/** * Revoke a permission for the given grantee, if this specific permission was granted. * * Note that you must be very explicit about the permissions you revoke, you cannot revoke * partial permissions and expect this class to determine the implied remaining permissions. For * example, if you revoke the {@link Permission#READ} permission from a grantee with * {@link Permission#FULL_CONTROL} access, <strong>the revocation will do nothing</strong> and * the grantee will retain full access. To change the access settings for this grantee, you must * first remove the {@link Permission#FULL_CONTROL} permission the add back the * {@link Permission#READ} permission. * * @param grantee * @param permission */ public AccessControlList revokePermission(Grantee grantee, String permission) { for (Iterator<Grant> it = grants.iterator(); it.hasNext();) { Grant grant = it.next(); if (grant.getGrantee().equals(grantee) && grant.getPermission().equals(permission)) { it.remove(); } } return this; }
/** * Revoke a permission for the given grantee, if this specific permission was granted. * * Note that you must be very explicit about the permissions you revoke, you cannot revoke * partial permissions and expect this class to determine the implied remaining permissions. For * example, if you revoke the {@link Permission#READ} permission from a grantee with * {@link Permission#FULL_CONTROL} access, <strong>the revocation will do nothing</strong> and * the grantee will retain full access. To change the access settings for this grantee, you must * first remove the {@link Permission#FULL_CONTROL} permission the add back the * {@link Permission#READ} permission. * * @param grantee * @param permission */ public AccessControlList revokePermission(Grantee grantee, String permission) { for (Iterator<Grant> it = grants.iterator(); it.hasNext();) { Grant grant = it.next(); if (grant.getGrantee().equals(grantee) && grant.getPermission().equals(permission)) { it.remove(); } } return this; }
/** * Revoke a permission for the given grantee, if this specific permission was granted. * * Note that you must be very explicit about the permissions you revoke, you cannot revoke * partial permissions and expect this class to determine the implied remaining permissions. For * example, if you revoke the {@link Permission#READ} permission from a grantee with * {@link Permission#FULL_CONTROL} access, <strong>the revocation will do nothing</strong> and * the grantee will retain full access. To change the access settings for this grantee, you must * first remove the {@link Permission#FULL_CONTROL} permission the add back the * {@link Permission#READ} permission. * * @param grantee * @param permission */ public AccessControlList revokePermission(Grantee grantee, String permission) { for (Iterator<Grant> it = grants.iterator(); it.hasNext();) { Grant grant = it.next(); if (grant.getGrantee().equals(grantee) && grant.getPermission().equals(permission)) { it.remove(); } } return this; }
.text(grant.getGrantee().getIdentifier()); grantBuilder.elem("Permission").text(grant.getPermission().toString());
.text(grant.getGrantee().getIdentifier()); grantBuilder.elem("Permission").text(grant.getPermission().toString());
.text(grant.getGrantee().getIdentifier()); grantBuilder.elem("Permission").text(grant.getPermission().toString());
protected XMLBuilder generateBuilder(BucketLogging bucketLogging) throws ParserConfigurationException, FactoryConfigurationError { XMLBuilder rootBuilder = XMLBuilder.create("BucketLoggingStatus") .attr("xmlns", S3Constants.S3_REST_API_XML_NAMESPACE).e("LoggingEnabled"); rootBuilder.e("TargetBucket").t(bucketLogging.getTargetBucket()); rootBuilder.e("TargetPrefix").t(bucketLogging.getTargetPrefix()); XMLBuilder grantsBuilder = rootBuilder.elem("TargetGrants"); for (Grant grant : bucketLogging.getTargetGrants()) { XMLBuilder grantBuilder = grantsBuilder.elem("Grant"); XMLBuilder granteeBuilder = grantBuilder.elem("Grantee").attr("xmlns:xsi", "http://www.w3.org/2001/XMLSchema-instance"); if (grant.getGrantee() instanceof GroupGrantee) { granteeBuilder.attr("xsi:type", "Group").elem("URI").text(grant.getGrantee().getIdentifier()); } else if (grant.getGrantee() instanceof CanonicalUserGrantee) { CanonicalUserGrantee grantee = (CanonicalUserGrantee) grant.getGrantee(); granteeBuilder.attr("xsi:type", "CanonicalUser").elem("ID").text(grantee.getIdentifier()).up(); if (grantee.getDisplayName() != null) { granteeBuilder.elem("DisplayName").text(grantee.getDisplayName()); } } else if (grant.getGrantee() instanceof EmailAddressGrantee) { granteeBuilder.attr("xsi:type", "AmazonCustomerByEmail").elem("EmailAddress") .text(grant.getGrantee().getIdentifier()); } grantBuilder.elem("Permission").text(grant.getPermission().toString()); } return grantsBuilder; }
protected XMLBuilder generateBuilder(BucketLogging bucketLogging) throws ParserConfigurationException, FactoryConfigurationError { XMLBuilder rootBuilder = XMLBuilder.create("BucketLoggingStatus") .attr("xmlns", S3Constants.S3_REST_API_XML_NAMESPACE).e("LoggingEnabled"); rootBuilder.e("TargetBucket").t(bucketLogging.getTargetBucket()); rootBuilder.e("TargetPrefix").t(bucketLogging.getTargetPrefix()); XMLBuilder grantsBuilder = rootBuilder.elem("TargetGrants"); for (Grant grant : bucketLogging.getTargetGrants()) { XMLBuilder grantBuilder = grantsBuilder.elem("Grant"); XMLBuilder granteeBuilder = grantBuilder.elem("Grantee").attr("xmlns:xsi", "http://www.w3.org/2001/XMLSchema-instance"); if (grant.getGrantee() instanceof GroupGrantee) { granteeBuilder.attr("xsi:type", "Group").elem("URI").text(grant.getGrantee().getIdentifier()); } else if (grant.getGrantee() instanceof CanonicalUserGrantee) { CanonicalUserGrantee grantee = (CanonicalUserGrantee) grant.getGrantee(); granteeBuilder.attr("xsi:type", "CanonicalUser").elem("ID").text(grantee.getIdentifier()).up(); if (grantee.getDisplayName() != null) { granteeBuilder.elem("DisplayName").text(grantee.getDisplayName()); } } else if (grant.getGrantee() instanceof EmailAddressGrantee) { granteeBuilder.attr("xsi:type", "AmazonCustomerByEmail").elem("EmailAddress") .text(grant.getGrantee().getIdentifier()); } grantBuilder.elem("Permission").text(grant.getPermission().toString()); } return grantsBuilder; }
protected XMLBuilder generateBuilder(BucketLogging bucketLogging) throws ParserConfigurationException, FactoryConfigurationError { XMLBuilder rootBuilder = XMLBuilder.create("BucketLoggingStatus") .attr("xmlns", S3Constants.S3_REST_API_XML_NAMESPACE).e("LoggingEnabled"); rootBuilder.e("TargetBucket").t(bucketLogging.getTargetBucket()); rootBuilder.e("TargetPrefix").t(bucketLogging.getTargetPrefix()); XMLBuilder grantsBuilder = rootBuilder.elem("TargetGrants"); for (Grant grant : bucketLogging.getTargetGrants()) { XMLBuilder grantBuilder = grantsBuilder.elem("Grant"); XMLBuilder granteeBuilder = grantBuilder.elem("Grantee").attr("xmlns:xsi", "http://www.w3.org/2001/XMLSchema-instance"); if (grant.getGrantee() instanceof GroupGrantee) { granteeBuilder.attr("xsi:type", "Group").elem("URI").text(grant.getGrantee().getIdentifier()); } else if (grant.getGrantee() instanceof CanonicalUserGrantee) { CanonicalUserGrantee grantee = (CanonicalUserGrantee) grant.getGrantee(); granteeBuilder.attr("xsi:type", "CanonicalUser").elem("ID").text(grantee.getIdentifier()).up(); if (grantee.getDisplayName() != null) { granteeBuilder.elem("DisplayName").text(grantee.getDisplayName()); } } else if (grant.getGrantee() instanceof EmailAddressGrantee) { granteeBuilder.attr("xsi:type", "AmazonCustomerByEmail").elem("EmailAddress") .text(grant.getGrantee().getIdentifier()); } grantBuilder.elem("Permission").text(grant.getPermission().toString()); } return grantsBuilder; }
protected XMLBuilder generateBuilder(BucketLogging bucketLogging) throws ParserConfigurationException, FactoryConfigurationError { XMLBuilder rootBuilder = XMLBuilder.create("BucketLoggingStatus") .attr("xmlns", S3Constants.S3_REST_API_XML_NAMESPACE).e("LoggingEnabled"); rootBuilder.e("TargetBucket").t(bucketLogging.getTargetBucket()); rootBuilder.e("TargetPrefix").t(bucketLogging.getTargetPrefix()); XMLBuilder grantsBuilder = rootBuilder.elem("TargetGrants"); for (Grant grant : bucketLogging.getTargetGrants()) { XMLBuilder grantBuilder = grantsBuilder.elem("Grant"); XMLBuilder granteeBuilder = grantBuilder.elem("Grantee").attr("xmlns:xsi", "http://www.w3.org/2001/XMLSchema-instance"); if (grant.getGrantee() instanceof GroupGrantee) { granteeBuilder.attr("xsi:type", "Group").elem("URI").text(grant.getGrantee().getIdentifier()); } else if (grant.getGrantee() instanceof CanonicalUserGrantee) { CanonicalUserGrantee grantee = (CanonicalUserGrantee) grant.getGrantee(); granteeBuilder.attr("xsi:type", "CanonicalUser").elem("ID").text(grantee.getIdentifier()).up(); if (grantee.getDisplayName() != null) { granteeBuilder.elem("DisplayName").text(grantee.getDisplayName()); } } else if (grant.getGrantee() instanceof EmailAddressGrantee) { granteeBuilder.attr("xsi:type", "AmazonCustomerByEmail").elem("EmailAddress") .text(grant.getGrantee().getIdentifier()); } grantBuilder.elem("Permission").text(grant.getPermission().toString()); } return grantsBuilder; }
/** * Revoke a permission for the given grantee, if this specific permission was granted. * * Note that you must be very explicit about the permissions you revoke, you cannot revoke * partial permissions and expect this class to determine the implied remaining permissions. For * example, if you revoke the {@link Permission#READ} permission from a grantee with * {@link Permission#FULL_CONTROL} access, <strong>the revocation will do nothing</strong> and * the grantee will retain full access. To change the access settings for this grantee, you must * first remove the {@link Permission#FULL_CONTROL} permission the add back the * {@link Permission#READ} permission. * * @param grantee * @param permission */ public AccessControlList revokePermission(Grantee grantee, String permission) { Collection<Grant> grantsForGrantee = findGrantsForGrantee(grantee.getIdentifier()); for (Grant grant : grantsForGrantee) { if (grant.getPermission().equals(permission)) { grants.remove(grant); } } return this; }
public void run() { try { BucketLogging newLogging = getApi().getBucketLogging(bucketName); assert newLogging != null; AccessControlList acl = new AccessControlList(); for (Grant grant : newLogging.getTargetGrants()) { // TODO: add permission // checking features to // bucketlogging acl.addPermission(grant.getGrantee(), grant.getPermission()); } // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by // email addr assertTrue(acl.hasPermission(TEST_ACL_ID, FULL_CONTROL), acl.toString()); assertEquals(logging.getTargetBucket(), newLogging.getTargetBucket()); assertEquals(logging.getTargetPrefix(), newLogging.getTargetPrefix()); } catch (Exception e) { Throwables.propagateIfPossible(e); } } });
/** * Revoke a permission for the given grantee, if this specific permission was granted. * * Note that you must be very explicit about the permissions you revoke, you cannot revoke * partial permissions and expect this class to determine the implied remaining permissions. For * example, if you revoke the {@link Permission#READ} permission from a grantee with * {@link Permission#FULL_CONTROL} access, <strong>the revocation will do nothing</strong> and * the grantee will retain full access. To change the access settings for this grantee, you must * first remove the {@link Permission#FULL_CONTROL} permission the add back the * {@link Permission#READ} permission. * * @param grantee * @param permission */ public AccessControlList revokePermission(Grantee grantee, String permission) { Collection<Grant> grantsForGrantee = findGrantsForGrantee(grantee.getIdentifier()); for (Grant grant : grantsForGrantee) { if (grant.getPermission().equals(permission)) { grants.remove(grant); } } return this; }
protected XMLBuilder generateBuilder(BucketLogging bucketLogging) throws ParserConfigurationException, FactoryConfigurationError { XMLBuilder rootBuilder = XMLBuilder.create("BucketLoggingStatus") .attr("xmlns", S3Constants.S3_REST_API_XML_NAMESPACE).e("LoggingEnabled"); rootBuilder.e("TargetBucket").t(bucketLogging.getTargetBucket()); rootBuilder.e("TargetPrefix").t(bucketLogging.getTargetPrefix()); XMLBuilder grantsBuilder = rootBuilder.elem("TargetGrants"); for (Grant grant : bucketLogging.getTargetGrants()) { XMLBuilder grantBuilder = grantsBuilder.elem("Grant"); XMLBuilder granteeBuilder = grantBuilder.elem("Grantee").attr("xmlns:xsi", "http://www.w3.org/2001/XMLSchema-instance"); if (grant.getGrantee() instanceof GroupGrantee) { granteeBuilder.attr("xsi:type", "Group").elem("URI").text(grant.getGrantee().getIdentifier()); } else if (grant.getGrantee() instanceof CanonicalUserGrantee) { CanonicalUserGrantee grantee = (CanonicalUserGrantee) grant.getGrantee(); granteeBuilder.attr("xsi:type", "CanonicalUser").elem("ID").text(grantee.getIdentifier()).up(); if (grantee.getDisplayName() != null) { granteeBuilder.elem("DisplayName").text(grantee.getDisplayName()); } } else if (grant.getGrantee() instanceof EmailAddressGrantee) { granteeBuilder.attr("xsi:type", "AmazonCustomerByEmail").elem("EmailAddress") .text(grant.getGrantee().getIdentifier()); } grantBuilder.elem("Permission").text(grant.getPermission().toString()); } return grantsBuilder; }
public void run() { try { BucketLogging newLogging = getApi().getBucketLogging(bucketName); assert newLogging !=null; AccessControlList acl = new AccessControlList(); for (Grant grant : newLogging.getTargetGrants()) { // TODO: add permission // checking features to // bucketlogging acl.addPermission(grant.getGrantee(), grant.getPermission()); } // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by // email addr assertTrue(acl.hasPermission(StubS3AsyncClient.TEST_ACL_ID, Permission.FULL_CONTROL), acl.toString()); assertEquals(logging.getTargetBucket(), newLogging.getTargetBucket()); assertEquals(logging.getTargetPrefix(), newLogging.getTargetPrefix()); } catch (Exception e) { Throwables.propagateIfPossible(e); } } });
public String apply(Grant g) { return g.getPermission(); } });
public String apply(Grant g) { return g.getPermission(); } });
public String apply(Grant g) { return g.getPermission(); } });
public String apply(Grant g) { return g.getPermission(); } });
public String apply(Grant g) { return g.getPermission(); } });