Examples of com.amazonaws.services.s3.model.AccessControlList

com.amazonaws.services.s3.model.AccessControlList

Represents an Amazon S3 Access Control List (ACL), including the ACL's set of grantees and the permissions assigned to each grantee.

Each bucket and object in Amazon S3 has an ACL that defines its access control policy. When a request is made, Amazon S3 authenticates the request using its standard authentication procedure and then checks the ACL to verify the sender was granted access to the bucket or object. If the sender is approved, the request proceeds. Otherwise, Amazon S3 returns an error.

An ACL contains a list of grants. Each grant consists of one grantee and one permission. ACLs only grant permissions; they do not deny them.

For convenience, some commonly used ACLs are defined in {@link CannedAccessControlList}.

Note: Bucket and object ACLs are completely independent; an object does not inherit an ACL from its bucket. For example, if you create a bucket and grant write access to another user, you will not be able to access the user's objects unless the user explicitly grants access. This also applies if you grant anonymous write access to a bucket. Only the user "anonymous" will be able to access objects the user created unless permission is explicitly granted to the bucket owner.

Important: Do not grant the anonymous group write access to buckets, as you will have no control over the objects others can store and their associated charges. For more information, see {@link Grantee} and {@link Permissions}.
@see CannedAccessControlList

   * @return Current Access control list for a file
   * @throws FileSystemException
   */
  public Acl getAcl() throws FileSystemException {
    Acl myAcl = new Acl();
    AccessControlList s3Acl;
    try {
      s3Acl = getS3Acl();
    } catch (Exception e) {
      throw new FileSystemException(e);
    }


    // Get S3 file owner
    Owner owner = s3Acl.getOwner();
    fileOwner = owner;


    // Read S3 ACL list and build VFS ACL.
    Set<Grant> grants = s3Acl.getGrants();


    for (Grant item : grants) {
      // Map enums to jets3t ones
      Permission perm = item.getPermission();
      Acl.Permission[] rights;

View Full Code Here

   * @throws FileSystemException
   */
  public void setAcl(Acl acl) throws FileSystemException {


    // Create empty S3 ACL list
    AccessControlList s3Acl = new AccessControlList();


    // Get file owner
    Owner owner;
    try {
      owner = getS3Owner();
    } catch (Exception e) {
      throw new FileSystemException(e);
    }
    s3Acl.setOwner(owner);


    // Iterate over VFS ACL rules and fill S3 ACL list
    Hashtable<Acl.Group, Acl.Permission[]> rules = acl.getRules();
    Enumeration<Acl.Group> keys = rules.keys();
    Acl.Permission[] allRights = Acl.Permission.values();
    while (keys.hasMoreElements()) {
      Acl.Group group = keys.nextElement();
      Acl.Permission[] rights = rules.get(group);


      if (rights.length == 0) {
        // Skip empty rights
        continue;
      }


      // Set permission
      Permission perm;
      if (ArrayUtils.isEquals(rights, allRights)) {
        // Use ArrayUtils instead of native equals method.
        // JRE1.6 enum[].equals behavior is very strange:
        // Two equal by elements arrays are not equal
        // Yeah, AFAIK its like that for any array.
        perm = Permission.FullControl;
      } else if (acl.isAllowed(group, Acl.Permission.READ)) {
        perm = Permission.Read;
      } else if (acl.isAllowed(group, Acl.Permission.WRITE)) {
        perm = Permission.Write;
      } else {
        logger.error(String.format("Skip unknown set of rights %s",
            rights.toString()));
        continue;
      }


      // Set grantee
      Grantee grantee;
      if (group.equals(Acl.Group.EVERYONE)) {
        grantee = GroupGrantee.AllUsers;
      } else if (group.equals(Acl.Group.AUTHORIZED)) {
        grantee = GroupGrantee.AuthenticatedUsers;
      } else if (group.equals(Acl.Group.OWNER)) {
        grantee = new CanonicalGrantee(owner.getId());
      } else {
        logger.error(String.format("Skip unknown group %s", group));
        continue;
      }


      // Grant permission
      s3Acl.grantPermission(grantee, perm);
    }


    // Put ACL to S3
    try {
      putS3Acl(s3Acl);

View Full Code Here

     * @see com.amazonaws.services.s3.AmazonS3#setBucketAcl(com.amazonaws.services.s3.SetBucketAclRequest)
     */
    public void setBucketAcl(SetBucketAclRequest setBucketAclRequest)
            throws AmazonClientException, AmazonServiceException {
        String bucketName = setBucketAclRequest.getBucketName();
        AccessControlList acl = setBucketAclRequest.getAcl();
        CannedAccessControlList cannedAcl = setBucketAclRequest.getCannedAcl();
        assertParameterNotNull(bucketName, "The bucket name parameter must be specified when setting a bucket's ACL");


        if (acl != null) {
            setAcl(bucketName, null, null, acl, setBucketAclRequest);

View Full Code Here


    @Override
    public void setBucketAcl(SetBucketAclRequest setBucketAclRequest)
            throws AmazonClientException, AmazonServiceException {
        String bucketName = setBucketAclRequest.getBucketName();
        AccessControlList acl = setBucketAclRequest.getAcl();
        CannedAccessControlList cannedAcl = setBucketAclRequest.getCannedAcl();
        assertParameterNotNull(bucketName, "The bucket name parameter must be specified when setting a bucket's ACL");


        if (acl != null) {
            setAcl(bucketName, null, null, acl, setBucketAclRequest);

View Full Code Here

     * @see com.amazonaws.services.s3.AmazonS3#setBucketAcl(com.amazonaws.services.s3.SetBucketAclRequest)
     */
    public void setBucketAcl(SetBucketAclRequest setBucketAclRequest)
        throws AmazonClientException, AmazonServiceException {
      String bucketName = setBucketAclRequest.getBucketName();
      AccessControlList acl = setBucketAclRequest.getAcl();
      CannedAccessControlList cannedAcl = setBucketAclRequest.getCannedAcl();
        assertParameterNotNull(bucketName, "The bucket name parameter must be specified when setting a bucket's ACL");


        if (acl != null) {
          setAcl(bucketName, null, null, acl, setBucketAclRequest);

View Full Code Here

     * @see com.amazonaws.services.s3.AmazonS3#setBucketAcl(com.amazonaws.services.s3.SetBucketAclRequest)
     */
    public void setBucketAcl(SetBucketAclRequest setBucketAclRequest)
        throws AmazonClientException, AmazonServiceException {
      String bucketName = setBucketAclRequest.getBucketName();
      AccessControlList acl = setBucketAclRequest.getAcl();
      CannedAccessControlList cannedAcl = setBucketAclRequest.getCannedAcl();
        assertParameterNotNull(bucketName, "The bucket name parameter must be specified when setting a bucket's ACL");


        if (acl != null) {
          setAcl(bucketName, null, null, acl, setBucketAclRequest);

View Full Code Here


        public void startElement(String uri, String name, String qName, Attributes attrs) {
            if (name.equals("Owner")) {
                owner = new Owner();
            } else if (name.equals("AccessControlList")) {
                accessControlList = new AccessControlList();
                accessControlList.setOwner(owner);
                insideACL = true;
            } else if (name.equals("Grantee")) {
                String type = XmlResponsesSaxParser.findAttributeValue( "xsi:type", attrs );
                if ("AmazonCustomerByEmail".equals(type)) {

View Full Code Here

     * @see com.amazonaws.services.s3.AmazonS3#setBucketAcl(com.amazonaws.services.s3.SetBucketAclRequest)
     */
    public void setBucketAcl(SetBucketAclRequest setBucketAclRequest)
        throws AmazonClientException, AmazonServiceException {
      String bucketName = setBucketAclRequest.getBucketName();
      AccessControlList acl = setBucketAclRequest.getAcl();
      CannedAccessControlList cannedAcl = setBucketAclRequest.getCannedAcl();
        assertParameterNotNull(bucketName, "The bucket name parameter must be specified when setting a bucket's ACL");


        if (acl != null) {
          setAcl(bucketName, null, null, acl, setBucketAclRequest);

View Full Code Here

     * @see com.amazonaws.services.s3.AmazonS3#setBucketAcl(com.amazonaws.services.s3.SetBucketAclRequest)
     */
    public void setBucketAcl(SetBucketAclRequest setBucketAclRequest)
        throws AmazonClientException, AmazonServiceException {
      String bucketName = setBucketAclRequest.getBucketName();
      AccessControlList acl = setBucketAclRequest.getAcl();
      CannedAccessControlList cannedAcl = setBucketAclRequest.getCannedAcl();
        assertParameterNotNull(bucketName, "The bucket name parameter must be specified when setting a bucket's ACL");


        if (acl != null) {
          setAcl(bucketName, null, null, acl, setBucketAclRequest);

View Full Code Here


        public void startElement(String uri, String name, String qName, Attributes attrs) {
            if (name.equals("Owner")) {
                owner = new Owner();
            } else if (name.equals("AccessControlList")) {
                accessControlList = new AccessControlList();
                accessControlList.setOwner(owner);
                insideACL = true;
            } else if (name.equals("Grantee")) {
                String type = XmlResponsesSaxParser.findAttributeValue( "xsi:type", attrs );
                if ("AmazonCustomerByEmail".equals(type)) {

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of com.amazonaws.services.s3.model.AccessControlList

amazon.AmazonS3Driver

br.com.ingenieux.mojo.beanstalk.bundle.UploadSourceBundleMojo

com.amazonaws.AmazonWebServiceRequest

com.amazonaws.auth.AWSCredentials

com.amazonaws.ClientConfiguration

com.amazonaws.event.ProgressListener

com.amazonaws.event.ProgressListenerChain

com.amazonaws.http.HttpRequest

com.amazonaws.services.glacier.transfer.ArchiveTransferManager

com.amazonaws.services.s3.AmazonS3Client

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.