Glossary
Executive Summary
The purpose of the Patron Profile pictures feature in the Users App is to enable the secure storage, display, and management of profile photos for individual patrons within the FOLIO platform.
Requirements
Functional Requirements
Functional requirements are described in the UXPROD ticket
Non-Functional Requirements
Configurability:
- Storage type for pictures should be configurable (e.g. database, S3-like storage)
Security:
- Patron Profile Photos should be accessed by permissioned staff via the Users App.
- Authorized library staff can view and manage (upload, view, update, delete) photos for patron accounts.
Encryption:
- Patron photos should be securely stored with proper encryption and access controls to protect sensitive information.
Assumptions
- External sources for profile pictures should have public access. No support for authentication/authorization mechanism is planned for such picture sources.
- No migration is required from previous sources of profile pictures
Target Architecture
The target solution implementation consists of the following:
- Storage abstraction layer to allow configurability through environment variables. Storage interface must be implemented with read and write methods. Implementations in spring should be configured through
@ConditionalOnProperty
- Following Object storage should be supported:
- AWS S3 (for cloud installations)
- Minio (for on-premise environments)
- For database storage files should be encrypted with AES-256 algorithm, and object storage should support native encryption (minio, s3)
- Thumbnails generation must be done during the upload process and persisted in the same storage as the pictures themselves
- If the profile picture is provided as an external link, then the file should be uploaded and treated the same way as a regular file upload
Sequence diagram of profile picture upload:
Sequence diagram for fetching profile picture: