- Fix MEDIA_ROOT path to match Docker volume mount (/app/myproject/media)
- Update docker-compose.yml volume mounts to match MEDIA_ROOT
- Add setup_directories() function in entrypoint.sh to create media directories with proper permissions
- Add logging to TenantAwareFileSystemStorage for debugging
- Fix is_returned flag logic improvements (from previous work)
Critical fix for Celery photo processing. The storage class now correctly
handles file reading operations by automatically adding tenant_id prefix
when opening files.
Problems fixed:
- Celery tasks could not open image files from storage
- PIL/Pillow couldn't locate files in tenant-specific directories
- temp file deletion was failing due to path validation
Changes:
- Added _open() method to add tenant_id prefix when opening files
- Added path() method to convert relative paths to full filesystem paths
- Updated delete() method to handle paths with or without tenant prefix
- All methods include security checks to prevent cross-tenant access
Testing:
- All 5 existing tests pass
- Verified photo processing task works end-to-end:
* Reads temp image file from disk
* Processes and creates all image versions
* Saves processed files to tenant-specific directory
* Cleans up temporary files correctly
- Files correctly stored in: media/tenants/{tenant_id}/products/{product_id}/{photo_id}/
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
Resolves critical bug where photos of products with the same ID in different
tenants were overwriting each other. Implemented complete isolation of media
files between tenants using custom Django storage backend.
## Changes
### New Files
- products/utils/storage.py: TenantAwareFileSystemStorage backend
* Automatically adds tenant_id to file paths on disk
* Prevents cross-tenant file access with security checks
* Stores clean paths in DB for portability
- products/tests/test_multi_tenant_photos.py: Comprehensive tests
* 5 tests covering isolation, security, and configuration
* All tests passing ✅
- MULTITENANT_PHOTO_FIX.md: Complete documentation
### Modified Files
- settings.py: Configured DEFAULT_FILE_STORAGE to use TenantAwareFileSystemStorage
- products/models/photos.py:
* Converted upload_to from strings to callable functions
* Updated ProductPhoto, ProductKitPhoto, ProductCategoryPhoto
* Added tenant isolation documentation
- products/tasks.py: Added documentation about file structure
- products/utils/image_processor.py: Added documentation
- products/utils/image_service.py: Added documentation
## Architecture
**On disk:** media/tenants/{tenant_id}/products/{entity_id}/{photo_id}/{size}.ext
**In DB:** products/{entity_id}/{photo_id}/{size}.ext
Tenant ID is automatically added/removed during file operations.
## Security
- Storage rejects cross-tenant file access
- Proper tenant context validation
- Integration with django-tenants schema system
## Testing
- All 5 multi-tenant photo tests pass
- Verified photo paths are isolated per tenant
- Verified storage rejects cross-tenant access
- Verified configuration is correct
## Future-proof
- Ready for S3 migration (just change storage backend)
- No breaking changes to existing code
- Clean separation of concerns
Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
