From 290d78cea4850982a2843dc1a2954f0d66fe58d8 Mon Sep 17 00:00:00 2001
From: David Hewitt <davidmhewitt@users.noreply.github.com>
Date: Sun, 13 Nov 2022 05:57:10 +0000
Subject: [PATCH] Allow unsetting x-amz-acl S3 Permission headers (#20510)

Some "S3 Compatible" storage providers (Cloudflare R2 is one such example) don't support setting ACLs on individual uploads with the `x-amz-acl` header, and instead just have a visibility for the whole bucket. To support uploads to such providers without getting unsupported errors back, lets use a black `S3_PERMISSION` env var to indicate that these headers shouldn't be sent.

This is tested as working with Cloudflare R2.
---
 config/initializers/paperclip.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/config/initializers/paperclip.rb b/config/initializers/paperclip.rb
index 26b0a2f7cd..5c182ade48 100644
--- a/config/initializers/paperclip.rb
+++ b/config/initializers/paperclip.rb
@@ -67,6 +67,12 @@ if ENV['S3_ENABLED'] == 'true'
       retry_limit: 0,
     }
   )
+  
+  if ENV['S3_PERMISSION'] == ''
+    Paperclip::Attachment.default_options.merge!(
+      s3_permissions: ->(*) { nil }
+    )
+  end
 
   if ENV.has_key?('S3_ENDPOINT')
     Paperclip::Attachment.default_options[:s3_options].merge!(
-- 
GitLab