public String[] setAcl(String bucketNameToShare, String[] canonicalId, String permission) throws StorageCloudException { boolean withRead = false; if (bucketNameToShare != null) { bucketNameToShare = bucketNameToShare.concat(location); if (!conn.doesBucketExist(bucketNameToShare)) { conn.createBucket(bucketNameToShare, region); } } else { return null; } // set acl AccessControlList acl = conn.getBucketAcl(bucketNameToShare); for (int i = 0; i < canonicalId.length; i++) { if (permission.equals("rw")) { CanonicalGrantee grantee = new CanonicalGrantee(canonicalId[i]); acl.grantPermission(grantee, Permission.Read); acl.grantPermission(grantee, Permission.Write); withRead = true; } else if (permission.equals("r")) { acl.grantPermission(new CanonicalGrantee(canonicalId[i]), Permission.Read); withRead = true; } else if (permission.equals("w")) { acl.grantPermission(new CanonicalGrantee(canonicalId[i]), Permission.Write); } } try { if (withRead) { ObjectListing objectListing = conn.listObjects(bucketNameToShare); AccessControlList aclKeys = null; for (S3ObjectSummary elem : objectListing.getObjectSummaries()) { aclKeys = conn.getObjectAcl(bucketNameToShare, elem.getKey()); for (int i = 0; i < canonicalId.length; i++) { aclKeys.grantPermission(new CanonicalGrantee(canonicalId[i]), Permission.Read); } conn.setObjectAcl(bucketNameToShare, elem.getKey(), aclKeys); } } // confirm if acl well conn.setBucketAcl(bucketNameToShare, acl); AccessControlList newAcl = conn.getBucketAcl(bucketNameToShare); Set<Grant> grants = newAcl.getGrants(); boolean flag = false; for (Grant grant : grants) { if (grant.getGrantee().getIdentifier().equals(canonicalId[0])) { flag = true; } } if (!flag) { throw new ServiceSiteException("AWSS3Exception:: ACL"); } } catch (AmazonServiceException e1) { throw new ServiceSiteException("AWSS3Exception::" + e1.getMessage()); } catch (AmazonClientException e2) { throw new ClientServiceException("AWSS3Exception::" + e2.getMessage()); } return canonicalId; }
/** writes the value 'data' in the file 'id' */ public String uploadData(String bucketName, byte[] data, String fileId, String[] canonicalIDs) throws StorageCloudException { try { ObjectMetadata metadata = new ObjectMetadata(); metadata.setContentLength(data.length); ByteArrayInputStream in = new ByteArrayInputStream(data); if (bucketName != null) { bucketName = bucketName.concat(location); if (!conn.doesBucketExist(bucketName)) { conn.createBucket(bucketName, region); } if (canonicalIDs != null) { AccessControlList acl = new AccessControlList(); for (int i = 0; i < canonicalIDs.length; i++) { acl.grantPermission(new CanonicalGrantee(canonicalIDs[i]), Permission.Read); } conn.putObject( new PutObjectRequest(bucketName, fileId, in, metadata).withAccessControlList(acl)); } else { conn.putObject(new PutObjectRequest(bucketName, fileId, in, metadata)); } } else { conn.putObject(new PutObjectRequest(defaultBucketName, fileId, in, metadata)); } in.close(); return fileId; } catch (AmazonServiceException e1) { throw new ServiceSiteException("AWSS3Exception::" + e1.getMessage()); } catch (AmazonClientException e2) { throw new ClientServiceException("AWSS3Exception::" + e2.getMessage()); } catch (IOException e3) { e3.printStackTrace(); throw new StorageCloudException("AWSS3Exception::" + e3.getMessage()); } }
/** * Adds a set of grantee/permission pairs to the access control list (ACL), where each item in the * set is a {@link Grant} object. * * @param grantsVarArg A collection of {@link Grant} objects */ public void grantAllPermissions(Grant... grantsVarArg) { for (Grant gap : grantsVarArg) { grantPermission(gap.getGrantee(), gap.getPermission()); } }