Examples of com.cloud.bridge.service.core.s3.S3AccessControlList

Package com.cloud.bridge.service.core.s3

Examples of com.cloud.bridge.service.core.s3.S3AccessControlList

com.cloud.bridge.service.core.s3.S3PutObjectInlineRequest
An S3AccessControlList is simply a holder of grants depicted as instances of S3Grant.

    
    
    // [B] Is the operationRequested included in the policy statement?
    //  -> if the value in "NotAction:" matches that requested then the statement does not apply
    //  (i.e., "refers to all actions other" than defined).
    PolicyActions notActions = oneStatement.getNotAction();
      //System.out.println( "Statement: NotAction:" + notActions + " op requested: " + operationRequested );


      if ( PolicyActions.UnknownAction != notActions ) {
         if (notActions == operationRequested) return false;
      }

View Full Code Here


        //
        SBucketVO sbucket = bucketDao.getByName(bucketName);
        if (sbucket == null) throw new NoSuchObjectException("Bucket " + bucketName + " does not exist");


        PolicyActions action = (includeVersions ? PolicyActions.ListBucketVersions : PolicyActions.ListBucket);
        S3PolicyContext context = new S3PolicyContext( action, bucketName );
        context.setEvalParam( ConditionKeys.MaxKeys, new String( "" + maxKeys ));
        context.setEvalParam( ConditionKeys.Prefix, prefix );
        context.setEvalParam( ConditionKeys.Delimiter, delimiter );
        verifyAccess( context, "SBucket", sbucket.getId(), SAcl.PERMISSION_READ );

View Full Code Here




        // [B] "The bucket owner by default has permissions to attach bucket policies to their buckets using PUT Bucket policy." 
        //  -> the bucket owner may want to restrict the IP address from where this can be executed
        String client = UserContext.current().getCanonicalUserId();
        S3PolicyContext context = new S3PolicyContext(
                PolicyActions.PutBucketPolicy, bucketName);


        switch (S3Engine.verifyPolicy(context)) {
        case ALLOW:
            break;

View Full Code Here

        // [B]
        // "The bucket owner by default has permissions to retrieve bucket policies using GET Bucket policy."
        // -> the bucket owner may want to restrict the IP address from where
        // this can be executed
        String client = UserContext.current().getCanonicalUserId();
        S3PolicyContext context = new S3PolicyContext(
                PolicyActions.GetBucketPolicy, bucketName);
        switch (S3Engine.verifyPolicy(context)) {
        case ALLOW:
            break;

View Full Code Here

        // [B] The owner may want to restrict the IP address at which this can be performed
        String client = UserContext.current().getCanonicalUserId();
        if (!client.equals( sbucket.getOwnerCanonicalId()))
            throw new PermissionDeniedException( "Access Denied - only the owner can read bucket versioning" );


        S3PolicyContext context = new S3PolicyContext( PolicyActions.GetBucketVersioning, bucketName );
        if (PolicyAccess.DENY == S3Engine.verifyPolicy( context )) {
            response.setStatus(403);
            return;
        }

View Full Code Here

            String client = UserContext.current().getCanonicalUserId();
            if (!client.equals(sbucket.getOwnerCanonicalId()))
                throw new PermissionDeniedException(
                        "Access Denied - only the owner can turn on versioing on a bucket");


            S3PolicyContext context = new S3PolicyContext(
                    PolicyActions.PutBucketVersioning, bucketName);
            if (PolicyAccess.DENY == S3Engine.verifyPolicy(context)) {
                response.setStatus(403);
                return;
            }

View Full Code Here

                    + " does not exist");
            response.setStatus(404);
            return;
        }


        S3PolicyContext context = new S3PolicyContext(
                PolicyActions.ListBucketMultipartUploads, bucketName);
        context.setEvalParam(ConditionKeys.Prefix, prefix);
        context.setEvalParam(ConditionKeys.Delimiter, delimiter);
        S3Engine.verifyAccess(context, "SBucket", bucket.getId(),
                SAcl.PERMISSION_READ);


        // [B] Query the multipart table to get the list of current uploads
        try {

View Full Code Here

            initiator = uploadDao.getInitiator( uploadId );
            if (null == initiator || !initiator.equals( UserContext.current().getAccessKey())) 
            {
                try {
                    // -> write permission on a bucket allows a PutObject / DeleteObject action on any object in the bucket
                    S3PolicyContext context = new S3PolicyContext( PolicyActions.ListMultipartUploadParts, bucketName );
                    context.setKeyName( exists.getSecond());
                    S3Engine.verifyAccess( context, "SBucket", bucket.getId(), SAcl.PERMISSION_WRITE );
                }
                catch (PermissionDeniedException e) {
                    response.setStatus(403);
                    return;

View Full Code Here

  public PutObjectInlineResponse putObjectInline (PutObjectInline putObjectInline) {
    return toPutObjectInlineResponse(engine.handleRequest(toEnginePutObjectInlineRequest(putObjectInline)));
    }
  
  private S3PutObjectInlineRequest toEnginePutObjectInlineRequest(PutObjectInline putObjectInline) {
    S3PutObjectInlineRequest request = new S3PutObjectInlineRequest();
    request.setAccessKey(putObjectInline.getAWSAccessKeyId());
    request.setRequestTimestamp(putObjectInline.getTimestamp());
    request.setSignature(putObjectInline.getSignature());
    request.setBucketName(putObjectInline.getBucket());
    request.setContentLength(putObjectInline.getContentLength());
    request.setKey(putObjectInline.getKey());
    request.setData(putObjectInline.getData());
    request.setMetaEntries(toEngineMetaEntries(putObjectInline.getMetadata()));
    request.setAcl(toEngineAccessControlList(putObjectInline.getAccessControlList()));
    return request;
  }

View Full Code Here


        long contentLength = Converter.toLong(request.getHeader("Content-Length"), 0);


        String bucket = (String) request.getAttribute(S3Constants.BUCKET_ATTR_KEY);
        String key    = (String) request.getAttribute(S3Constants.OBJECT_ATTR_KEY);
        S3PutObjectInlineRequest engineRequest = new S3PutObjectInlineRequest();
        engineRequest.setBucketName(bucket);
        engineRequest.setKey(key);
        engineRequest.setContentLength(contentLength);
        engineRequest.setMetaEntries( extractMetaData( request ));
        engineRequest.setCannedAccess( request.getHeader( "x-amz-acl" ));


        DataHandler dataHandler = new DataHandler(new ServletRequestDataSource(request));
        engineRequest.setData(dataHandler);


        S3PutObjectInlineResponse engineResponse = ServiceProvider.getInstance().getS3Engine().handleRequest(engineRequest);
        response.setHeader("ETag", "\"" + engineResponse.getETag() + "\"");
        String version = engineResponse.getVersion();
        if (null != version) response.addHeader( "x-amz-version-id", version );

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of com.cloud.bridge.service.core.s3.S3AccessControlList

com.cloud.bridge.io.S3CAStorBucketAdapter

com.cloud.bridge.io.S3FileSystemBucketAdapter

com.cloud.bridge.model.BucketPolicyVO

com.cloud.bridge.model.MHost

com.cloud.bridge.model.MHostMount

com.cloud.bridge.model.MHostMountVO

com.cloud.bridge.model.MHostVO

com.cloud.bridge.model.SAcl

com.cloud.bridge.model.SAclVO

com.cloud.bridge.model.SBucket

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.