( filePath: string, userId: string, requestId: string, logger: Logger )
| 224 | } |
| 225 | |
| 226 | export async function resolveInternalFileUrl( |
| 227 | filePath: string, |
| 228 | userId: string, |
| 229 | requestId: string, |
| 230 | logger: Logger |
| 231 | ): Promise<{ fileUrl?: string; error?: { status: number; message: string } }> { |
| 232 | if (!isInternalFileUrl(filePath)) { |
| 233 | return { fileUrl: filePath } |
| 234 | } |
| 235 | |
| 236 | try { |
| 237 | const storageKey = extractStorageKey(filePath) |
| 238 | const context = inferContextFromKey(storageKey) |
| 239 | const hasAccess = await verifyFileAccess(storageKey, userId, undefined, context, false) |
| 240 | |
| 241 | if (!hasAccess) { |
| 242 | logger.warn(`[${requestId}] Unauthorized presigned URL generation attempt`, { |
| 243 | userId, |
| 244 | key: storageKey, |
| 245 | context, |
| 246 | }) |
| 247 | return { error: { status: 404, message: 'File not found' } } |
| 248 | } |
| 249 | |
| 250 | const fileUrl = await StorageService.generatePresignedDownloadUrl(storageKey, context, 5 * 60) |
| 251 | logger.info(`[${requestId}] Generated presigned URL for ${context} file`) |
| 252 | return { fileUrl } |
| 253 | } catch (error) { |
| 254 | logger.error(`[${requestId}] Failed to generate presigned URL:`, error) |
| 255 | return { error: { status: 500, message: 'Failed to generate file access URL' } } |
| 256 | } |
| 257 | } |
| 258 | |
| 259 | /** |
| 260 | * Downloads a file from storage (execution or regular) |
no test coverage detected