Versions Compared

Old Version 4

changes.mady.by.user John Hill

Saved on

compared with

New Version 5

changes.mady.by.user John Hill

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Currently, each file in Synapse must be downloaded individually.  This works well for many use cases but there are cases where this leads to performance issues.  In order to download a file a client must first request a pre-signed URL.  The file can then be downloaded using a HTTPS GET on the returned pre-signed URL.  For large files, the time spent on the actual download far exceeds the time spent getting the URL.  For a small file, the request for the pre-signed URL can take as long as the actual file download.  This can be significant bottleneck some use cases.  For example, a user may need to download all of the files from a table entity with one or more file columns.  If all of the files are small then the requests for each file's pre-signed URL becomes the bottleneck.   Therefore, we propose adding a new asynchronous services to allow users to download multiple files with a single request.

Download via Associated Object

There is a secondary issue with the current implementation of file download in Synapse.  Since files do not have any type of Access Control List (ACL) or other mechanism for controlling download permission, only the creator of the file handle can directly download the file using the file handle id.  In order to make a file available to download to other users, the file's creator must first associate the file handle with an object that does have an ACL, such as a FileEntity, TableEntity, or WikiPage.  Users are then expected to download the file via the associated object.  The following example illustrates how this currently works:

  1. User A uploads a file and creates thereby creating a FileHandle with an id=1.
  2. User A then creates a FileEntity with an entityId=123 using the FileHandle.id=1.
  3. If user B has the download permission on entityId=123 then they can request a pre-signed URL for that file using: GET /entity/123/file
  4. The resulting pre-signed URL can then be used to download file (FileHandle.id=1).

If user B were to attempt to directly access a pre-signed URL for the same file using GET /file/1 then Synapse would return an unauthorized result (403) even though they are authorized to download it through the association with entityId=123.  The reason for this is Synapse does not currently have a generic system for tracking which files have been associated with which object.  Instead, when user B calls GET /entity/123/file, Synapse first verifies that user B has access to entityId=123 and then looks up the current file handle id associated with.cannot lookup the associated object given a file handle id.  This is a based on how the file data is stored in Synapse:

  • Trivial: Given an object.id and object.type lookup the associated fileHandle.id
  • Non-Trivial: Given fileHandle.id lookup the associated object.id and object.type.

We need to change how file data is stored in Synapse to make it trivial to lookup the associated object.id and object.type given a fileHandle.id.  Then it would be possible for user B, in the above example, to download the file using GET /file/1.

 

REST API