feat(storage): add configurable storage access policies
Replace hardcoded `users/` path-based access control with a declarative `storageAccessPolicies` system defined per module via `defineModule()`. - Add `storageAccessPolicies` field to `defineModule()` defaults with support for `owner` and `admin` policy types - Expose `getAllStorageAccessPolicies()` from the modules/storage layer - Refactor `handleGetFile` in `storage/api.js` to resolve access control dynamically from registered policies instead of hardcoded path checks - Add `ZEN_STORAGE_ENDPOINT` env var and update `.env.example` to support S3-compatible backends (Cloudflare R2, Backblaze B2) - Document the env/doc sync convention in `DEV.md`
This commit is contained in:
+6
-3
@@ -15,9 +15,12 @@ ZEN_DATABASE_URL=postgres://USER:PASSWORD@HOST:PORT/postgres
|
||||
ZEN_DATABASE_URL_DEV=postgres://USER:PASSWORD@HOST:PORT/postgres_dev
|
||||
ZEN_DB_SSL_DISABLED=false
|
||||
|
||||
# STORAGE (Cloudflare R2 for now)
|
||||
ZEN_STORAGE_BUCKET=my-bucket-name
|
||||
ZEN_STORAGE_REGION=your-account-id
|
||||
# STORAGE (S3-compatible — Cloudflare R2 ou Backblaze B2)
|
||||
# R2 : ZEN_STORAGE_ENDPOINT=<accountId>.r2.cloudflarestorage.com ZEN_STORAGE_REGION=auto
|
||||
# B2 : ZEN_STORAGE_ENDPOINT=s3.<region>.backblazeb2.com ZEN_STORAGE_REGION=<region>
|
||||
ZEN_STORAGE_ENDPOINT=
|
||||
ZEN_STORAGE_REGION=auto
|
||||
ZEN_STORAGE_BUCKET=
|
||||
ZEN_STORAGE_ACCESS_KEY=
|
||||
ZEN_STORAGE_SECRET_KEY=
|
||||
|
||||
|
||||
Reference in New Issue
Block a user