List of usage examples for com.amazonaws.services.s3.model Grant getGrantee
public Grantee getGrantee()
From source file:alluxio.underfs.s3a.S3AUtils.java
License:Apache License
/** * Translates S3 bucket ACL to Alluxio owner mode. * * @param acl the acl of S3 bucket//from w w w . j a v a 2 s .c om * @param userId the S3 user id of the Alluxio owner * @return the translated posix mode in short format */ public static short translateBucketAcl(AccessControlList acl, String userId) { short mode = (short) 0; for (Grant grant : acl.getGrantsAsList()) { Permission perm = grant.getPermission(); Grantee grantee = grant.getGrantee(); if (perm.equals(Permission.Read)) { if (isUserIdInGrantee(grantee, userId)) { // If the bucket is readable by the user, add r and x to the owner mode. mode |= (short) 0500; } } else if (perm.equals(Permission.Write)) { if (isUserIdInGrantee(grantee, userId)) { // If the bucket is writable by the user, +w to the owner mode. mode |= (short) 0200; } } else if (perm.equals(Permission.FullControl)) { if (isUserIdInGrantee(grantee, userId)) { // If the user has full control to the bucket, +rwx to the owner mode. mode |= (short) 0700; } } } return mode; }
From source file:aws.example.s3.GetAcl.java
License:Open Source License
public static void getBucketAcl(String bucket_name) { System.out.println("Retrieving ACL for bucket: " + bucket_name); final AmazonS3 s3 = AmazonS3ClientBuilder.defaultClient(); try {//from w ww.j a v a 2 s .c o m AccessControlList acl = s3.getBucketAcl(bucket_name); List<Grant> grants = acl.getGrantsAsList(); for (Grant grant : grants) { System.out.format(" %s: %s\n", grant.getGrantee().getIdentifier(), grant.getPermission().toString()); } } catch (AmazonServiceException e) { System.err.println(e.getErrorMessage()); System.exit(1); } }
From source file:aws.example.s3.GetAcl.java
License:Open Source License
public static void getObjectAcl(String bucket_name, String object_key) { System.out.println("Retrieving ACL for object: " + object_key); System.out.println(" in bucket: " + bucket_name); final AmazonS3 s3 = AmazonS3ClientBuilder.defaultClient(); try {//w w w. java 2s .c o m AccessControlList acl = s3.getObjectAcl(bucket_name, object_key); List<Grant> grants = acl.getGrantsAsList(); for (Grant grant : grants) { System.out.format(" %s: %s\n", grant.getGrantee().getIdentifier(), grant.getPermission().toString()); } } catch (AmazonServiceException e) { System.err.println(e.getErrorMessage()); System.exit(1); } }
From source file:com.emc.ecs.sync.util.AwsS3Util.java
License:Open Source License
public static SyncAcl syncAclFromS3Acl(AccessControlList s3Acl) { SyncAcl syncAcl = new SyncAcl(); syncAcl.setOwner(s3Acl.getOwner().getId()); for (Grant grant : s3Acl.getGrantsAsList()) { Grantee grantee = grant.getGrantee(); if (grantee instanceof GroupGrantee || grantee.getTypeIdentifier().equals(AwsS3Util.ACL_GROUP_TYPE)) syncAcl.addGroupGrant(grantee.getIdentifier(), grant.getPermission().toString()); else if (grantee instanceof CanonicalGrantee || grantee.getTypeIdentifier().equals(AwsS3Util.ACL_CANONICAL_USER_TYPE)) syncAcl.addUserGrant(grantee.getIdentifier(), grant.getPermission().toString()); }/*from w w w .j av a2 s .c o m*/ return syncAcl; }
From source file:com.upplication.s3fs.S3FileSystemProvider.java
License:Open Source License
/** * check if the param acl has the same owner than the parameter owner and * have almost one of the permission set in the parameter permissions * @param acl/*from www .j a v a 2s. c om*/ * @param owner * @param permissions almost one * @return */ private boolean hasPermissions(AccessControlList acl, Owner owner, EnumSet<Permission> permissions) { boolean result = false; for (Grant grant : acl.getGrants()) { if (grant.getGrantee().getIdentifier().equals(owner.getId()) && permissions.contains(grant.getPermission())) { result = true; break; } } return result; }
From source file:io.milton.s3.AmazonS3ManagerImpl.java
License:Open Source License
@Override public boolean isPublicEntity(String bucketName, String keyName) { LOG.info("Gets the AccessControlList (ACL) for the specified object " + keyName + " in the specified bucket " + bucketName); final String GROUPS_USERS = "http://acs.amazonaws.com/groups/global/AllUsers"; try {/*from w w w. j a v a 2s .com*/ AccessControlList accessControlList = amazonS3Client.getObjectAcl(bucketName, keyName); for (Iterator<Grant> iterator = accessControlList.getGrants().iterator(); iterator.hasNext();) { Grant grant = iterator.next(); if (grant.getPermission().equals(Permission.Read) && grant.getGrantee().getIdentifier().equals(GROUPS_USERS)) { return true; } } } catch (AmazonServiceException ase) { LOG.warn(ase.getMessage(), ase); } catch (AmazonClientException ace) { LOG.warn(ace.getMessage(), ace); } return false; }
From source file:org.apache.manifoldcf.authorities.authorities.amazons3.AmazonS3Authority.java
License:Apache License
private String[] getUsers(Collection<Set<Grant>> collection) { Set<String> users = new HashSet<String>();// no duplicates for (Collection c : collection) { Set<Grant> c1 = (Set<Grant>) c; for (Grant grant : c1) { if (grant != null && grant.getGrantee() != null) { Grantee grantee = grant.getGrantee(); if (grantee instanceof CanonicalGrantee) { users.add(((CanonicalGrantee) grantee).getDisplayName()); } else { users.add(grantee.getIdentifier()); }//from w w w .j ava2 s.c om } } } return users.toArray(new String[users.size()]); }
From source file:org.apache.manifoldcf.crawler.connectors.amazons3.AmazonS3Connector.java
License:Apache License
/** * Get users has the the access the to artifact * @param grants available for artifact/* w w w . ja va2 s .c o m*/ * @return */ private String[] getUsers(Set<Grant> grants) { Set<String> users = new HashSet<String>();// no duplicates for (Grant grant : grants) { if (grant != null && grant.getGrantee() != null) { Grantee grantee = grant.getGrantee(); if (grantee instanceof CanonicalGrantee) { users.add(((CanonicalGrantee) grantee).getDisplayName()); } else { users.add(grantee.getIdentifier()); } } } return users.toArray(new String[users.size()]); }
From source file:org.exem.flamingo.web.filesystem.s3.S3BrowserController.java
License:Apache License
private Collection<S3Grant> generateGrants(AccessControlList acl) { List<Grant> grants = acl.getGrantsAsList(); Map<String, S3Grant> s3Grants = new HashMap<>(); String name = ""; S3Grant grant;/* w w w.ja va 2 s . co m*/ for (Grant g : grants) { if (S3Constansts.CANONICAL_GRANTEE_TYPE_ID.equals(g.getGrantee().getTypeIdentifier())) { CanonicalGrantee grantee = (CanonicalGrantee) g.getGrantee(); name = grantee.getDisplayName(); if (StringUtils.isEmpty(name) && acl.getOwner().getId().equals(grantee.getIdentifier())) { name = acl.getOwner().getDisplayName(); } } else if (S3Constansts.GROUP_GRANTEE_TYPE_ID.equals(g.getGrantee().getTypeIdentifier())) { GroupGrantee groupGrantee = (GroupGrantee) g.getGrantee(); name = groupGrantee.name(); } if (s3Grants.containsKey(name)) { grant = s3Grants.get(name); } else { grant = new S3Grant(); grant.setName(name); } grant.setPermission(g.getPermission().name()); s3Grants.put(name, grant); } return s3Grants.values(); }
From source file:org.reswitchboard.utils.s3.access.App.java
License:Open Source License
public static void main(String[] args) { try {/* www .j av a 2 s. co m*/ if (args.length == 0 || StringUtils.isNullOrEmpty(args[0])) throw new IllegalArgumentException("Bucket name can not be empty"); String bucketName = args[0]; String prefix = null; if (args.length > 1) prefix = args[1]; AmazonS3 s3client = new AmazonS3Client(new ProfileCredentialsProvider()); ListObjectsRequest listObjectsRequest = new ListObjectsRequest().withBucketName(bucketName); if (!StringUtils.isNullOrEmpty(prefix)) listObjectsRequest.setPrefix(prefix); ObjectListing objectListing; do { objectListing = s3client.listObjects(listObjectsRequest); for (S3ObjectSummary objectSummary : objectListing.getObjectSummaries()) { String key = objectSummary.getKey(); System.out.println(" - " + key); for (int nAttempt = 1;; ++nAttempt) { try { AccessControlList acl = s3client.getObjectAcl(bucketName, key); List<Grant> grants = acl.getGrantsAsList(); for (Grant grant : grants) { // System.out.println( " Grant: " + grant.toString()); if (grant.getGrantee().equals(GroupGrantee.AllUsers)) { System.out.println(" Revoking public access"); acl.revokeAllPermissions(GroupGrantee.AllUsers); s3client.setObjectAcl(bucketName, key, acl); break; } } break; } catch (Exception e) { System.out.println("Error: " + e.toString()); if (nAttempt >= 10) { throw new Exception("Maximum number of invalid attempts has been reeched"); } // double back-off delay Thread.sleep((long) (Math.pow(2, nAttempt) * 50)); } } } listObjectsRequest.setMarker(objectListing.getNextMarker()); } while (objectListing.isTruncated()); } catch (Exception e) { e.printStackTrace(); } }