External API Calls - Data Access Layer or Service Layer? - service-layer

I have an N-tiered application:
Database
Domain Layer
Data Access Layer
Service Layer
Presentation Layers (iOS, Android, MVC 3)
I am trying to employ the Google Api for Picasa for users to upload photos. Where is a good place to put the logic for uploading functionality, picasa authentication in the Data Access Layer or in IImageService within my Service Layer?
I think it should be within the Service Layer but I am not totally sure.
I also have a Domain Class for Images
public class Image
{
public int ImageId {get; set;}
public string Name {get; set;}
public string Src {get; set;}
public string AltText {get; set;}
}

Related

how to use same Custom domain names for 2 API Mapping in AWS

I have Public REST API in which the Resource per API quota is reached, we don't want to extend the quota as of now so for work-around we create one more API and want to map new api enter image description herewith the existing Custom domain name dev-api-gateway.abc.com . but when we try to map api using GUI getting this error
"Base path already exists for this domain name"

AWS: Amazon S3 - not able to "Make public via ACL" (Module 3 Guided Lab - Hosting a Static Website)

I've followed all the steps mentioned in the guide as they told me to. But I just am not able to make it public, and I have been struck with this issue since the last 3 days.
Detailed help would be really appreciated. Thank you
To be able to make public objects using any method, first you need to disable 'Block public access' option on the bucket level.
This configuration is over 'Permissions' tab of the bucket:
Edit it and uncheck 'Block all public access' (it can be customized to block making public object using specific mecanism like ACLs or access points):
Reference:
Blocking public access to your Amazon S3 storage

How to block public access on S3 bucket while allowing my rest API and mobile apps to access the files

Use Case:
I want to be able to:
Upload images and audio files from my backend to S3 bucket
List and view/play content on my backend
Return the objects URLs in API responses
Mobile apps can view/play the URLs with or without? authentication from the mobile side
Is that possible without making the S3 bucket public ?
Is that possible without making the S3 bucket public ?
Yes, it should be possible. Since you are using EC2 instance for backend, you, you can setup instance role to enable private and secure access of your backed application to S3. In the role, you would allow S3 read/write. This way, if your application is using AWS SDK, you can seamlessly access S3 without making S3 public.
Regarding the links to the object, the general way is to return S3 pre-signed links. This allows for temporary access to your objects without the need for public access. The alternative is to share your objects through CloudFront as explained in Amazon S3 + Amazon CloudFront: A Match Made in the Cloud. In either case, bucket can be private.

Block s3 public url access for my image and only show the image in mobile app or website

I have upload all my images in s3 bucket and allowing it to show in my website using s3 url, but when I access the s3 url directly in browser it showing the image, I want to block those access
Can anyone help me on how to Block s3 public url access for my image and only show the image in mobile app or website.
All objects in Amazon S3 are private by default.
Access to objects can be granted in several ways:
A Bucket Policy can make a whole bucket (or a part of a bucket) public to everyone. It is also possible to specify restrictions, such as IP address and referer.
An Access Control List on an object can make the object public (for everyone)
An IAM Policy can grant access to objects for specific IAM Users
A pre-signed URL can provide temporary access to a private object
Based upon your question, I would recommend:
Keep the objects private (remove Bucket Policies and ACLs)
When a user wishes to access an image or other object, your application determines whether the user is permitted to access the object (this logic is totally up to you to write in your application)
If they are permitted, your application can create a pre-signed URL in a few lines of code, which will allow the mobile app or website to access the object for a limited time period that your app specifies (eg 5 minutes). After this time period, the URL will no longer provide access.
Thus, your application has full control over whether somebody is permitted to access the image, while still serving the content directly from Amazon S3 (eg in a web page via a <img> tag).
See: Share an Object with Others - Amazon Simple Storage Service

What is the Google Cloud Storage public read uri?

I created a google cloud storage bucket and set it's ACL to public-read.
What is the unauthenticated URI to objects in my new bucket?
I tried this:
https://www.googleapis.com/storage/v1/my-new-bucket/my-object
as outlined here but it returns "Not found"
Here's an example public object URL: http://pub.storage.googleapis.com/shakespeare/rose.txt
Other examples of the same resource:
https://storage.googleapis.com/pub/shakespeare/rose.txt
https://pub.storage.googleapis.com/shakespeare/rose.txt
Our JSON API also allows for object downloads, but it's not designed for serving web requests.These URLs will usually involve some redirects and/or the server instructing the browser to treat the object as an attachment:
https://www.googleapis.com/storage/v1/b/pub/o/shakespeare%2Frose.txt?alt=media
To access public objects, you need to edit its permissions by following these steps either for an individual object or a group of objects. After you set your permissions, a link icon will appear in the public access column. That's the public URL for your object.