makeplane
[bug]: On hosted Plane, uploaded files go to public s3 bucket
Is there an existing issue for this?
- [X] I have searched the existing issues
Current behavior
When I upload a file using the hosted Plane.so app, the file is accessible at the same url for any unauthenticated browser.
Similar to #4181, but this is for the cloud hosted version. This is not desirable behaviour at all. Many people will put sensitive design documents in their issues, I'm sure.
Steps to reproduce
- Log in to hosted plane.so
- Open an issue
- upload any file
- copy url and open in unauthenticated browser
- File opens
Environment
Production
Browser
Google Chrome
Variant
Cloud
Version
latest cloud
@alext-extracellular, this is a known issue, and our team is working on it with high priority. Since the migration is a bit complicated, we are ensuring data safety. We’ll have an update on this in a couple of days and plan to fix it by the next release.
@vihar Thank you for your assurances. If this issue is not necessary, feel free to remove it. Best of luck
Thanks, @alext-extracellular, we’ll keep this issue open and close it once the feature is shipped on Plane Cloud.
@vihar I know the team is working hard on this as you've set this to high priority. Are there any new news available for us? Last comment is around three months old. Thanks!
@JonnyBDev this feature will be shipped before week ending 20th Oct 2024
It would also be really helpful to have a migration document since, because of this blocker, we currently host the data locally on the machine where the plane container is running. After this, many people will be migrating from local to S3 and want to migrate the existing data, too. I would be happy to contribute and help prepare this page.
Duplicate on #4181 but on self-hosted environments. The fix is already on #5812, and will be soon shipped on our next release. Thank you for your patience.