/** * Adds a set of grantee/permission pairs to the ACL, where each item in the set is a * {@link GrantAndPermission} object. * * @param grantAndPermissions * the grant and permission combinations to add. */ public void grantAllPermissions(GrantAndPermission[] grantAndPermissions) { for(GrantAndPermission gap : grantAndPermissions) { grantPermission(gap.getGrantee(), gap.getPermission()); } }
/** * Adds a set of grantee/permission pairs to the ACL, where each item in the set is a * {@link GrantAndPermission} object. * * @param grantAndPermissions * the grant and permission combinations to add. */ public void grantAllPermissions(GrantAndPermission[] grantAndPermissions) { for(GrantAndPermission gap : grantAndPermissions) { grantPermission(gap.getGrantee(), gap.getPermission()); } }
/** * Populates the local {@link #updatedAccessControlList} variable with ACL * details set by the user in the GUI elements. */ private void updateAccessControlList() { updatedAccessControlList = new AccessControlList(); updatedAccessControlList.setOwner(originalAccessControlList.getOwner()); for (int i = 0; i < canonicalGranteeTable.getRowCount(); i++) { GranteeInterface grantee = canonicalGranteeTableModel.getGrantee(i); Permission permission = canonicalGranteeTableModel.getPermission(i); updatedAccessControlList.grantPermission(grantee, permission); } for (int i = 0; i < emailGranteeTable.getRowCount(); i++) { GranteeInterface grantee = emailGranteeTableModel.getGrantee(i); Permission permission = emailGranteeTableModel.getPermission(i); updatedAccessControlList.grantPermission(grantee, permission); } for (int i = 0; i < groupGranteeTable.getRowCount(); i++) { GranteeInterface grantee = groupGranteeTableModel.getGrantee(i); Permission permission = groupGranteeTableModel.getPermission(i); updatedAccessControlList.grantPermission(grantee, permission); } }
/** * Populates the local {@link #updatedAccessControlList} variable with ACL * details set by the user in the GUI elements. */ private void updateAccessControlList() { updatedAccessControlList = new AccessControlList(); updatedAccessControlList.setOwner(originalAccessControlList.getOwner()); for (int i = 0; i < canonicalGranteeTable.getRowCount(); i++) { GranteeInterface grantee = canonicalGranteeTableModel.getGrantee(i); Permission permission = canonicalGranteeTableModel.getPermission(i); updatedAccessControlList.grantPermission(grantee, permission); } for (int i = 0; i < emailGranteeTable.getRowCount(); i++) { GranteeInterface grantee = emailGranteeTableModel.getGrantee(i); Permission permission = emailGranteeTableModel.getPermission(i); updatedAccessControlList.grantPermission(grantee, permission); } for (int i = 0; i < groupGranteeTable.getRowCount(); i++) { GranteeInterface grantee = groupGranteeTableModel.getGrantee(i); Permission permission = groupGranteeTableModel.getPermission(i); updatedAccessControlList.grantPermission(grantee, permission); } }
public boolean grantAcl(S3Object object) throws ServiceException, InterruptedException { if(Strings.isNullOrEmpty(s3Acl)){ return true; } for (int i = 0; i < s3AclRetries; ++i) { try { AccessControlList acl = s3Service.getObjectAcl(object.getBucketName(), object.getKey()); for (String id : s3Acl.split(",")) { acl.grantPermission(new CanonicalGrantee(id), Permission.PERMISSION_READ); } s3Service.putObjectAcl(object.getBucketName(), object.getKey(), acl); return true; } catch (Exception e) { log.error("Exception while granting ACL: " + e.getMessage(), e); Thread.sleep(1000 * (i + 1)); } } return false; } }
acl.grantPermission(grantee, Permission.PERMISSION_WRITE); acl.grantPermission(grantee, Permission.PERMISSION_FULL_CONTROL); grantee = new CanonicalGrantee(); grantee.setIdentifier("aaa"); acl.grantPermission(grantee, Permission.PERMISSION_READ); grantee = GroupGrantee.ALL_USERS; acl.grantPermission(grantee, Permission.PERMISSION_READ); grantee = GroupGrantee.AUTHENTICATED_USERS; acl.grantPermission(grantee, Permission.PERMISSION_WRITE); grantee = new EmailAddressGrantee(); grantee.setIdentifier("james@test.com"); acl.grantPermission(grantee, Permission.PERMISSION_READ); grantee = new EmailAddressGrantee(); grantee.setIdentifier("james@test2.com"); acl.grantPermission(grantee, Permission.PERMISSION_FULL_CONTROL);
acl.grantPermission(grantee, Permission.PERMISSION_WRITE); acl.grantPermission(grantee, Permission.PERMISSION_FULL_CONTROL); grantee = new CanonicalGrantee(); grantee.setIdentifier("aaa"); acl.grantPermission(grantee, Permission.PERMISSION_READ); grantee = GroupGrantee.ALL_USERS; acl.grantPermission(grantee, Permission.PERMISSION_READ); grantee = GroupGrantee.AUTHENTICATED_USERS; acl.grantPermission(grantee, Permission.PERMISSION_WRITE); grantee = new EmailAddressGrantee(); grantee.setIdentifier("james@test.com"); acl.grantPermission(grantee, Permission.PERMISSION_READ); grantee = new EmailAddressGrantee(); grantee.setIdentifier("james@test2.com"); acl.grantPermission(grantee, Permission.PERMISSION_FULL_CONTROL);
currentPermission = Permission.parsePermission(elementText); } else if (name.equals("Grant")) { accessControlList.grantPermission(currentGrantee, currentPermission); } else if (name.equals("AccessControlList")) { insideACL = false;
currentPermission = Permission.parsePermission(elementText); } else if (name.equals("Entry")) { accessControlList.grantPermission(currentGrantee, currentPermission); } else if (name.equals("Entries")) { insideACL = false;
currentPermission = Permission.parsePermission(elementText); } else if (name.equals("Grant")) { accessControlList.grantPermission(currentGrantee, currentPermission); } else if (name.equals("AccessControlList")) { insideACL = false;
currentPermission = Permission.parsePermission(elementText); } else if (name.equals("Entry")) { accessControlList.grantPermission(currentGrantee, currentPermission); } else if (name.equals("Entries")) { insideACL = false;
logBucketACL.grantPermission(GroupGrantee.LOG_DELIVERY, Permission.PERMISSION_WRITE); logBucketACL.grantPermission(GroupGrantee.LOG_DELIVERY, Permission.PERMISSION_READ_ACP); putBucketAcl(status.getTargetBucketName(), logBucketACL); } else {
logBucketACL.grantPermission(GroupGrantee.LOG_DELIVERY, Permission.PERMISSION_WRITE); logBucketACL.grantPermission(GroupGrantee.LOG_DELIVERY, Permission.PERMISSION_READ_ACP); putBucketAcl(status.getTargetBucketName(), logBucketACL); } else {
if(null != owner) { list.setOwner(new S3Owner(owner.getIdentifier(), owner.getDisplayName())); list.grantPermission(new CanonicalGrantee(owner.getIdentifier()), Permission.PERMISSION_FULL_CONTROL); list.grantPermission(new EmailAddressGrantee(userAndRole.getUser().getIdentifier()), Permission.parsePermission(userAndRole.getRole().getName())); if(userAndRole.getUser().getIdentifier().equals(GroupGrantee.ALL_USERS.getIdentifier()) || userAndRole.getUser().getIdentifier().equals(Acl.GroupUser.EVERYONE)) { list.grantPermission(GroupGrantee.ALL_USERS, Permission.parsePermission(userAndRole.getRole().getName())); list.grantPermission(GroupGrantee.AUTHENTICATED_USERS, Permission.parsePermission(userAndRole.getRole().getName())); list.grantPermission(new GroupGrantee(userAndRole.getUser().getIdentifier()), Permission.parsePermission(userAndRole.getRole().getName())); list.grantPermission(new CanonicalGrantee(userAndRole.getUser().getIdentifier()), Permission.parsePermission(userAndRole.getRole().getName()));
@Override public void setConfiguration(final Path container, final LoggingConfiguration configuration) throws BackgroundException { try { // Logging target bucket final GSBucketLoggingStatus status = new GSBucketLoggingStatus( StringUtils.isNotBlank(configuration.getLoggingTarget()) ? configuration.getLoggingTarget() : container.getName(), null); if(configuration.isEnabled()) { status.setLogfilePrefix(PreferencesFactory.get().getProperty("google.logging.prefix")); } // Grant write for Google to logging target bucket final AccessControlList acl = session.getClient().getBucketAcl(container.getName()); final GroupByEmailAddressGrantee grantee = new GroupByEmailAddressGrantee( "cloud-storage-analytics@google.com"); if(!acl.getPermissionsForGrantee(grantee).contains(Permission.PERMISSION_WRITE)) { acl.grantPermission(grantee, Permission.PERMISSION_WRITE); session.getClient().putBucketAcl(container.getName(), acl); } session.getClient().setBucketLoggingStatusImpl(container.getName(), status); } catch(ServiceException e) { throw new S3ExceptionMappingService().map("Failure to write attributes of {0}", e); } } }
bucketAcl.grantPermission(GroupGrantee.ALL_USERS, Permission.PERMISSION_READ); acl.grantPermission(new EmailAddressGrantee("someone@somewhere.com"), Permission.PERMISSION_FULL_CONTROL); acl.grantPermission(new CanonicalGrantee("AWS member's ID"), Permission.PERMISSION_READ_ACP); acl.grantPermission(new CanonicalGrantee("AWS member's ID"), Permission.PERMISSION_WRITE_ACP);
bucketAcl.grantPermission(GroupGrantee.ALL_USERS, Permission.PERMISSION_READ); acl.grantPermission(new EmailAddressGrantee("someone@somewhere.com"), Permission.PERMISSION_FULL_CONTROL); acl.grantPermission(new CanonicalGrantee("AWS member's ID"), Permission.PERMISSION_READ_ACP); acl.grantPermission(new CanonicalGrantee("AWS member's ID"), Permission.PERMISSION_WRITE_ACP);