Package org.jets3t.service.acl

Examples of org.jets3t.service.acl.AccessControlList

59
60
61
62
63
64
65
        return new RestS3Service(credentials, null, null, properties);
    }

    @Override
    protected AccessControlList buildAccessControlList() {
        return new AccessControlList();
    }
View Full Code Here
97
98
99
100
101
102
103
        super();
    }

    @Override
    protected AccessControlList buildAccessControlList() {
        return new AccessControlList();
    }
View Full Code Here
567
568
569
570
571
572
573
574
575
576
577
578
579
                completedObject.getMetadata("test-md-value"));
            assertEquals(
                metadata.get("test-timestamp-value").toString(),
                completedObject.getMetadata("test-timestamp-value").toString());
            // Confirm completed object has expected canned ACL settings
            AccessControlList completedObjectACL =
                service.getObjectAcl(bucketName, testMultipartUpload.getObjectKey());
            assertTrue(completedObjectACL.hasGranteeAndPermission(
                GroupGrantee.AUTHENTICATED_USERS, Permission.PERMISSION_READ));
        } finally {
            cleanupBucketForTest("testMultipartUploads");
        }
    }
View Full Code Here
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
            bos.write(testDataOverLimit);
            bos.close();
            testDataOverLimit = null; // Free up a some memory

            // Setup non-canned ACL
            AccessControlList testACL = buildAccessControlList();
            testACL.setOwner(service.getAccountOwner());
            testACL.grantPermission(GroupGrantee.AUTHENTICATED_USERS, Permission.PERMISSION_READ);

            // Setup file-based object
            StorageObject objectViaConvenienceMethod = new StorageObject(testDataFile);
            objectViaConvenienceMethod.setKey("multipart-object-via-convenience-method.txt");
            objectViaConvenienceMethod.addMetadata("my-metadata", "convenient? yes!");
            objectViaConvenienceMethod.setAcl(testACL);
            objectViaConvenienceMethod.setStorageClass(S3Object.STORAGE_CLASS_REDUCED_REDUNDANCY);

            // Upload object
            service.putObjectMaybeAsMultipart(bucketName, objectViaConvenienceMethod, fiveMB);

            // Confirm completed object exists and has expected metadata
            objectViaConvenienceMethod = service.getObjectDetails(
                bucketName, objectViaConvenienceMethod.getKey());
            assertEquals(
                "convenient? yes!",
                objectViaConvenienceMethod.getMetadata("my-metadata"));

            // Confirm custom ACL was applied automatically
            AccessControlList aclViaConvenienceMethod = service.getObjectAcl(
                bucketName, objectViaConvenienceMethod.getKey());
            assertEquals(
                testACL.getPermissionsForGrantee(GroupGrantee.AUTHENTICATED_USERS),
                aclViaConvenienceMethod.getPermissionsForGrantee(GroupGrantee.AUTHENTICATED_USERS));

            // Confirm completed object was indeed uploaded as a multipart upload,
            // not a standard PUT (ETag is not a valid MD5 hash in this case)
            assertFalse(ServiceUtils.isEtagAlsoAnMD5Hash(
                objectViaConvenienceMethod.getETag()));
View Full Code Here
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
            URL url = new URL(linkUrlPrefix + "/" + bucketName + "/" + RestUtils.encodeUrlString(privateKey));
            assertEquals("Expected denied access (403) error", 403, ((HttpURLConnection) url
                .openConnection()).getResponseCode());

            // Get ACL details for private object so we can determine the account owner ID.
            AccessControlList objectACL = service.getObjectAcl(bucketName, privateKey);
            StorageOwner accountOwner = objectACL.getOwner();

            // Create a public object.
            String publicKey = "Public Object - " + System.currentTimeMillis();
            object = new StorageObject(publicKey, "Public object sample text");
            AccessControlList acl = buildAccessControlList();
            acl.setOwner(accountOwner);
            acl.grantPermission(allUsersGrantee, Permission.PERMISSION_READ);
            object.setAcl(acl);
            service.putObject(bucketName, object);
            url = new URL(linkUrlPrefix + "/" + bucketName + "/" + RestUtils.encodeUrlString(publicKey));
            assertEquals("Expected access (200)",
                    200, ((HttpURLConnection)url.openConnection()).getResponseCode());

            // Update ACL to make private object public.
            AccessControlList privateToPublicACL = service.getObjectAcl(bucketName, privateKey);
            privateToPublicACL.grantPermission(allUsersGrantee, Permission.PERMISSION_READ);
            object.setKey(privateKey);
            object.setAcl(privateToPublicACL);
            service.putObjectAcl(bucketName, object);
            url = new URL(linkUrlPrefix + "/" + bucketName + "/" + RestUtils.encodeUrlString(privateKey));
            assertEquals("Expected access (200)", 200, ((HttpURLConnection) url.openConnection())
                .getResponseCode());

            // Create a non-standard uncanned public object.
            String publicKey2 = "Public Object - " + System.currentTimeMillis();
            object = new StorageObject(publicKey2);
            object.setAcl(privateToPublicACL); // This ACL has ALL_USERS READ permission set above.
            service.putObject(bucketName, object);
            url = new URL(linkUrlPrefix + "/" + bucketName + "/" + RestUtils.encodeUrlString(publicKey2));
            assertEquals("Expected access (200)", 200, ((HttpURLConnection) url.openConnection())
                .getResponseCode());

            // Update ACL to make public object private.
            AccessControlList publicToPrivateACL = service.getObjectAcl(bucketName, publicKey);
            publicToPrivateACL.revokeAllPermissions(allUsersGrantee);
            object.setKey(publicKey);
            object.setAcl(publicToPrivateACL);
            service.putObjectAcl(bucketName, object);
            // TODO: Google Storage quirk: It may take some time for public object to become private again
            if (TARGET_SERVICE_GS.equals(getTargetService())) {
                // Confirm changes were applied on object's ACL, because we don't know
                // how long to wait until the object will really become private again.
                AccessControlList updatedAcl = service.getObjectAcl(bucketName, object.getKey());
                assertFalse(updatedAcl.hasGranteeAndPermission(
                    allUsersGrantee, Permission.PERMISSION_READ));
                assertEquals(0, updatedAcl.getPermissionsForGrantee(allUsersGrantee).size());
            } else {
                // In S3, objects are made private immediately.
                url = new URL(linkUrlPrefix + "/" + bucketName + "/" + RestUtils.encodeUrlString(publicKey));
                assertEquals("Expected denied access (403) error", 403, ((HttpURLConnection) url
                    .openConnection()).getResponseCode());
View Full Code Here
876
877
878
879
880
881
882
883
884
885
886
    public void testACLManagementViaRestHeaders() throws Exception {
        RestStorageService service = getStorageService(getCredentials());
        StorageBucket bucket = createBucketForTest("testACLManagementViaRestHeaders");

        AccessControlList publicHeaderAcl = null;
        if (service instanceof GoogleStorageService) {
            publicHeaderAcl = GSAccessControlList.REST_CANNED_PUBLIC_READ;
        } else {
            publicHeaderAcl = AccessControlList.REST_CANNED_PUBLIC_READ;
        }
View Full Code Here
419
420
421
422
423
424
425
426
427
428
429
430
            // Display grants table.
            grantsTable.setVisible(true);
            while (grantsTableModel.getRowCount() > 0) {
                grantsTableModel.removeRow(0);
            }
            AccessControlList acl = bucket.getAcl();
            for (GrantAndPermission gap: acl.getGrantAndPermissions()) {
                grantsTableModel.addRow(new Object[] {
                    gap.getGrantee().getIdentifier(), gap.getPermission().toString()});
            }
        } else {
            grantsTable.setVisible(false);
View Full Code Here
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
        }

        public void run() {
            try {
                if (signedAclUrl == null) {
                    AccessControlList acl = s3Service.getObjectAcl(bucket, object.getKey());
                    object.setAcl(acl);
                    result = object;
                } else {
                    SignedUrlHandler handler = s3Service;
                    AccessControlList acl = handler.getObjectAclWithSignedUrl(signedAclUrl);
                    URL url = new URL(signedAclUrl);
                    object = ServiceUtils.buildObjectFromUrl(
                        url.getHost(), url.getPath(), s3Service.getEndpoint());
                    object.setAcl(acl);
                    result = object;
View Full Code Here
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
    {
        try {
            assertValidBucket(bucket, "Put Versioned Object Access Control List");
            assertValidObject(object, "Put Versioned Object Access Control List");
            String objectKey = object.getKey();
            AccessControlList acl = object.getAcl();
            if (acl == null) {
                throw new S3ServiceException("The object '" + objectKey +
                    "' does not include ACL information");
            }
            putObjectAclImpl(bucket.getName(), objectKey, acl, versionId);
View Full Code Here
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
                }
                boolean isSetLoggingGroupWrite = false;
                boolean isSetLoggingGroupReadACP = false;
                String groupIdentifier = GroupGrantee.LOG_DELIVERY.getIdentifier();

                AccessControlList logBucketACL = getBucketAcl(status.getTargetBucketName());

                for (GrantAndPermission gap: logBucketACL.getGrantAndPermissions()) {
                    if (groupIdentifier.equals(gap.getGrantee().getIdentifier())) {
                        // Found a Group Grantee.
                        if (gap.getPermission().equals(Permission.PERMISSION_WRITE)) {
                            isSetLoggingGroupWrite = true;
                            if (log.isDebugEnabled()) {
                                log.debug("Target bucket '" + status.getTargetBucketName() + "' has ACL "
                                        + "permission " + Permission.PERMISSION_WRITE + " for group " +
                                        groupIdentifier);
                            }
                        } else if (gap.getPermission().equals(Permission.PERMISSION_READ_ACP)) {
                            isSetLoggingGroupReadACP = true;
                            if (log.isDebugEnabled()) {
                                log.debug("Target bucket '" + status.getTargetBucketName() + "' has ACL "
                                    + "permission " + Permission.PERMISSION_READ_ACP + " for group " +
                                    groupIdentifier);
                            }
                        }
                    }
                }

                // Update target bucket's ACL if necessary.
                if (!isSetLoggingGroupWrite || !isSetLoggingGroupReadACP) {
                    if (log.isWarnEnabled()) {
                        log.warn("Target logging bucket '" + status.getTargetBucketName()
                            + "' does not have the necessary ACL settings, updating ACL now");
                    }

                    logBucketACL.grantPermission(GroupGrantee.LOG_DELIVERY, Permission.PERMISSION_WRITE);
                    logBucketACL.grantPermission(GroupGrantee.LOG_DELIVERY, Permission.PERMISSION_READ_ACP);
                    putBucketAcl(status.getTargetBucketName(), logBucketACL);
                } else {
                    if (log.isDebugEnabled()) {
                        log.debug("Target logging bucket '" + status.getTargetBucketName()
                            + "' has the necessary ACL settings");
View Full Code Here
TOP

Related Classes of org.jets3t.service.acl.AccessControlList

  • com.jamesmurty.utils.XMLBuilder
  • com.netflix.suro.sink.remotefile.GrantAcl
  • com.netflix.suro.sink.remotefile.TestGrantAcl
  • org.continuouscity.Application
  • org.globus.workspace.cloud.client.util.CumulusTask
  • org.jets3t.apps.cockpit.Cockpit
  • org.jets3t.apps.cockpit.gui.AccessControlDialog
  • org.jets3t.apps.cockpitlite.CockpitLite
  • org.jets3t.gui.ItemPropertiesDialog
  • org.jets3t.samples.CodeSamples
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.