/** * Add a permission for the given group grantee. * * @param groupGranteeURI * @param permission */ public AccessControlList addPermission(URI groupGranteeURI, String permission) { return addPermission(new GroupGrantee(groupGranteeURI), permission); }
/** * Add a permission for the given group grantee. * * @param groupGranteeURI * @param permission */ public AccessControlList addPermission(URI groupGranteeURI, String permission) { return addPermission(new GroupGrantee(groupGranteeURI), permission); }
/** * Add a permission for the given group grantee. * * @param groupGranteeURI * @param permission */ public AccessControlList addPermission(URI groupGranteeURI, String permission) { return addPermission(new GroupGrantee(groupGranteeURI), permission); }
/** * Add a permission for the given group grantee. * * @param groupGranteeURI * @param permission */ public AccessControlList addPermission(URI groupGranteeURI, String permission) { return addPermission(new GroupGrantee(groupGranteeURI), permission); }
/** * Add a permission for the given group grantee. * * @param groupGranteeURI * @param permission */ public AccessControlList addPermission(URI groupGranteeURI, String permission) { return addPermission(new GroupGrantee(groupGranteeURI), permission); }
/** * Converts a canned access control policy into the equivalent access control list. * * @param cannedAP * @param ownerId */ public static AccessControlList fromCannedAccessPolicy(CannedAccessPolicy cannedAP, String ownerId) { AccessControlList acl = new AccessControlList(); acl.setOwner(new CanonicalUser(ownerId)); // Canned access policies always allow full control to the owner. acl.addPermission(new CanonicalUserGrantee(ownerId), Permission.FULL_CONTROL); if (CannedAccessPolicy.PRIVATE == cannedAP) { // No more work to do. } else if (CannedAccessPolicy.AUTHENTICATED_READ == cannedAP) { acl.addPermission(GroupGranteeURI.AUTHENTICATED_USERS, Permission.READ); } else if (CannedAccessPolicy.PUBLIC_READ == cannedAP) { acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ); } else if (CannedAccessPolicy.PUBLIC_READ_WRITE == cannedAP) { acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ); acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.WRITE); } return acl; }
/** * Converts a canned access control policy into the equivalent access control list. * * @param cannedAP * @param ownerId */ public static AccessControlList fromCannedAccessPolicy(CannedAccessPolicy cannedAP, String ownerId) { AccessControlList acl = new AccessControlList(); acl.setOwner(new CanonicalUser(ownerId)); // Canned access policies always allow full control to the owner. acl.addPermission(new CanonicalUserGrantee(ownerId), Permission.FULL_CONTROL); if (CannedAccessPolicy.PRIVATE == cannedAP) { // No more work to do. } else if (CannedAccessPolicy.AUTHENTICATED_READ == cannedAP) { acl.addPermission(GroupGranteeURI.AUTHENTICATED_USERS, Permission.READ); } else if (CannedAccessPolicy.PUBLIC_READ == cannedAP) { acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ); } else if (CannedAccessPolicy.PUBLIC_READ_WRITE == cannedAP) { acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ); acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.WRITE); } return acl; }
/** * Converts a canned access control policy into the equivalent access control list. * * @param cannedAP * @param ownerId */ public static AccessControlList fromCannedAccessPolicy(CannedAccessPolicy cannedAP, String ownerId) { AccessControlList acl = new AccessControlList(); acl.setOwner(new CanonicalUser(ownerId)); // Canned access policies always allow full control to the owner. acl.addPermission(new CanonicalUserGrantee(ownerId), Permission.FULL_CONTROL); if (CannedAccessPolicy.PRIVATE == cannedAP) { // No more work to do. } else if (CannedAccessPolicy.AUTHENTICATED_READ == cannedAP) { acl.addPermission(GroupGranteeURI.AUTHENTICATED_USERS, Permission.READ); } else if (CannedAccessPolicy.PUBLIC_READ == cannedAP) { acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ); } else if (CannedAccessPolicy.PUBLIC_READ_WRITE == cannedAP) { acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ); acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.WRITE); } return acl; }
/** * Converts a canned access control policy into the equivalent access control list. * * @param cannedAP * @param ownerId */ public static AccessControlList fromCannedAccessPolicy(CannedAccessPolicy cannedAP, String ownerId) { AccessControlList acl = new AccessControlList(); acl.setOwner(new CanonicalUser(ownerId)); // Canned access policies always allow full control to the owner. acl.addPermission(new CanonicalUserGrantee(ownerId), Permission.FULL_CONTROL); if (CannedAccessPolicy.PRIVATE == cannedAP) { // No more work to do. } else if (CannedAccessPolicy.AUTHENTICATED_READ == cannedAP) { acl.addPermission(GroupGranteeURI.AUTHENTICATED_USERS, Permission.READ); } else if (CannedAccessPolicy.PUBLIC_READ == cannedAP) { acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ); } else if (CannedAccessPolicy.PUBLIC_READ_WRITE == cannedAP) { acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ); acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.WRITE); } return acl; }
public void endElement(String uri, String name, String qName) { if (qName.equals("Owner")) { CanonicalUser owner = new CanonicalUser(currentId); owner.setDisplayName(currentDisplayName); acl.setOwner(owner); } else if (qName.equals("Grantee")) { if ("AmazonCustomerByEmail".equals(currentGranteeType)) { currentGrantee = new EmailAddressGrantee(currentId); } else if ("CanonicalUser".equals(currentGranteeType)) { currentGrantee = new CanonicalUserGrantee(currentId, currentDisplayName); } else if ("Group".equals(currentGranteeType)) { currentGrantee = new GroupGrantee(URI.create(currentId)); } } else if (qName.equals("Grant")) { acl.addPermission(currentGrantee, currentPermission); } else if (qName.equals("ID") || qName.equals("EmailAddress") || qName.equals("URI")) { currentId = currentOrNull(currentText); } else if (qName.equals("DisplayName")) { currentDisplayName = currentOrNull(currentText); } else if (qName.equals("Permission")) { currentPermission = currentOrNull(currentText); } currentText = new StringBuilder(); }
public void endElement(String uri, String name, String qName) { if (qName.equals("Owner")) { CanonicalUser owner = new CanonicalUser(currentId); owner.setDisplayName(currentDisplayName); acl.setOwner(owner); } else if (qName.equals("Grantee")) { if ("AmazonCustomerByEmail".equals(currentGranteeType)) { currentGrantee = new EmailAddressGrantee(currentId); } else if ("CanonicalUser".equals(currentGranteeType)) { currentGrantee = new CanonicalUserGrantee(currentId, currentDisplayName); } else if ("Group".equals(currentGranteeType)) { currentGrantee = new GroupGrantee(URI.create(currentId)); } } else if (qName.equals("Grant")) { acl.addPermission(currentGrantee, currentPermission); } else if (qName.equals("ID") || qName.equals("EmailAddress") || qName.equals("URI")) { currentId = currentOrNull(currentText); } else if (qName.equals("DisplayName")) { currentDisplayName = currentOrNull(currentText); } else if (qName.equals("Permission")) { currentPermission = currentOrNull(currentText); } currentText.setLength(0); }
public void endElement(String uri, String name, String qName) { if (qName.equals("Owner")) { CanonicalUser owner = new CanonicalUser(currentId); owner.setDisplayName(currentDisplayName); acl.setOwner(owner); } else if (qName.equals("Grantee")) { if ("AmazonCustomerByEmail".equals(currentGranteeType)) { currentGrantee = new EmailAddressGrantee(currentId); } else if ("CanonicalUser".equals(currentGranteeType)) { currentGrantee = new CanonicalUserGrantee(currentId, currentDisplayName); } else if ("Group".equals(currentGranteeType)) { currentGrantee = new GroupGrantee(URI.create(currentId)); } } else if (qName.equals("Grant")) { acl.addPermission(currentGrantee, currentPermission); } else if (qName.equals("ID") || qName.equals("EmailAddress") || qName.equals("URI")) { currentId = currentOrNull(currentText); } else if (qName.equals("DisplayName")) { currentDisplayName = currentOrNull(currentText); } else if (qName.equals("Permission")) { currentPermission = currentOrNull(currentText); } currentText.setLength(0); }
private void addGrantsToACL(AccessControlList acl) { String ownerId = acl.getOwner().getId(); acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ); acl.addPermission(new EmailAddressGrantee(TEST_ACL_EMAIL), Permission.READ_ACP); acl.addPermission(new CanonicalUserGrantee(ownerId), Permission.WRITE_ACP); }
private void addGrantsToACL(AccessControlList acl) { String ownerId = acl.getOwner().getId(); acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ); acl.addPermission(new EmailAddressGrantee(TEST_ACL_EMAIL), Permission.READ_ACP); acl.addPermission(new CanonicalUserGrantee(ownerId), Permission.WRITE_ACP); }
private void addGrantsToACL(AccessControlList acl) { String ownerId = acl.getOwner().getId(); acl.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ); acl.addPermission(new EmailAddressGrantee(StubS3AsyncClient.TEST_ACL_EMAIL), Permission.READ_ACP); acl.addPermission(new CanonicalUserGrantee(ownerId), Permission.WRITE_ACP); }
private void addGrantsToACL(AccessControlList acl) { String ownerId = acl.getOwner().getId(); acl.addPermission(ALL_USERS, READ); acl.addPermission(new EmailAddressGrantee(TEST_ACL_EMAIL), READ_ACP); acl.addPermission(new CanonicalUserGrantee(ownerId), WRITE_ACP); }
private void setupAclForBucketLoggingTarget(final String targetBucket) { // http://docs.amazonwebservices.com/AmazonS3/latest/LoggingHowTo.html AccessControlList acl = getApi().getBucketACL(targetBucket); acl.addPermission(GroupGranteeURI.LOG_DELIVERY, Permission.WRITE); acl.addPermission(GroupGranteeURI.LOG_DELIVERY, Permission.READ_ACP); assertTrue(getApi().putBucketACL(targetBucket, acl)); }
private void setupAclForBucketLoggingTarget(final String targetBucket) { AccessControlList acl = getApi().getBucketACL(targetBucket); acl.addPermission(LOG_DELIVERY, WRITE); acl.addPermission(LOG_DELIVERY, READ_ACP); assertTrue(getApi().putBucketACL(targetBucket, acl)); }
public void run() { try { BucketLogging newLogging = getApi().getBucketLogging(bucketName); assert newLogging !=null; AccessControlList acl = new AccessControlList(); for (Grant grant : newLogging.getTargetGrants()) { // TODO: add permission // checking features to // bucketlogging acl.addPermission(grant.getGrantee(), grant.getPermission()); } // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by // email addr assertTrue(acl.hasPermission(StubS3AsyncClient.TEST_ACL_ID, Permission.FULL_CONTROL), acl.toString()); assertEquals(logging.getTargetBucket(), newLogging.getTargetBucket()); assertEquals(logging.getTargetPrefix(), newLogging.getTargetPrefix()); } catch (Exception e) { Throwables.propagateIfPossible(e); } } });
public void run() { try { BucketLogging newLogging = getApi().getBucketLogging(bucketName); assert newLogging != null; AccessControlList acl = new AccessControlList(); for (Grant grant : newLogging.getTargetGrants()) { // TODO: add permission // checking features to // bucketlogging acl.addPermission(grant.getGrantee(), grant.getPermission()); } // EmailAddressGrantee is replaced by a CanonicalUserGrantee, so we cannot test by // email addr assertTrue(acl.hasPermission(TEST_ACL_ID, FULL_CONTROL), acl.toString()); assertEquals(logging.getTargetBucket(), newLogging.getTargetBucket()); assertEquals(logging.getTargetPrefix(), newLogging.getTargetPrefix()); } catch (Exception e) { Throwables.propagateIfPossible(e); } } });