --git a/src/Options.php b/src/Options.php index 663b355..6307a53 100644 --- a/src/Options.php +++ b/src/Options.php @@ -49,6 +49,10 @@ class Options // with a AccessDenied 403 is this condition is not met. 'content_type' => '', + // If the content_type option (above) is blank, then this option allows a range of + // content types, through starts-with #30. + 'content_type_starts_with' => '', + // Sets whether AWS server side encryption should be applied to the uploaded files, // so that files will be encrypted with AES256 when at rest. 'encryption' => false, diff --git a/src/Signature.php b/src/Signature.php index 3401d76..f881029 100644 --- a/src/Signature.php +++ b/src/Signature.php @@ -269,13 +269,29 @@ protected function generatePolicy(): void $this->base64Policy = base64_encode(json_encode($policy)); } + /** + * Build the content-type part of the policy. It can change based on options given to it. + * + * @return array [0 => the type to restriction, eq or starts-with, 1 => the content-type header, 2 => the value] + */ private function getPolicyContentTypeArray(): array { + // Prefix = 1st item of the array, eq is exact, starts-with is... starts with ;) $contentTypePrefix = (empty($this->options->get('content_type')) ? 'starts-with' : 'eq'); + + // Pass the content_type option (for exact) or content_type_starts_with for starts with matching + if (!empty($this->options->get('content_type'))) { + $contentTypeValue = $this->options->get('content_type'); + } else if (!empty($this->options->get('content_type_starts_with'))) { + $contentTypeValue = $this->options->get('content_type_starts_with'); + } else { + $contentTypeValue = ''; + } + return [ $contentTypePrefix, '$Content-Type', - $this->options->get('content_type') + $contentTypeValue ]; } diff --git a/tests/OptionsTest.php b/tests/OptionsTest.php index 68520ee..ae1010f 100644 --- a/tests/OptionsTest.php +++ b/tests/OptionsTest.php @@ -10,12 +10,13 @@ class OptionsTest extends TestCase public function testGetOptions() { $options = (new Options())->getOptions(); - $this->assertTrue(count($options) === 11); + $this->assertTrue(count($options) === 12); $this->assertArrayHasKey('success_status', $options); $this->assertArrayHasKey('acl', $options); $this->assertArrayHasKey('default_filename', $options); $this->assertArrayHasKey('max_file_size', $options); $this->assertArrayHasKey('expires', $options); $this->assertArrayHasKey('valid_prefix', $options); + $this->assertArrayHasKey('content_type', $options); } }