List of usage examples for com.amazonaws.services.s3.model Grant getPermission
public Permission getPermission()
From source file:alluxio.underfs.s3a.S3AUtils.java
License:Apache License
/** * Translates S3 bucket ACL to Alluxio owner mode. * * @param acl the acl of S3 bucket/*from ww w. ja v a 2 s . c om*/ * @param userId the S3 user id of the Alluxio owner * @return the translated posix mode in short format */ public static short translateBucketAcl(AccessControlList acl, String userId) { short mode = (short) 0; for (Grant grant : acl.getGrantsAsList()) { Permission perm = grant.getPermission(); Grantee grantee = grant.getGrantee(); if (perm.equals(Permission.Read)) { if (isUserIdInGrantee(grantee, userId)) { // If the bucket is readable by the user, add r and x to the owner mode. mode |= (short) 0500; } } else if (perm.equals(Permission.Write)) { if (isUserIdInGrantee(grantee, userId)) { // If the bucket is writable by the user, +w to the owner mode. mode |= (short) 0200; } } else if (perm.equals(Permission.FullControl)) { if (isUserIdInGrantee(grantee, userId)) { // If the user has full control to the bucket, +rwx to the owner mode. mode |= (short) 0700; } } } return mode; }
From source file:aws.example.s3.GetAcl.java
License:Open Source License
public static void getBucketAcl(String bucket_name) { System.out.println("Retrieving ACL for bucket: " + bucket_name); final AmazonS3 s3 = AmazonS3ClientBuilder.defaultClient(); try {/*from w w w .j av a 2 s. c om*/ AccessControlList acl = s3.getBucketAcl(bucket_name); List<Grant> grants = acl.getGrantsAsList(); for (Grant grant : grants) { System.out.format(" %s: %s\n", grant.getGrantee().getIdentifier(), grant.getPermission().toString()); } } catch (AmazonServiceException e) { System.err.println(e.getErrorMessage()); System.exit(1); } }
From source file:aws.example.s3.GetAcl.java
License:Open Source License
public static void getObjectAcl(String bucket_name, String object_key) { System.out.println("Retrieving ACL for object: " + object_key); System.out.println(" in bucket: " + bucket_name); final AmazonS3 s3 = AmazonS3ClientBuilder.defaultClient(); try {/* w w w . j a v a2s. c om*/ AccessControlList acl = s3.getObjectAcl(bucket_name, object_key); List<Grant> grants = acl.getGrantsAsList(); for (Grant grant : grants) { System.out.format(" %s: %s\n", grant.getGrantee().getIdentifier(), grant.getPermission().toString()); } } catch (AmazonServiceException e) { System.err.println(e.getErrorMessage()); System.exit(1); } }
From source file:com.emc.ecs.sync.util.AwsS3Util.java
License:Open Source License
public static SyncAcl syncAclFromS3Acl(AccessControlList s3Acl) { SyncAcl syncAcl = new SyncAcl(); syncAcl.setOwner(s3Acl.getOwner().getId()); for (Grant grant : s3Acl.getGrantsAsList()) { Grantee grantee = grant.getGrantee(); if (grantee instanceof GroupGrantee || grantee.getTypeIdentifier().equals(AwsS3Util.ACL_GROUP_TYPE)) syncAcl.addGroupGrant(grantee.getIdentifier(), grant.getPermission().toString()); else if (grantee instanceof CanonicalGrantee || grantee.getTypeIdentifier().equals(AwsS3Util.ACL_CANONICAL_USER_TYPE)) syncAcl.addUserGrant(grantee.getIdentifier(), grant.getPermission().toString()); }/*from w ww . ja va 2 s . c o m*/ return syncAcl; }
From source file:com.github.abhinavmishra14.aws.s3.service.impl.AwsS3IamServiceImpl.java
License:Open Source License
@Override public boolean hasFullControlPermission(final String bucketName) throws AmazonClientException, AmazonServiceException, AmazonS3Exception { LOGGER.info("Checking full controll permission on bucket.."); boolean hasFullControl = false; final AccessControlList acl = getBucketAccessControlList(bucketName); final List<Grant> grantList = acl.getGrantsAsList(); for (final Grant grant : grantList) { if (Permission.FullControl.equals(grant.getPermission())) { hasFullControl = true;//from w w w . j a v a 2s .com LOGGER.info("Permissions validated, hasFullControl: {}", hasFullControl); break; } } return hasFullControl; }
From source file:com.github.abhinavmishra14.aws.s3.service.impl.AwsS3IamServiceImpl.java
License:Open Source License
@Override public boolean checkBucketPermission(final String bucketName, final Permission permission) throws AmazonClientException, AmazonServiceException, AmazonS3Exception { LOGGER.info("Checking bucket permission.."); boolean hasPermission = false; final AccessControlList acl = getBucketAccessControlList(bucketName); final List<Grant> grantList = acl.getGrantsAsList(); for (final Grant grant : grantList) { if (permission.equals(grant.getPermission())) { hasPermission = true;//from w w w . j a v a 2 s. c o m LOGGER.info("Permissions validated,hasPermission: {}", hasPermission); break; } } return hasPermission; }
From source file:com.github.abhinavmishra14.aws.s3.service.impl.AwsS3IamServiceImpl.java
License:Open Source License
@Override public boolean checkObjectPermission(final String bucketName, final String key, final Permission permission) throws AmazonClientException, AmazonServiceException, AmazonS3Exception { LOGGER.info("Checking object permission.."); boolean hasPermission = false; final AccessControlList objectAcl = s3client.getObjectAcl(bucketName, key); final List<Grant> grantList = objectAcl.getGrantsAsList(); for (final Grant grant : grantList) { if (permission.equals(grant.getPermission())) { hasPermission = true;//from w ww . j a v a2 s .c o m LOGGER.info("Permissions validated,hasPermission: {}", hasPermission); break; } } return hasPermission; }
From source file:com.upplication.s3fs.S3FileSystemProvider.java
License:Open Source License
/** * check if the param acl has the same owner than the parameter owner and * have almost one of the permission set in the parameter permissions * @param acl/*from www . ja v a 2 s. co m*/ * @param owner * @param permissions almost one * @return */ private boolean hasPermissions(AccessControlList acl, Owner owner, EnumSet<Permission> permissions) { boolean result = false; for (Grant grant : acl.getGrants()) { if (grant.getGrantee().getIdentifier().equals(owner.getId()) && permissions.contains(grant.getPermission())) { result = true; break; } } return result; }
From source file:io.milton.s3.AmazonS3ManagerImpl.java
License:Open Source License
@Override public boolean isPublicEntity(String bucketName, String keyName) { LOG.info("Gets the AccessControlList (ACL) for the specified object " + keyName + " in the specified bucket " + bucketName); final String GROUPS_USERS = "http://acs.amazonaws.com/groups/global/AllUsers"; try {/*w w w .j av a2s . c o m*/ AccessControlList accessControlList = amazonS3Client.getObjectAcl(bucketName, keyName); for (Iterator<Grant> iterator = accessControlList.getGrants().iterator(); iterator.hasNext();) { Grant grant = iterator.next(); if (grant.getPermission().equals(Permission.Read) && grant.getGrantee().getIdentifier().equals(GROUPS_USERS)) { return true; } } } catch (AmazonServiceException ase) { LOG.warn(ase.getMessage(), ase); } catch (AmazonClientException ace) { LOG.warn(ace.getMessage(), ace); } return false; }
From source file:org.exem.flamingo.web.filesystem.s3.S3BrowserController.java
License:Apache License
private Collection<S3Grant> generateGrants(AccessControlList acl) { List<Grant> grants = acl.getGrantsAsList(); Map<String, S3Grant> s3Grants = new HashMap<>(); String name = ""; S3Grant grant;/*w w w. j a v a 2s .c o m*/ for (Grant g : grants) { if (S3Constansts.CANONICAL_GRANTEE_TYPE_ID.equals(g.getGrantee().getTypeIdentifier())) { CanonicalGrantee grantee = (CanonicalGrantee) g.getGrantee(); name = grantee.getDisplayName(); if (StringUtils.isEmpty(name) && acl.getOwner().getId().equals(grantee.getIdentifier())) { name = acl.getOwner().getDisplayName(); } } else if (S3Constansts.GROUP_GRANTEE_TYPE_ID.equals(g.getGrantee().getTypeIdentifier())) { GroupGrantee groupGrantee = (GroupGrantee) g.getGrantee(); name = groupGrantee.name(); } if (s3Grants.containsKey(name)) { grant = s3Grants.get(name); } else { grant = new S3Grant(); grant.setName(name); } grant.setPermission(g.getPermission().name()); s3Grants.put(name, grant); } return s3Grants.values(); }