/** * Revoke a permission for the given grantee, if this specific permission was granted. * * Note that you must be very explicit about the permissions you revoke, you cannot revoke * partial permissions and expect this class to determine the implied remaining permissions. For * example, if you revoke the {@link Permission#READ} permission from a grantee with * {@link Permission#FULL_CONTROL} access, <strong>the revocation will do nothing</strong> and * the grantee will retain full access. To change the access settings for this grantee, you must * first remove the {@link Permission#FULL_CONTROL} permission the add back the * {@link Permission#READ} permission. * * @param grantee * @param permission */ public AccessControlList revokePermission(Grantee grantee, Permission permission) { Collection<Grant> grantsForGrantee = findGrantsForGrantee(grantee.getIdentifier()); for (Grant grant : grantsForGrantee) { if (grant.getPermission().equals(permission)) { grants.remove(grant); } } return this; }
grant.getGrantee().getIdentifier()); grantBuilder.elem("Permission").text(grant.getPermission().toString());
protected XMLBuilder generateBuilder(BucketLogging bucketLogging) throws ParserConfigurationException, FactoryConfigurationError { XMLBuilder rootBuilder = XMLBuilder.create("BucketLoggingStatus").attr("xmlns", S3Constants.S3_REST_API_XML_NAMESPACE).e("LoggingEnabled"); rootBuilder.e("TargetBucket").t(bucketLogging.getTargetBucket()); rootBuilder.e("TargetPrefix").t(bucketLogging.getTargetPrefix()); XMLBuilder grantsBuilder = rootBuilder.elem("TargetGrants"); for (Grant grant : bucketLogging.getTargetGrants()) { XMLBuilder grantBuilder = grantsBuilder.elem("Grant"); XMLBuilder granteeBuilder = grantBuilder.elem("Grantee").attr("xmlns:xsi", "http://www.w3.org/2001/XMLSchema-instance"); if (grant.getGrantee() instanceof GroupGrantee) { granteeBuilder.attr("xsi:type", "Group").elem("URI").text( grant.getGrantee().getIdentifier()); } else if (grant.getGrantee() instanceof CanonicalUserGrantee) { CanonicalUserGrantee grantee = (CanonicalUserGrantee) grant.getGrantee(); granteeBuilder.attr("xsi:type", "CanonicalUser").elem("ID").text( grantee.getIdentifier()).up(); if (grantee.getDisplayName() != null) { granteeBuilder.elem("DisplayName").text(grantee.getDisplayName()); } } else if (grant.getGrantee() instanceof EmailAddressGrantee) { granteeBuilder.attr("xsi:type", "AmazonCustomerByEmail").elem("EmailAddress").text( grant.getGrantee().getIdentifier()); } grantBuilder.elem("Permission").text(grant.getPermission().toString()); } return grantsBuilder; }
public Permission apply(Grant g) { return g.getPermission(); } });