Apache
/
jclouds
mirror of https://github.com/apache/jclouds.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update via canned ACLs instead of XML ACLs for S3 

These are simpler than the full XML API and better supported by
non-AWS S3 implementations, e.g., Ceph, S3Proxy.  Further this makes
the provider more consistent when creating a bucket or object which
only supports setting canned ACLs.
This commit is contained in:
Andrew Gaul 2015-12-18 23:28:31 -08:00
parent c2ba0bef32
commit ffa7c5c587
1 changed files with 6 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
apis/s3/src/main/java/org/jclouds/s3/blobstore/S3BlobStore.java
View File

@ -160,17 +160,11 @@ public class S3BlobStore extends BaseBlobStore {
@Override
public void setContainerAccess(String container, ContainerAccess access) {
AccessControlList acl = sync.getBucketACL(container);
CannedAccessPolicy acl = CannedAccessPolicy.PRIVATE;
if (access == ContainerAccess.PUBLIC_READ) {
acl.revokePermission(GroupGranteeURI.ALL_USERS, Permission.FULL_CONTROL)
.revokePermission(GroupGranteeURI.ALL_USERS, Permission.WRITE)
.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ);
} else if (access == ContainerAccess.PRIVATE) {
acl.revokePermission(GroupGranteeURI.ALL_USERS, Permission.FULL_CONTROL)
.revokePermission(GroupGranteeURI.ALL_USERS, Permission.READ)
.revokePermission(GroupGranteeURI.ALL_USERS, Permission.WRITE);
acl = CannedAccessPolicy.PUBLIC_READ;
}
sync.putBucketACL(container, acl);
sync.updateBucketCannedACL(container, acl);
}
/**
@ -343,17 +337,11 @@ public class S3BlobStore extends BaseBlobStore {
@Override
public void setBlobAccess(String container, String name, BlobAccess access) {
AccessControlList acl = sync.getObjectACL(container, name);
CannedAccessPolicy acl = CannedAccessPolicy.PRIVATE;
if (access == BlobAccess.PUBLIC_READ) {
acl.revokePermission(GroupGranteeURI.ALL_USERS, Permission.FULL_CONTROL)
.revokePermission(GroupGranteeURI.ALL_USERS, Permission.WRITE)
.addPermission(GroupGranteeURI.ALL_USERS, Permission.READ);
} else if (access == BlobAccess.PRIVATE) {
acl.revokePermission(GroupGranteeURI.ALL_USERS, Permission.FULL_CONTROL)
.revokePermission(GroupGranteeURI.ALL_USERS, Permission.READ)
.revokePermission(GroupGranteeURI.ALL_USERS, Permission.WRITE);
acl = CannedAccessPolicy.PUBLIC_READ;
}
sync.putObjectACL(container, name, acl);
sync.updateObjectCannedACL(container, name, acl);
}
@Override