IO-3092 Additional comments, email compatibility.

server/media/imgproxy-media.js

@@ -24,9 +24,7 @@ const {
 const archiver = require("archiver");
 const stream = require("node:stream");
 
-const imgproxyBaseUrl =
-  // `https://u4gzpp5wm437dnm75qa42tvza40fguqr.lambda-url.ca-central-1.on.aws` || //Direct Lambda function access to bypass CDN.
-  process.env.IMGPROXY_BASE_URL;
+const imgproxyBaseUrl = process.env.IMGPROXY_BASE_URL; // `https://u4gzpp5wm437dnm75qa42tvza40fguqr.lambda-url.ca-central-1.on.aws` //Direct Lambda function access to bypass CDN.
 const imgproxyKey = process.env.IMGPROXY_KEY;
 const imgproxySalt = process.env.IMGPROXY_SALT;
 const imgproxyDestinationBucket = process.env.IMGPROXY_DESTINATION_BUCKET;
@@ -38,17 +36,9 @@ exports.generateSignedUploadUrls = async (req, res) => {
   try {
     logger.log("imgproxy-upload-start", "DEBUG", req.user?.email, jobid, { filenames, bodyshopid, jobid });
 
-    //TODO: Ensure that the user has access to the given bodyshopid.
-    //This can be done by querying associations, or, maintaining a REDIS cache of user permissions.
-    const hasAccess = true; //TODO: Ensure this is not hardcoded.
-    if (!hasAccess) {
-      res.send(403);
-      return;
-    }
-
     const signedUrls = [];
     for (const filename of filenames) {
-      const key = filename; //GenerateKey({ bodyshopid, jobid, filename });
+      const key = filename; 
       const client = new S3Client({ region: InstanceRegion() });
       const command = new PutObjectCommand({
         Bucket: imgproxyDestinationBucket,
@@ -258,7 +248,6 @@ exports.deleteFiles = async (req, res) => {
     });
 
     const result = await Promise.all(deleteTransactions);
-    console.log("*** ~ file: imgprox-media.js:260 ~ exports.deleteFiles ~ result:", result);
     const errors = result.filter((d) => d.error);
 
     //Delete only the succesful deletes.