@pi-r/aws 0.0.1

package/LICENSE

@@ -0,0 +1,7 @@
+Copyright 2023 An Pham
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

package/README.md

@@ -0,0 +1,5 @@
+### @pi-r/aws
+
+### LICENSE
+
+MIT

package/client/index.d.ts

@@ -0,0 +1,38 @@
+import type { ICloud, IModule } from '@e-mc/types/lib';
+import type { BucketWebsiteOptions, CloudDatabase } from '@e-mc/types/lib/cloud';
+import type { BatchQueryResult, QueryResult } from '@e-mc/types/lib/db';
+
+import type { AWSDatabaseCredential, AWSDatabaseQuery, AWSStorageCredential, BucketCannedACL, ConfigureBucketOptions } from '../types';
+
+import type { ConfigurationOptions } from 'aws-sdk/lib/core';
+import type { ServiceConfigurationOptions } from 'aws-sdk/lib/service';
+import type { DocumentClient } from 'aws-sdk/clients/dynamodb';
+import type { DynamoDBClientConfig } from '@aws-sdk/client-dynamodb';
+import type { CreateBucketRequest } from 'aws-sdk/clients/s3';
+
+declare namespace AWS {
+    function isAccessDefined(credential: Pick<ConfigurationOptions, "accessKeyId" | "secretAccessKey" | "sessionToken">): boolean;
+    function isEnvDefined(): boolean;
+    function isDatabaseDefined(credential: AWSDatabaseCredential, data: CloudDatabase): boolean;
+    function getPublicReadPolicy(bucket: string, authenticated?: boolean, write?: boolean): string;
+    function getBucketPublicReadPolicy(bucket: string): string;
+    function getPrivatePolicy(bucket: string): string;
+    function validateStorage(credential: AWSStorageCredential): boolean;
+    function validateDatabase(credential: AWSDatabaseCredential, data: CloudDatabase): boolean;
+    function createStorageClient(this: IModule, credential: AWSStorageCredential, service?: string, sdk?: string): boolean;
+    function createDatabaseClient(this: IModule, credential: AWSDatabaseCredential): DocumentClient;
+    function createBucket(this: IModule, credential: AWSStorageCredential, Bucket: string, publicRead?: boolean, service?: string, sdk?: string): Promise<boolean>;
+    function createBucketV2(this: IModule, credential: AWSStorageCredential, Bucket: string, ACL?: BucketCannedACL | 1, options?: CreateBucketRequest, service?: string, sdk?: string): Promise<boolean>;
+    function setBucketPolicy(this: IModule, credential: AWSStorageCredential, Bucket: string, options: ConfigureBucketOptions, service?: string, sdk?: string): Promise<boolean>;
+    function setBucketWebsite(this: IModule, credential: AWSStorageCredential, Bucket: string, options: BucketWebsiteOptions, service?: string, sdk?: string): Promise<boolean>;
+    function deleteObjects(this: IModule, credential: AWSStorageCredential, Bucket: string, service?: string, sdk?: string): Promise<void>;
+    function deleteObjectsV2(this: IModule, credential: AWSStorageCredential, Bucket: string, recursive?: boolean, service?: string, sdk?: string): Promise<void>;
+    function executeQuery(this: ICloud, credential: AWSDatabaseCredential, data: AWSDatabaseQuery, sessionKey?: string): Promise<QueryResult>;
+    function executeBatchQuery(this: ICloud, credential: AWSDatabaseCredential, batch: AWSDatabaseQuery[], sessionKey?: string): Promise<BatchQueryResult>;
+    function setDatabaseEndpoint(config: ServiceConfigurationOptions | DynamoDBClientConfig): void;
+    function checkBucketCannedACL(value: unknown): BucketCannedACL | undefined;
+    function getBucketKey(credential: unknown, Bucket: string, acl: string | undefined, service: string, sdk: string): string;
+    function isNoSuchBucket(err: unknown): boolean;
+}
+
+export = AWS;

package/client/index.js

@@ -0,0 +1,381 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isNoSuchBucket = exports.getBucketKey = exports.checkBucketCannedACL = exports.setDatabaseEndpoint = exports.executeBatchQuery = exports.executeQuery = exports.deleteObjectsV2 = exports.deleteObjects = exports.setBucketWebsite = exports.setBucketPolicy = exports.createBucketV2 = exports.createBucket = exports.createDatabaseClient = exports.createStorageClient = exports.validateDatabase = exports.validateStorage = exports.getPrivatePolicy = exports.getBucketPublicReadPolicy = exports.getPublicReadPolicy = exports.isDatabaseDefined = exports.isEnvDefined = exports.isAccessDefined = void 0;
+const types_1 = require("@e-mc/types");
+const util_1 = require("@e-mc/cloud/util");
+const Module = require("@e-mc/module");
+const Cloud = require("@e-mc/cloud");
+const ACP_AUTHENTICATEDREAD = {
+    Grants: [{
+            Grantee: { Type: 'Group', URI: 'http://acs.amazonaws.com/groups/global/AuthenticatedUsers' },
+            Permission: 'READ'
+        }]
+};
+async function setCannedAcl(S3, Bucket, ACL, service = 'aws', recursive) {
+    if (service === 'oci') {
+        return;
+    }
+    const callback = (err) => {
+        if (!err) {
+            this.formatMessage(64 /* LOG_TYPE.CLOUD */, service, ['Grant ' + ACL, Bucket], '', { ...recursive ? Cloud.LOG_CLOUD_DELAYED : Cloud.LOG_CLOUD_COMMAND });
+        }
+        else if (!recursive) {
+            if (err instanceof Error && err.code === 'OperationAborted') {
+                setTimeout(() => setCannedAcl.call(this, S3, Bucket, ACL, service, true), 60000 /* TIME.m */);
+                this.formatMessage(64 /* LOG_TYPE.CLOUD */, service, [`Grant ${ACL} (delayed)`, Bucket], err, { ...Cloud.LOG_CLOUD_DELAYED });
+            }
+            else {
+                this.formatMessage(64 /* LOG_TYPE.CLOUD */, service, ['Unable to grant ' + ACL, Bucket], err, { ...Cloud.LOG_CLOUD_WARN });
+            }
+        }
+    };
+    let promise;
+    if (service === 'ibm') {
+        if (ACL === 1) {
+            ACL = 'public-read';
+        }
+        promise = S3.putBucketAcl(ACL === 'authenticated-read' ? { Bucket, AccessControlPolicy: ACP_AUTHENTICATEDREAD } : { Bucket, ACL }).promise();
+    }
+    else {
+        switch (ACL) {
+            case 1:
+                promise = S3.putBucketPolicy({ Bucket, Policy: getBucketPublicReadPolicy(Bucket) }).promise();
+                break;
+            case 'public-read':
+                promise = S3.putBucketPolicy({ Bucket, Policy: getPublicReadPolicy(Bucket) }).promise();
+                break;
+            case 'public-read-write':
+                promise = S3.putBucketPolicy({ Bucket, Policy: getPublicReadPolicy(Bucket, false, true) }).promise();
+                break;
+            case 'authenticated-read':
+                promise = S3.putBucketPolicy({ Bucket, Policy: getPublicReadPolicy(Bucket, true) }).promise();
+                break;
+            default:
+                promise = S3.putBucketPolicy({ Bucket, Policy: getPrivatePolicy(Bucket) }).promise();
+                break;
+        }
+    }
+    return promise.then(() => callback(null)).catch(err => callback(err));
+}
+function isAccessDefined(credential) {
+    return !!(credential.accessKeyId && credential.secretAccessKey || credential.sessionToken);
+}
+exports.isAccessDefined = isAccessDefined;
+function isEnvDefined() {
+    return !!(process.env.AWS_ACCESS_KEY_ID && process.env.AWS_SECRET_ACCESS_KEY || process.env.AWS_SESSION_TOKEN);
+}
+exports.isEnvDefined = isEnvDefined;
+function isDatabaseDefined(credential, data) {
+    return !!(data.table && (credential.region || credential.endpoint || process.env.AWS_DEFAULT_REGION));
+}
+exports.isDatabaseDefined = isDatabaseDefined;
+function getPublicReadPolicy(bucket, authenticated, write) {
+    const Action = ["s3:GetObject", "s3:GetObjectVersion"];
+    if (write) {
+        Action.push("s3:PutObject", "s3:DeleteObjectVersion");
+    }
+    return JSON.stringify({
+        "Version": "2012-10-17",
+        "Statement": [{
+                "Sid": (authenticated ? "AuthenticatedRead" : "PublicRead") + (write ? "Write" : ""),
+                "Effect": "Allow",
+                "Principal": authenticated ? { "AWS": "*" } : "*",
+                "Action": Action,
+                "Resource": [`arn:aws:s3:::${bucket}/*`]
+            }]
+    });
+}
+exports.getPublicReadPolicy = getPublicReadPolicy;
+function getBucketPublicReadPolicy(bucket) {
+    return JSON.stringify({
+        "Version": "2012-10-17",
+        "Statement": [{
+                "Sid": "BucketPublicRead",
+                "Effect": "Allow",
+                "Principal": "*",
+                "Action": ["s3:ListBucket", "s3:ListBucketVersions", "s3:ListBucketMultipartUploads"],
+                "Resource": [`arn:aws:s3:::${bucket}`]
+            }]
+    });
+}
+exports.getBucketPublicReadPolicy = getBucketPublicReadPolicy;
+function getPrivatePolicy(bucket) {
+    return JSON.stringify({
+        "Version": "2012-10-17",
+        "Statement": [{
+                "Sid": "Private",
+                "Effect": "Deny",
+                "Principal": "*",
+                "Action": "*",
+                "Resource": [`arn:aws:s3:::${bucket}`, `arn:aws:s3:::${bucket}/*`]
+            }]
+    });
+}
+exports.getPrivatePolicy = getPrivatePolicy;
+function validateStorage(credential) {
+    return !!(isAccessDefined(credential) || isEnvDefined() || credential.fromPath || credential.profile || process.env.AWS_SDK_LOAD_CONFIG === '1');
+}
+exports.validateStorage = validateStorage;
+function validateDatabase(credential, data) {
+    return isDatabaseDefined(credential, data) && validateStorage(credential);
+}
+exports.validateDatabase = validateDatabase;
+function createStorageClient(credential, service = 'aws', sdk = 'aws-sdk/clients/s3') {
+    try {
+        if (service === 'aws') {
+            const S3 = require('aws-sdk/clients/s3');
+            if (credential.fromPath) {
+                const client = new S3();
+                client.config.loadFromPath(credential.fromPath);
+                return client;
+            }
+            if (credential.profile || process.env.AWS_SDK_LOAD_CONFIG === '1' && !isAccessDefined(credential) && !isEnvDefined()) {
+                const { SharedIniFileCredentials } = require('aws-sdk');
+                credential = new SharedIniFileCredentials({ profile: credential.profile });
+            }
+            return new S3(credential);
+        }
+        const S3 = require(sdk);
+        return new S3(credential);
+    }
+    catch (err) {
+        this.checkPackage(err, sdk.split('/')[0], { passThrough: true });
+        throw err;
+    }
+}
+exports.createStorageClient = createStorageClient;
+function createDatabaseClient(credential) {
+    try {
+        let options;
+        if (credential.fromPath) {
+            const AWS = require('aws-sdk');
+            AWS.config.loadFromPath(credential.fromPath);
+        }
+        else if (credential.profile || process.env.AWS_SDK_LOAD_CONFIG === '1' && !isAccessDefined(credential) && !isEnvDefined()) {
+            const { SharedIniFileCredentials } = require('aws-sdk');
+            options = new SharedIniFileCredentials({ profile: credential.profile });
+        }
+        else {
+            options = credential;
+        }
+        const DynamoDB = require('aws-sdk/clients/dynamodb');
+        return new DynamoDB.DocumentClient(options);
+    }
+    catch (err) {
+        this.checkPackage(err, 'aws-sdk', { passThrough: true });
+        throw err;
+    }
+}
+exports.createDatabaseClient = createDatabaseClient;
+function createBucket(credential, Bucket, publicRead, service = 'aws', sdk = 'aws-sdk/clients/s3') {
+    return createBucketV2.call(this, credential, Bucket, publicRead ? 'public-read' : undefined, undefined, service, sdk);
+}
+exports.createBucket = createBucket;
+function createBucketV2(credential, Bucket, ACL, options, service = 'aws', sdk = 'aws-sdk/clients/s3') {
+    ACL = ACL === 1 ? 1 : checkBucketCannedACL(ACL);
+    const S3 = createStorageClient.call(this, credential, service, sdk);
+    return S3.headBucket({ Bucket }).promise()
+        .then(async () => {
+        if (ACL) {
+            await setCannedAcl.call(this, S3, Bucket, ACL, service);
+        }
+        return true;
+    })
+        .catch(() => {
+        const input = { ...options, Bucket };
+        const region = credential.region;
+        if (!input.CreateBucketConfiguration && typeof region === 'string' && (region !== 'us-east-1' || service !== 'aws')) {
+            input.CreateBucketConfiguration = { LocationConstraint: region };
+        }
+        return S3.createBucket(input).promise()
+            .then(async () => {
+            this.formatMessage(64 /* LOG_TYPE.CLOUD */, service, ["Bucket created" /* VAL_CLOUD.CREATE_BUCKET */, Bucket], '', { ...Cloud.LOG_CLOUD_COMMAND });
+            if (ACL) {
+                await setCannedAcl.call(this, S3, Bucket, ACL, service);
+            }
+            return true;
+        })
+            .catch(async (err) => {
+            switch (err instanceof Error && err.code) {
+                case 'BucketAlreadyExists':
+                case 'BucketAlreadyOwnedByYou':
+                    if (ACL) {
+                        await setCannedAcl.call(this, S3, Bucket, ACL, service);
+                    }
+                    return true;
+                default:
+                    this.formatFail(64 /* LOG_TYPE.CLOUD */, service, ["Unable to create bucket" /* ERR_CLOUD.CREATE_BUCKET */, Bucket], err, { ...Cloud.LOG_CLOUD_FAIL });
+                    return false;
+            }
+        });
+    });
+}
+exports.createBucketV2 = createBucketV2;
+function setBucketPolicy(credential, Bucket, options, service = 'aws', sdk = 'aws-sdk/clients/s3') {
+    const S3 = createStorageClient.call(this, credential, service, sdk);
+    options.Bucket = Bucket;
+    if (service === 'ibm' && 'ACL' in options && options.ACL === 'authenticated-read') {
+        options.AccessControlPolicy = ACP_AUTHENTICATEDREAD;
+        delete options.ACL;
+    }
+    return ('Policy' in options && (0, types_1.isString)(options.Policy) && service !== 'ibm' ? S3.putBucketPolicy(options) : S3.putBucketAcl(options)).promise()
+        .then(() => {
+        this.formatMessage(64 /* LOG_TYPE.CLOUD */, service, ["Bucket policy configured" /* VAL_CLOUD.POLICY_BUCKET */, Bucket], '', { ...Cloud.LOG_CLOUD_COMMAND });
+        return true;
+    })
+        .catch(err => {
+        if (!(0, exports.isNoSuchBucket)(err)) {
+            this.formatFail(64 /* LOG_TYPE.CLOUD */, service, ["Unable to update bucket policy" /* ERR_CLOUD.POLICY_BUCKET */, Bucket], err, { ...Cloud.LOG_CLOUD_FAIL, fatal: false });
+        }
+        return false;
+    });
+}
+exports.setBucketPolicy = setBucketPolicy;
+function setBucketWebsite(credential, Bucket, options, service = 'aws', sdk = 'aws-sdk/clients/s3') {
+    const S3 = createStorageClient.call(this, credential, service, sdk);
+    const WebsiteConfiguration = {};
+    if ((0, types_1.isString)(options.indexPage)) {
+        WebsiteConfiguration.IndexDocument = { Suffix: options.indexPage };
+    }
+    if ((0, types_1.isString)(options.errorPage)) {
+        WebsiteConfiguration.ErrorDocument = { Key: options.errorPage };
+    }
+    return S3.putBucketWebsite({ Bucket, WebsiteConfiguration }).promise()
+        .then(() => {
+        this.formatMessage(64 /* LOG_TYPE.CLOUD */, service, ["Bucket configured" /* VAL_CLOUD.CONFIGURE_BUCKET */, Bucket], WebsiteConfiguration, { ...Cloud.LOG_CLOUD_COMMAND });
+        return true;
+    })
+        .catch(err => {
+        if (!(0, exports.isNoSuchBucket)(err)) {
+            this.formatFail(64 /* LOG_TYPE.CLOUD */, service, ["Unable to configure bucket" /* ERR_CLOUD.CONFIGURE_BUCKET */, Bucket], err, { ...Cloud.LOG_CLOUD_FAIL, fatal: false });
+        }
+        return false;
+    });
+}
+exports.setBucketWebsite = setBucketWebsite;
+function deleteObjects(credential, Bucket, service = 'aws', sdk = 'aws-sdk/clients/s3') {
+    return deleteObjectsV2.call(this, credential, Bucket, true, service, sdk);
+}
+exports.deleteObjects = deleteObjects;
+async function deleteObjectsV2(credential, Bucket, recursive = true, service = 'aws', sdk = 'aws-sdk/clients/s3') {
+    const S3 = createStorageClient.call(this, credential, service, sdk);
+    return S3.listObjects({ Bucket }).promise()
+        .then(({ Contents }) => {
+        if (Contents?.length) {
+            let Objects = Contents.map(data => ({ Key: data.Key }));
+            if (!recursive) {
+                Objects = Objects.filter(value => value.Key.indexOf('/') === -1);
+            }
+            return S3.deleteObjects({ Bucket, Delete: { Objects } }).promise()
+                .then(data => {
+                if ((0, types_1.isArray)(data.Deleted)) {
+                    const files = data.Deleted.length + ' files';
+                    this.formatMessage(64 /* LOG_TYPE.CLOUD */, service, ["Bucket emptied" /* VAL_CLOUD.EMPTY_BUCKET */ + ` (${recursive ? 'recursive' : files})`, Bucket], recursive ? files : '', { ...Cloud.LOG_CLOUD_COMMAND });
+                }
+            })
+                .catch(err => {
+                this.formatFail(64 /* LOG_TYPE.CLOUD */, service, ["Unable to empty bucket" /* ERR_CLOUD.DELETE_BUCKET */, Bucket], err, { ...Cloud.LOG_CLOUD_FAIL, fatal: false });
+            });
+        }
+    })
+        .catch(err => {
+        if (!(0, exports.isNoSuchBucket)(err)) {
+            this.formatFail(64 /* LOG_TYPE.CLOUD */, service, ["Unable to list bucket" /* ERR_CLOUD.LIST_BUCKET */, Bucket], err, { ...Cloud.LOG_CLOUD_FAIL, fatal: false });
+        }
+    });
+}
+exports.deleteObjectsV2 = deleteObjectsV2;
+async function executeQuery(credential, data, sessionKey) {
+    return (await executeBatchQuery.call(this, credential, [data], sessionKey))[0] || [];
+}
+exports.executeQuery = executeQuery;
+async function executeBatchQuery(credential, batch, sessionKey) {
+    const length = batch.length;
+    const result = new Array(length);
+    const caching = length > 0 && this.hasCache(batch[0].service, sessionKey);
+    const cacheValue = { value: this.valueOfKey(credential, 'cache'), sessionKey };
+    let client;
+    const createClient = () => {
+        setDatabaseEndpoint(credential);
+        return client || (client = createDatabaseClient.call(this, length === 1 ? credential : { ...credential }));
+    };
+    for (let i = 0; i < length; ++i) {
+        const item = batch[i];
+        const { service, table, id = '', query, partitionKey, key = partitionKey, limit = 0, update, ignoreCache } = item;
+        if (!table) {
+            throw (0, util_1.formatError)(item, "Missing database table" /* ERR_DB.TABLE */);
+        }
+        const renewCache = ignoreCache === 0;
+        const getCache = (value) => {
+            if (ignoreCache === 1) {
+                return;
+            }
+            cacheValue.renewCache = renewCache;
+            return this.getQueryResult(service, credential, value, cacheValue);
+        };
+        let rows, queryString = caching && ignoreCache !== true || ignoreCache === false || ignoreCache === 1 || renewCache ? table + '_' : '';
+        if (key && (id || (0, types_1.isPlainObject)(key))) {
+            if (queryString) {
+                queryString += Module.asString(key, true) + id;
+                if (!update && (rows = getCache(queryString))) {
+                    result[i] = rows;
+                    continue;
+                }
+            }
+            const Key = (0, types_1.isPlainObject)(key) ? key : { [key]: id };
+            const command = { TableName: table, Key };
+            client = createClient();
+            if (update) {
+                await client.update({ ...command, ...update }).promise();
+            }
+            const output = await client.get(command).promise();
+            if (output.Item) {
+                rows = [output.Item];
+            }
+        }
+        else if ((0, types_1.isPlainObject)(query)) {
+            if (queryString && (rows = getCache(queryString += Module.asString(query, true) + limit))) {
+                result[i] = rows;
+                continue;
+            }
+            query.TableName = table;
+            if (limit > 0) {
+                query.Limit = limit;
+            }
+            const output = await createClient().query(query).promise();
+            if (output.Count && output.Items) {
+                rows = output.Items;
+            }
+        }
+        else {
+            throw (0, util_1.formatError)(item, "Missing database query" /* ERR_DB.QUERY */);
+        }
+        result[i] = this.setQueryResult(service, credential, queryString, rows, cacheValue);
+    }
+    return result;
+}
+exports.executeBatchQuery = executeBatchQuery;
+function setDatabaseEndpoint(config) {
+    config.endpoint || (config.endpoint = `https://dynamodb.${(0, types_1.isString)(config.region) ? config.region : process.env.AWS_DEFAULT_REGION || 'us-east-1'}.amazonaws.com`);
+    if (!config.region && (0, types_1.isString)(config.endpoint)) {
+        const region = (/dynamodb\.([^.]+)\./i.exec(config.endpoint)?.[1] || process.env.AWS_DEFAULT_REGION)?.toLowerCase();
+        if (region && region !== 'us-east-1') {
+            config.region = region;
+        }
+    }
+}
+exports.setDatabaseEndpoint = setDatabaseEndpoint;
+function checkBucketCannedACL(value) {
+    switch (value) {
+        case 'private':
+        case 'public-read':
+        case 'public-read-write':
+        case 'authenticated-read':
+            return value;
+    }
+}
+exports.checkBucketCannedACL = checkBucketCannedACL;
+const getBucketKey = (credential, Bucket, acl, service, sdk) => Module.asString(credential, true) + Bucket + '_' + (acl || '') + service + sdk;
+exports.getBucketKey = getBucketKey;
+const isNoSuchBucket = (err) => err instanceof Error && err.code === 'NoSuchBucket';
+exports.isNoSuchBucket = isNoSuchBucket;

package/download/index.js

@@ -0,0 +1,40 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const client_1 = require("../client");
+const types_1 = require("@e-mc/types");
+const Module = require("@e-mc/module");
+const Cloud = require("@e-mc/cloud");
+function download(credential, service = 'aws', sdk = 'aws-sdk/clients/s3') {
+    const s3 = client_1.createStorageClient.call(this, credential, service, sdk);
+    return (data, callback) => {
+        const { bucket: Bucket, download: target } = data;
+        const Key = target.filename;
+        if (!Bucket || !Key) {
+            callback((0, types_1.errorValue)('Missing property', !Bucket ? 'Bucket' : 'Key'));
+            return;
+        }
+        const location = Module.joinPath(Bucket, Key);
+        const params = { Bucket, Key, VersionId: target.versionId };
+        s3.getObject(params, (err, result) => {
+            if (!err) {
+                callback(null, result.Body);
+                const deleteObject = target.deleteObject;
+                if (deleteObject) {
+                    s3.deleteObject((0, types_1.isPlainObject)(deleteObject) ? Object.assign(deleteObject, params) : params, error => {
+                        if (!error) {
+                            this.formatMessage(64 /* LOG_TYPE.CLOUD */, service, "Delete success" /* VAL_CLOUD.DELETE_FILE */, location, { ...Cloud.LOG_CLOUD_DELETE });
+                        }
+                        else {
+                            this.formatFail(64 /* LOG_TYPE.CLOUD */, service, ["Delete failed" /* ERR_CLOUD.DELETE_FAIL */, location], error, { ...Cloud.LOG_CLOUD_FAIL, fatal: !!target.active });
+                        }
+                    });
+                }
+            }
+            else {
+                callback(err);
+            }
+        });
+    };
+}
+
+module.exports = download;

package/package.json

@@ -0,0 +1,29 @@
+{
+  "name": "@pi-r/aws",
+  "version": "0.0.1",
+  "description": "AWS V2 cloud functions for E-mc.",
+  "main": "client/index.js",
+  "types": "client/index.d.ts",
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/anpham6/pi-r.git",
+    "directory": "src/cloud/aws"
+  },
+  "keywords": [
+    "squared",
+    "e-mc",
+    "squared-functions"
+  ],
+  "author": "An Pham <anpham6@gmail.com>",
+  "license": "MIT",
+  "homepage": "https://github.com/anpham6/pi-r#readme",
+  "dependencies": {
+    "@e-mc/cloud": "^0.4.0",
+    "@e-mc/module": "^0.4.0",
+    "@e-mc/types": "^0.4.0",
+    "aws-sdk": "^2.1337.0"
+  }
+}

package/types/index.d.ts

@@ -0,0 +1,23 @@
+
+import type { CloudDatabase } from '@e-mc/types/lib/cloud';
+
+import type { ConfigurationOptions } from 'aws-sdk/lib/core';
+import type { ServiceConfigurationOptions } from 'aws-sdk/lib/service';
+import type { Key, QueryInput, UpdateItemInput } from 'aws-sdk/clients/dynamodb';
+import type { PutBucketAclRequest, PutBucketPolicyRequest } from 'aws-sdk/clients/s3';
+
+export type BucketCannedACL = "authenticated-read" | "private" | "public-read" | "public-read-write";
+export type ObjectCannedACL = BucketCannedACL | "aws-exec-read" | "bucket-owner-full-control" | "bucket-owner-read";
+export type ConfigureBucketOptions = PutBucketAclRequest | PutBucketPolicyRequest;
+
+export interface AWSStorageCredential extends ConfigurationOptions {
+    profile?: string;
+    fromPath?: string;
+}
+
+export interface AWSDatabaseQuery extends CloudDatabase<QueryInput, PlainObject, UpdateItemInput> {
+    key?: string | Key;
+    partitionKey?: string | Key;
+}
+
+export interface AWSDatabaseCredential extends AWSStorageCredential, ServiceConfigurationOptions {}

package/upload/index.js

@@ -0,0 +1,133 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const path = require("path");
+const fs = require("fs");
+const client_1 = require("../client");
+const util_1 = require("@e-mc/cloud/util");
+const types_1 = require("@e-mc/types");
+const Module = require("@e-mc/module");
+const Cloud = require("@e-mc/cloud");
+const BUCKET_SESSION = new Set();
+const BUCKET_RESPONSE = {};
+function upload(credential, service = 'aws', sdk = 'aws-sdk/clients/s3') {
+    const s3 = client_1.createStorageClient.call(this, credential, service, sdk);
+    return async (data, callback) => {
+        var _a;
+        const { bucket: Bucket, localUri } = data;
+        const { pathname = '', fileGroup, contentType, metadata, endpoint, active, publicRead, acl, admin = {}, overwrite, options } = data.upload;
+        let filename = data.upload.filename || path.basename(localUri), bucketKey;
+        const cleanup = () => {
+            BUCKET_SESSION.delete(service + Bucket);
+            if (bucketKey && bucketKey in BUCKET_RESPONSE) {
+                delete BUCKET_RESPONSE[bucketKey];
+            }
+        };
+        const errorResponse = (err) => {
+            cleanup();
+            callback(err);
+        };
+        if (!BUCKET_SESSION.has(service + Bucket)) {
+            const bucketAcl = admin.publicRead ? 'public-read' : admin.acl;
+            const response = BUCKET_RESPONSE[_a = bucketKey = (0, client_1.getBucketKey)(credential, Bucket, bucketAcl, service, sdk)] || (BUCKET_RESPONSE[_a] = client_1.createBucketV2.call(this, credential, Bucket, bucketAcl, admin.configBucket?.create, service, sdk));
+            if (!await response) {
+                errorResponse(null);
+                return;
+            }
+            BUCKET_SESSION.add(service + Bucket);
+        }
+        if (!overwrite) {
+            const current = filename;
+            const next = (0, util_1.generateFilename)(filename);
+            let i = 0, exists;
+            do {
+                if (i > 0) {
+                    [filename, exists] = next(i);
+                    if (!exists) {
+                        break;
+                    }
+                }
+                exists = await s3.headObject({ Bucket, Key: pathname ? Module.joinPath(pathname, filename) : filename }).promise()
+                    .then(() => true)
+                    .catch((err) => {
+                    if (err instanceof Error && err.code !== 'NotFound') {
+                        filename = (0, types_1.generateUUID)() + path.extname(current);
+                    }
+                    return false;
+                });
+            } while (exists && ++i);
+            if (i > 0) {
+                this.formatMessage(64 /* LOG_TYPE.CLOUD */, service, ["File renamed" /* VAL_CLOUD.RENAME_FILE */, current], filename, { ...Cloud.LOG_CLOUD_WARN });
+            }
+        }
+        if (pathname) {
+            await s3.putObject({ Bucket, Key: pathname, Body: Buffer.from(''), ContentLength: 0 }).promise().catch(() => { });
+        }
+        const Key = [filename];
+        const Body = [data.buffer];
+        const ContentType = [contentType];
+        const addLog = (err) => err instanceof Error && this.addLog(this.statusType.WARN, err.message, service + ': ' + Bucket);
+        if (fileGroup) {
+            for (const [content, ext, localFile] of fileGroup) {
+                try {
+                    Body.push(typeof content === 'string' ? fs.readFileSync(content) : content);
+                    Key.push(ext === '.map' && localFile ? path.basename(localFile) : filename + ext);
+                }
+                catch (err) {
+                    addLog(err);
+                }
+            }
+        }
+        for (let i = 0; i < Key.length; ++i) {
+            const first = i === 0;
+            if (this.aborted) {
+                if (first) {
+                    errorResponse((0, types_1.createAbortError)());
+                }
+                return;
+            }
+            const params = { ...options, Bucket, Key: pathname + Key[i], Body: Body[i] };
+            const readable = publicRead || active && publicRead !== false && !acl;
+            if (first) {
+                params.ContentType || (params.ContentType = ContentType[i]);
+                if (readable) {
+                    params.ACL = 'public-read';
+                }
+                else if (acl) {
+                    params.ACL = acl;
+                }
+                if (metadata) {
+                    params.Metadata = metadata;
+                }
+            }
+            else {
+                params.ContentType = ContentType[i];
+                if (!params.ACL) {
+                    if (readable) {
+                        params.ACL = 'public-read';
+                    }
+                    else if (acl) {
+                        params.ACL = acl;
+                    }
+                }
+            }
+            s3.upload(params, (err, result) => {
+                if (!err) {
+                    const url = endpoint ? Module.joinPath(endpoint, result.Key) : result.Location;
+                    this.formatMessage(64 /* LOG_TYPE.CLOUD */, service, "Upload success" /* VAL_CLOUD.UPLOAD_FILE */, url, { ...Cloud.LOG_CLOUD_UPLOAD });
+                    if (first) {
+                        cleanup();
+                        callback(null, url);
+                    }
+                }
+                else if (first) {
+                    errorResponse(err);
+                }
+                else {
+                    addLog(err);
+                }
+            });
+        }
+    };
+}
+
+module.exports = upload;