List of usage examples for com.amazonaws.services.s3.model AccessControlList getGrantsAsList
public List<Grant> getGrantsAsList()
From source file:alluxio.underfs.s3a.S3AUtils.java
License:Apache License
/** * Translates S3 bucket ACL to Alluxio owner mode. * * @param acl the acl of S3 bucket/* www . java 2s .co m*/ * @param userId the S3 user id of the Alluxio owner * @return the translated posix mode in short format */ public static short translateBucketAcl(AccessControlList acl, String userId) { short mode = (short) 0; for (Grant grant : acl.getGrantsAsList()) { Permission perm = grant.getPermission(); Grantee grantee = grant.getGrantee(); if (perm.equals(Permission.Read)) { if (isUserIdInGrantee(grantee, userId)) { // If the bucket is readable by the user, add r and x to the owner mode. mode |= (short) 0500; } } else if (perm.equals(Permission.Write)) { if (isUserIdInGrantee(grantee, userId)) { // If the bucket is writable by the user, +w to the owner mode. mode |= (short) 0200; } } else if (perm.equals(Permission.FullControl)) { if (isUserIdInGrantee(grantee, userId)) { // If the user has full control to the bucket, +rwx to the owner mode. mode |= (short) 0700; } } } return mode; }
From source file:aws.example.s3.GetAcl.java
License:Open Source License
public static void getBucketAcl(String bucket_name) { System.out.println("Retrieving ACL for bucket: " + bucket_name); final AmazonS3 s3 = AmazonS3ClientBuilder.defaultClient(); try {/*www.j ava 2 s . c o m*/ AccessControlList acl = s3.getBucketAcl(bucket_name); List<Grant> grants = acl.getGrantsAsList(); for (Grant grant : grants) { System.out.format(" %s: %s\n", grant.getGrantee().getIdentifier(), grant.getPermission().toString()); } } catch (AmazonServiceException e) { System.err.println(e.getErrorMessage()); System.exit(1); } }
From source file:aws.example.s3.GetAcl.java
License:Open Source License
public static void getObjectAcl(String bucket_name, String object_key) { System.out.println("Retrieving ACL for object: " + object_key); System.out.println(" in bucket: " + bucket_name); final AmazonS3 s3 = AmazonS3ClientBuilder.defaultClient(); try {/* w ww .j a v a 2 s. c o m*/ AccessControlList acl = s3.getObjectAcl(bucket_name, object_key); List<Grant> grants = acl.getGrantsAsList(); for (Grant grant : grants) { System.out.format(" %s: %s\n", grant.getGrantee().getIdentifier(), grant.getPermission().toString()); } } catch (AmazonServiceException e) { System.err.println(e.getErrorMessage()); System.exit(1); } }
From source file:com.emc.ecs.sync.util.AwsS3Util.java
License:Open Source License
public static SyncAcl syncAclFromS3Acl(AccessControlList s3Acl) { SyncAcl syncAcl = new SyncAcl(); syncAcl.setOwner(s3Acl.getOwner().getId()); for (Grant grant : s3Acl.getGrantsAsList()) { Grantee grantee = grant.getGrantee(); if (grantee instanceof GroupGrantee || grantee.getTypeIdentifier().equals(AwsS3Util.ACL_GROUP_TYPE)) syncAcl.addGroupGrant(grantee.getIdentifier(), grant.getPermission().toString()); else if (grantee instanceof CanonicalGrantee || grantee.getTypeIdentifier().equals(AwsS3Util.ACL_CANONICAL_USER_TYPE)) syncAcl.addUserGrant(grantee.getIdentifier(), grant.getPermission().toString()); }/* w ww .jav a 2 s . c om*/ return syncAcl; }
From source file:com.github.abhinavmishra14.aws.s3.service.impl.AwsS3IamServiceImpl.java
License:Open Source License
@Override public boolean hasFullControlPermission(final String bucketName) throws AmazonClientException, AmazonServiceException, AmazonS3Exception { LOGGER.info("Checking full controll permission on bucket.."); boolean hasFullControl = false; final AccessControlList acl = getBucketAccessControlList(bucketName); final List<Grant> grantList = acl.getGrantsAsList(); for (final Grant grant : grantList) { if (Permission.FullControl.equals(grant.getPermission())) { hasFullControl = true;//from ww w. j a v a 2 s . co m LOGGER.info("Permissions validated, hasFullControl: {}", hasFullControl); break; } } return hasFullControl; }
From source file:com.github.abhinavmishra14.aws.s3.service.impl.AwsS3IamServiceImpl.java
License:Open Source License
@Override public boolean checkBucketPermission(final String bucketName, final Permission permission) throws AmazonClientException, AmazonServiceException, AmazonS3Exception { LOGGER.info("Checking bucket permission.."); boolean hasPermission = false; final AccessControlList acl = getBucketAccessControlList(bucketName); final List<Grant> grantList = acl.getGrantsAsList(); for (final Grant grant : grantList) { if (permission.equals(grant.getPermission())) { hasPermission = true;/*from w w w . ja v a 2 s. c o m*/ LOGGER.info("Permissions validated,hasPermission: {}", hasPermission); break; } } return hasPermission; }
From source file:com.github.abhinavmishra14.aws.s3.service.impl.AwsS3IamServiceImpl.java
License:Open Source License
@Override public boolean checkObjectPermission(final String bucketName, final String key, final Permission permission) throws AmazonClientException, AmazonServiceException, AmazonS3Exception { LOGGER.info("Checking object permission.."); boolean hasPermission = false; final AccessControlList objectAcl = s3client.getObjectAcl(bucketName, key); final List<Grant> grantList = objectAcl.getGrantsAsList(); for (final Grant grant : grantList) { if (permission.equals(grant.getPermission())) { hasPermission = true;//from w ww . j a va 2 s .c om LOGGER.info("Permissions validated,hasPermission: {}", hasPermission); break; } } return hasPermission; }
From source file:org.exem.flamingo.web.filesystem.s3.S3BrowserController.java
License:Apache License
private Collection<S3Grant> generateGrants(AccessControlList acl) { List<Grant> grants = acl.getGrantsAsList(); Map<String, S3Grant> s3Grants = new HashMap<>(); String name = ""; S3Grant grant;/* w w w. j a v a2s .com*/ for (Grant g : grants) { if (S3Constansts.CANONICAL_GRANTEE_TYPE_ID.equals(g.getGrantee().getTypeIdentifier())) { CanonicalGrantee grantee = (CanonicalGrantee) g.getGrantee(); name = grantee.getDisplayName(); if (StringUtils.isEmpty(name) && acl.getOwner().getId().equals(grantee.getIdentifier())) { name = acl.getOwner().getDisplayName(); } } else if (S3Constansts.GROUP_GRANTEE_TYPE_ID.equals(g.getGrantee().getTypeIdentifier())) { GroupGrantee groupGrantee = (GroupGrantee) g.getGrantee(); name = groupGrantee.name(); } if (s3Grants.containsKey(name)) { grant = s3Grants.get(name); } else { grant = new S3Grant(); grant.setName(name); } grant.setPermission(g.getPermission().name()); s3Grants.put(name, grant); } return s3Grants.values(); }
From source file:org.geowebcache.s3.S3BlobStore.java
License:Open Source License
public S3BlobStore(S3BlobStoreConfig config, TileLayerDispatcher layers, LockProvider lockProvider) throws StorageException { checkNotNull(config);/*from w ww . ja v a 2s .co m*/ checkNotNull(layers); checkNotNull(config.getAwsAccessKey(), "Access key not provided"); checkNotNull(config.getAwsSecretKey(), "Secret key not provided"); this.bucketName = config.getBucket(); String prefix = config.getPrefix() == null ? "" : config.getPrefix(); this.keyBuilder = new TMSKeyBuilder(prefix, layers); conn = config.buildClient(); try { log.debug("Checking access rights to bucket " + bucketName); AccessControlList bucketAcl = this.conn.getBucketAcl(bucketName); List<Grant> grants = bucketAcl.getGrantsAsList(); log.debug("Bucket " + bucketName + " permissions: " + grants); } catch (AmazonServiceException se) { throw new StorageException("Server error listing buckets: " + se.getMessage(), se); } catch (AmazonClientException ce) { throw new StorageException("Unable to connect to AWS S3", ce); } this.s3Ops = new S3Ops(conn, bucketName, keyBuilder, lockProvider); }
From source file:org.reswitchboard.utils.s3.access.App.java
License:Open Source License
public static void main(String[] args) { try {//from w ww .j av a 2s . c o m if (args.length == 0 || StringUtils.isNullOrEmpty(args[0])) throw new IllegalArgumentException("Bucket name can not be empty"); String bucketName = args[0]; String prefix = null; if (args.length > 1) prefix = args[1]; AmazonS3 s3client = new AmazonS3Client(new ProfileCredentialsProvider()); ListObjectsRequest listObjectsRequest = new ListObjectsRequest().withBucketName(bucketName); if (!StringUtils.isNullOrEmpty(prefix)) listObjectsRequest.setPrefix(prefix); ObjectListing objectListing; do { objectListing = s3client.listObjects(listObjectsRequest); for (S3ObjectSummary objectSummary : objectListing.getObjectSummaries()) { String key = objectSummary.getKey(); System.out.println(" - " + key); for (int nAttempt = 1;; ++nAttempt) { try { AccessControlList acl = s3client.getObjectAcl(bucketName, key); List<Grant> grants = acl.getGrantsAsList(); for (Grant grant : grants) { // System.out.println( " Grant: " + grant.toString()); if (grant.getGrantee().equals(GroupGrantee.AllUsers)) { System.out.println(" Revoking public access"); acl.revokeAllPermissions(GroupGrantee.AllUsers); s3client.setObjectAcl(bucketName, key, acl); break; } } break; } catch (Exception e) { System.out.println("Error: " + e.toString()); if (nAttempt >= 10) { throw new Exception("Maximum number of invalid attempts has been reeched"); } // double back-off delay Thread.sleep((long) (Math.pow(2, nAttempt) * 50)); } } } listObjectsRequest.setMarker(objectListing.getNextMarker()); } while (objectListing.isTruncated()); } catch (Exception e) { e.printStackTrace(); } }