Alternative ways for delivering export results

AH 20/12/2023 16:02

Is your feature request related to a problem? Please describe.
Currently we can export almost any record set at the Decidim administrator panel. After a while, the exported dataset is delivered to the user's email box.

This can be a problem with some transactional email providers as they set the size limit for attachments to very low amounts, such as 2 MB for the whole message, including its headers, body and attachments, base64 encoded.

Describe the solution you'd like
I would like to explore alternative ways for delivering the data exports. The problem we have with them is that they can take a lot of time which is why they are processed in the background. Once the background job completes, it does not have any way to "push" its result back to the user other than sending it through email.

I propose that we would have a temporary admin storage (or user specific) where these files could be stored at. After a specific period, the older files would be cleared off from this storage automatically, so the user could only access those files during a certain period. Also, this would require these files to be protected from unauthorized access so in other words, accessing these files should be only possible for admin users (or the specific user with the user specific direction).

The delivery notification could be still sent through email but instead of the email containing the file as an attachment, it would contain a protected link to that file (which would check that the user is signed in and has access to that file).

Describe alternatives you've considered
Using other transactional email services, but this might still be a problem with some of the larger exports.

Additional context
When using cloud storage providers (Amazon S3, Google Cloud Storage, Azure Files, etc), these files should not live within the same data container / bucket as the publicly facing files, such as proposal attachments, process images, etc.

These files should live in a separate private container which is only accessed by the Rails application itself. And the delivery of these files should happen through a normal controller which would first download the file from the cloud storage and then deliver it to the user.

Does this issue could impact on users private data?
No, unless the files contain some private data. But access to these files should be protected to start with.

Funded by
N/A

Comment

Filter results for category: Internal use - Please don't use this field

Fingerprint

The piece of text below is a shortened, hashed representation of this content. It is useful to ensure the content has not been tampered with, as a single modification would result in a totally different value.

Value: b699c13d981db4a8c3ab081a7a0833eca75f3d3ba34e1cb817c5af3e669bc5d6

Source:

{"body":{"en":"<p><strong>Is your feature request related to a problem? Please describe.</strong><br>Currently we can export almost any record set at the Decidim administrator panel. After a while, the exported dataset is delivered to the user's email box.</p><p>This can be a problem with some transactional email providers as they set the size limit for attachments to very low amounts, such as 2 MB for the whole message, including its headers, body and attachments, base64 encoded.</p><p><strong>Describe the solution you'd like</strong><br>I would like to explore alternative ways for delivering the data exports. The problem we have with them is that they can take a lot of time which is why they are processed in the background. Once the background job completes, it does not have any way to \"push\" its result back to the user other than sending it through email.</p><p>I propose that we would have a temporary admin storage (or user specific) where these files could be stored at. After a specific period, the older files would be cleared off from this storage automatically, so the user could only access those files during a certain period. Also, this would require these files to be protected from unauthorized access so in other words, accessing these files should be only possible for admin users (or the specific user with the user specific direction).</p><p>The delivery notification could be still sent through email but instead of the email containing the file as an attachment, it would contain a protected link to that file (which would check that the user is signed in and has access to that file).</p><p><strong>Describe alternatives you've considered</strong><br>Using other transactional email services, but this might still be a problem with some of the larger exports.</p><p><strong>Additional context</strong><br>When using cloud storage providers (Amazon S3, Google Cloud Storage, Azure Files, etc), these files should not live within the same data container / bucket as the publicly facing files, such as proposal attachments, process images, etc.</p><p>These files should live in a separate private container which is only accessed by the Rails application itself. And the delivery of these files should happen through a normal controller which would first download the file from the cloud storage and then deliver it to the user.</p><p><strong>Does this issue could impact on users private data?</strong><br>No, unless the files contain some private data. But access to these files should be protected to start with.</p><p><strong>Funded by</strong><br>N/A</p>"},"title":{"en":"Alternative ways for delivering export results"}}

This fingerprint is calculated using a SHA256 hashing algorithm. In order to replicate it yourself, you can use an MD5 calculator online and copy-paste the source data.

Essential

Preferences

Analytics and statistics

Marketing

Alternative ways for delivering export results

Please log in

Cookie settings

Essential

Preferences

Analytics and statistics

Marketing

Alternative ways for delivering export results

Confirm

Please log in

Share