Add configuration for controlling ACL (permissions) of uploaded screenshots/pdfs

[berzniz]

The pdf feature currently uploads files to S3 with the ACL of public-read which is open for everyone to download. In some scenarios it is desirable to have better privacy for the generated files, for example when capturing sensitive information.

The suggested change keeps the default public-read and adds a CHROMELESS_S3_OBJECT_ACL configuration to the serverless.yml file.

Note: Running npm test locally works so I'm not sure what happens on the CI environment. I see other PRs are also having similar problems with the tests.

[berzniz]

Is there anything I can do more to help this get into master? As I noted in the original message, the tests fail on the CI for me and other PRs and not because of this change.

[adieuadieu]

Hi @berzniz — Thank you for this! Sorry about the delayed response.

[berzniz]

Oh no... I seem to introduce a bug here where the env-var name isn't consistent. It doesn't break anything, but the new functionality doesn't apply.

It should be:

function getS3FilesPermissions() {
  return process.env['CHROMELESS_S3_OBJECT_ACL'] || 'public-read'
}

And not:

function getS3FilesPermissions() {
  return process.env['CHROMELESS_S3_FILES_PERMISSIONS'] || 'public-read'
}

Should I issue a new PR?

[adieuadieu]

Ah. Shoot. Yes; a PR would be great.

[berzniz]

Added #382