URL url = new URL(s3Url + "/" + bucketName + "/" + RestUtils.encodeUrlString(privateKey));
assertEquals("Expected denied access (403) error", 403, ((HttpURLConnection) url
.openConnection()).getResponseCode());
// Get ACL details for private object so we can determine the bucket owner.
AccessControlList bucketACL = s3Service.getBucketAcl(bucket);
S3Owner bucketOwner = bucketACL.getOwner();
// Create a public object.
String publicKey = "Public Object #1";
object = new S3Object(bucket, publicKey, "Public object sample text");
AccessControlList acl = new AccessControlList();
acl.setOwner(bucketOwner);
acl.grantPermission(GroupGrantee.ALL_USERS, Permission.PERMISSION_READ);
object.setAcl(acl);
s3Service.putObject(bucket, object);
url = new URL(s3Url + "/" + bucketName + "/" + RestUtils.encodeUrlString(publicKey));
assertEquals("Expected access (200)",
200, ((HttpURLConnection)url.openConnection()).getResponseCode());
// Update ACL to make private object public.
AccessControlList privateToPublicACL = s3Service.getObjectAcl(bucket, privateKey);
privateToPublicACL.grantPermission(GroupGrantee.ALL_USERS, Permission.PERMISSION_READ);
object.setKey(privateKey);
object.setAcl(privateToPublicACL);
s3Service.putObjectAcl(bucket, object);
url = new URL(s3Url + "/" + bucketName + "/" + RestUtils.encodeUrlString(privateKey));
assertEquals("Expected access (200)", 200, ((HttpURLConnection) url.openConnection())
.getResponseCode());
// Create a non-standard uncanned public object.
String publicKey2 = "Public Object #2";
object = new S3Object(publicKey2);
object.setAcl(privateToPublicACL); // This ACL has ALL_USERS READ permission set above.
s3Service.putObject(bucket, object);
url = new URL(s3Url + "/" + bucketName + "/" + RestUtils.encodeUrlString(publicKey2));
assertEquals("Expected access (200)", 200, ((HttpURLConnection) url.openConnection())
.getResponseCode());
// Update ACL to make public object private.
AccessControlList publicToPrivateACL = s3Service.getObjectAcl(bucket, publicKey);
publicToPrivateACL.revokeAllPermissions(GroupGrantee.ALL_USERS);
object.setKey(publicKey);
object.setAcl(publicToPrivateACL);
s3Service.putObjectAcl(bucket, object);
url = new URL(s3Url + "/" + bucketName + "/" + RestUtils.encodeUrlString(publicKey));
assertEquals("Expected denied access (403) error", 403, ((HttpURLConnection) url