add docs for protected storage level

[ceich]

I noticed that the code in Storage.ts supports protected content, while the docs do not. I added minimal content to docs files, and updated the api comments in Storage.ts.

Note: I had to use git commit -n because the tests look to have been broken by previous commits.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[codecov-io]

Codecov Report

Merging #626 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #626   +/-   ##
=======================================
  Coverage   87.28%   87.28%           
=======================================
  Files          72       72           
  Lines        3428     3428           
  Branches      652      652           
=======================================
  Hits         2992     2992           
  Misses        419      419           
  Partials       17       17

Impacted Files	Coverage Δ
packages/aws-amplify/src/Storage/Storage.ts	96.21% <ø> (ø)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 2283a9b...1905785. Read the comment docs.

[ceich]

After some experimentation and code-reading, I'm having trouble figuring out how one user might easily access another's protected storage items, since the Storage class hardcodes the current user's identity pool id in the _prefix() function.

It may not be worth adding protected to the docs unless there is a workaround.

My workaround would be to use the public level, and add my own prefixes (e.g. Cognito user pool sub values), to share files between users.

[mlabieniec]

@powerful23 does your pr for configurable prefixes address this?

[powerful23]

We need provide an option for people to pass idenetityId so that we can construct a path to get the object. For now users can only put or delete. The docs seems fine to me.

[mlabieniec]

@powerful23 does this pr address that?
#665

[powerful23]

@mlabieniec no that's about auth. What I mean is to do like

Storage.get(path, file, {
   level: 'protected', 
   identityId: 'XXXXXXX',
   ....
});

In that way one is able to read other's protected object

[ceich]

Thanks, waiting for identityId option so I can make use of protected!

[github-actions]

This pull request has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.