A custom plugin for a client who needed a method for uploading user-specific files to Amazon S3, and securely display them only to authorized users in the admin.
The first component of this project was to build a user-friendly, drag-and-drop file uploader that was integrated with the client’s Amazon S3 account. The uploader was added to a custom page in the WordPress admin. When files are dropped, they are sent to a specific S3 bucket, and are stored in folders according to a user ID for better organization of bucket files.
Next was the ability to pull files according to the user’s profile. For example, when the user being viewed has an ID of 1, it would pull all the files from
bucket/1. Files could also be deleted from the bucket with just the click of a button.
Lastly, the files that are associated with each user should be accessible only to certain administrators with the proper authorization – meaning, not just anybody can view these files. This involved setting a custom Bucket Policy in Amazon S3 to grant GET access for requests originating only from the client’s website, and deny requests from everywhere else. When requested, the file is then displayed in a preview window, with certain page interactions disabled to prevent unauthorized saving of the files.
Thoughts on the Custom Client Files project.
What the client said...
I choose this rating [5 stars on Codeable] because it reflects the excellence with which Ren worked for us. We couldn't be more happy with his performance and results on all levels.