File and Folder Permission on an external disc are invalid

LordRazen · September 7, 2023, 2:54pm

I’m not sure if this is a setup problem or a bug, so any help is welcome:

I’ve multiple environments with my website. While dev and staging write the uploads in the storage/app/uploads directory, prod is configured with an external disc in the filesystems

filesystems.php

        'uploads' => [
            'driver' => (env('APP_ENV') === "prod") ? 'sftp' : 'local',
            'root' => (env('APP_ENV') === "prod")
                ? env('UPLOADS_ROOT')
                : storage_path('app/uploads'),
            'url' => (env('APP_ENV') === "prod")
                ? env('UPLOADS_URL')
                : '/storage/app/uploads',

            # Only used on sftp driver
            'host' => env('UPLOADS_HOST'),
            'port' => (int) env('UPLOADS_PORT'),
            'username' => env('UPLOADS_USERNAME'),
            'password' => env('UPLOADS_PASSWORD'),

            # Probably only local
            'visibility' => 'public',
            'throw' => false,
        ],

While the folders and files are written with 755 and 644 in the storage/app folder, they’re written with 700 and 644 on the external drive which leads to accessability problems of those uploads (or visibility problems if it’s for images).

I’ve this here in the .env, too:

DEFAULT_FILE_MASK=664
DEFAULT_FOLDER_MASK=775

Any idea why this could happen?

Thanks for the support already

EDIT: I also recognized that the file paths are wrong if you quote the FOLDER and FILE_MASK in the .env with single quotes. That’s definitly strange o_O

daft · September 28, 2023, 2:08am

The external drive may need a “umask” set, which is the default permissions for newly created files and folders. This is outside the scope of Laravel’s filesystem drivers.

LordRazen · October 10, 2023, 3:32pm

It wasnt umask. I tested it on and on, folders which were created directly via SFTP were set correctly so I started searching for this issue in relation with Flysystem and found this issue:

github.com/laravel/framework

Folders created for a new file with public permissions are created with private permissions (the resulting file would not accessible publicly)

opened 11:55AM - 31 May 22 UTC

closed 11:30AM - 02 Jun 22 UTC

hmones

bug

- Laravel Version: 9.11 - PHP Version: 8.1 - Database Driver & Version: NA …### Description: If the user wants to store a new file (with public permissions) in the storage folder in a path that has folders that do not exist at the time of file creation. Then the folders will be created with private permissions and not public permissions like the file. This will render the file inaccessible. ### Steps To Reproduce: - Make sure the permissions are stored correctly in `flysystems.php` for public folders `0755` and for private folders `0700` - Go to tinker and paste this command to create a new file `Storage::put('hello/world/helloworld.txt', 'hello', 'public');` or `Storage::put('hello/world/helloworld.txt', 'hello');` - Go to the folder `/app/storage/app` and view the permissions for folder `hello` ### Expected Result: - The folders `hello` and `world` will have 0755 permission (public). ### Actual Result: - The folders `hello` and `world` will have 0700 permission (private).

One member posted a working solution:

Actually, this is because Flysystem v3 is a bit stricter on directory permissions and has private visibility for directories by default. The files will also still be accessible. I tried that with setting the public storage link and put the directory and the file in the storage/app/public directory and I was able to access the file through the web. It doesn’t matter if the directory is private.

You can set a separate 'directory_visibility' => 'public', in your disk config if you want.

I added this to my filesystem config file and the problem was gone.

Here’s some more info about this:

I hope this might help somebody in the future