/// <summary>
/// Display the contents of the ACL applied to the newly created bucket.
/// </summary>
/// <param name="acl">An S3AccessControlList for the newly created
/// Amazon S3 bucket.</param>
public static void DisplayACL(S3AccessControlList acl)
{
Console.WriteLine($"\nOwner: {acl.Owner}");
acl.Grants.ForEach(g =>
{
Console.WriteLine($"{g.Grantee}, {g.Permission}");
});
}
private static async Task TestObjectACLTestAsync()
{
try
{
// Retrieve the ACL for the object.
GetACLResponse aclResponse = await client.GetACLAsync(new GetACLRequest
{
BucketName = bucketName,
Key = keyName
});
S3AccessControlList acl = aclResponse.AccessControlList;
// Retrieve the owner (we use this to re-add permissions after we clear the ACL).
Owner owner = acl.Owner;
// Clear existing grants.
acl.Grants.Clear();
// Add a grant to reset the owner's full permission (the previous clear statement removed all permissions).
S3Grant fullControlGrant = new S3Grant
{
Grantee = new S3Grantee {
CanonicalUser = owner.Id
},
Permission = S3Permission.FULL_CONTROL
};
// Describe the grant for the permission using an email address.
S3Grant grantUsingEmail = new S3Grant
{
Grantee = new S3Grantee {
EmailAddress = emailAddress
},
Permission = S3Permission.WRITE_ACP
};
acl.Grants.AddRange(new List <S3Grant> {
fullControlGrant, grantUsingEmail
});
// Set a new ACL.
PutACLResponse response = await client.PutACLAsync(new PutACLRequest
{
BucketName = bucketName,
Key = keyName,
AccessControlList = acl
});
}
catch (AmazonS3Exception amazonS3Exception)
{
Console.WriteLine("An AmazonS3Exception was thrown. Exception: " + amazonS3Exception.ToString());
}
catch (Exception e)
{
Console.WriteLine("Exception: " + e.ToString());
}
}
static async Task GetBucketACLAsync(string bucketName)
{
GetACLResponse response = await client.GetACLAsync(new GetACLRequest
{
BucketName = bucketName
});
S3AccessControlList accessControlList = response.AccessControlList;
}
/// <summary>
/// Sets the S3 Objects's ACL
/// </summary>
/// <param name="acl">ACL assigned to the S3 object</param>
public void SetACL(S3AccessControlList acl)
{
var request = new PutACLRequest
{
BucketName = this.linker.s3.bucket,
Key = this.linker.s3.key,
AccessControlList = acl
};
this.s3ClientCache.GetClient(this.RegionAsEndpoint).PutACL(request);
}
private static async Task GrantPermissionsToWriteLogsAsync()
{
var bucketACL = new S3AccessControlList();
var aclResponse = client.GetACL(new GetACLRequest {
BucketName = targetBucketName
});
bucketACL = aclResponse.AccessControlList;
bucketACL.AddGrant(new S3Grantee {
URI = "http://acs.amazonaws.com/groups/s3/LogDelivery"
}, S3Permission.WRITE);
bucketACL.AddGrant(new S3Grantee {
URI = "http://acs.amazonaws.com/groups/s3/LogDelivery"
}, S3Permission.READ_ACP);
var setACLRequest = new PutACLRequest
{
AccessControlList = bucketACL,
BucketName = targetBucketName
};
await client.PutACLAsync(setACLRequest);
}
private void setS3Permission(String bucketName, String key)
{
// Get the ACL for the file and retrieve the owner ID (not sure how to get it otherwise).
GetACLRequest getAclRequest = new GetACLRequest().WithBucketName(bucketName).WithKey(key);
GetACLResponse aclResponse = s3.GetACL(getAclRequest);
Owner owner = aclResponse.AccessControlList.Owner;
// Create a grantee as the MessageGears account
S3Grantee grantee = new S3Grantee().WithCanonicalUser(properties.MessageGearsAWSCanonicalId, "MessageGears");
// Grant MessageGears Read-only access
S3Permission messageGearsPermission = S3Permission.READ;
S3AccessControlList acl = new S3AccessControlList().WithOwner(owner);
acl.AddGrant(grantee, messageGearsPermission);
// Create a new ACL granting the owner full control.
grantee = new S3Grantee().WithCanonicalUser(owner.Id, "MyAWSId");
acl.AddGrant(grantee, S3Permission.FULL_CONTROL);
SetACLRequest aclRequest = new SetACLRequest().WithACL(acl).WithBucketName(bucketName).WithKey(key);
s3.SetACL(aclRequest);
}
public void SetACL(string fileKey, bool anonymouseReadAccess)
{
SetACLRequest aclRequest = new SetACLRequest();
aclRequest.Key = fileKey;
aclRequest.BucketName = BucketName;
S3AccessControlList aclList = new S3AccessControlList();
Owner owner = new Owner();
owner.Id = "oyesil";
owner.DisplayName = "";
aclList.Owner = owner;
if (anonymouseReadAccess)
{
S3Grantee grantPublicRead = new S3Grantee();
grantPublicRead.URI = " http://acs.amazonaws.com/groups/global/AllUsers";
aclList.AddGrant(grantPublicRead, S3Permission.READ);
}
//Authenticated user read access
S3Grantee grantAuthenticatedRead = new S3Grantee();
grantAuthenticatedRead.URI = " http://acs.amazonaws.com/groups/global/AuthenticatedUsers";
aclList.AddGrant(grantAuthenticatedRead, S3Permission.READ);
aclRequest.ACL = aclList;
Amazon.S3.AmazonS3Client client = new Amazon.S3.AmazonS3Client(ConfigurationLibrary.Config.fileAmazonS3AccessKey,
ConfigurationLibrary.Config.fileAmazonS3SecreyKey);
SetACLResponse aclResponse = client.SetACL(aclRequest);
client.Dispose();
}
public void AclSamples()
{
{
#region PutACL Sample 1
// Create a client
AmazonS3Client client = new AmazonS3Client();
// Set Canned ACL (PublicRead) for an existing item
client.PutACL(new PutACLRequest
{
BucketName = "SampleBucket",
Key = "Item1",
CannedACL = S3CannedACL.PublicRead
});
// Set Canned ACL (PublicRead) for an existing item
// (This reverts ACL back to default for object)
client.PutACL(new PutACLRequest
{
BucketName = "SampleBucket",
Key = "Item1",
CannedACL = S3CannedACL.Private
});
#endregion
}
{
#region GetACL\PutACL Samples
// Create a client
AmazonS3Client client = new AmazonS3Client();
// Retrieve ACL for object
S3AccessControlList acl = client.GetACL(new GetACLRequest
{
BucketName = "SampleBucket",
Key = "Item1",
}).AccessControlList;
// Retrieve owner
Owner owner = acl.Owner;
// Describe grant
S3Grant grant = new S3Grant
{
Grantee = new S3Grantee {
EmailAddress = "*****@*****.**"
},
Permission = S3Permission.WRITE_ACP
};
// Create new ACL
S3AccessControlList newAcl = new S3AccessControlList
{
Grants = new List <S3Grant> {
grant
},
Owner = owner
};
// Set new ACL
PutACLResponse response = client.PutACL(new PutACLRequest
{
BucketName = "SampleBucket",
Key = "Item1",
AccessControlList = acl
});
#endregion
}
}
static async Task AddACLToExistingObjectAsync(string bucketName, string keyName)
{
// Retrieve the ACL for an object.
GetACLResponse aclResponse = await client.GetACLAsync(new GetACLRequest
{
BucketName = bucketName,
Key = keyName
});
S3AccessControlList acl = aclResponse.AccessControlList;
// Retrieve the owner.
Owner owner = acl.Owner;
// Clear existing grants.
acl.Grants.Clear();
// Add a grant to reset the owner's full permission
// (the previous clear statement removed all permissions).
S3Grant fullControlGrant = new S3Grant
{
Grantee = new S3Grantee {
CanonicalUser = acl.Owner.Id
}
};
acl.AddGrant(fullControlGrant.Grantee, S3Permission.FULL_CONTROL);
// Specify email to identify grantee for granting permissions.
S3Grant grantUsingEmail = new S3Grant
{
Grantee = new S3Grantee {
EmailAddress = emailAddress
},
Permission = S3Permission.WRITE_ACP
};
// Specify log delivery group as grantee.
S3Grant grantLogDeliveryGroup = new S3Grant
{
Grantee = new S3Grantee {
URI = "http://acs.amazonaws.com/groups/s3/LogDelivery"
},
Permission = S3Permission.WRITE
};
// Create a new ACL.
S3AccessControlList newAcl = new S3AccessControlList
{
Grants = new List <S3Grant> {
grantUsingEmail, grantLogDeliveryGroup
},
Owner = owner
};
// Set the new ACL.
PutACLResponse response = await client.PutACLAsync(new PutACLRequest
{
BucketName = bucketName,
Key = keyName,
AccessControlList = newAcl
});
}
public IRequest Marshall(PutACLRequest putObjectAclRequest)
{
//IL_0006: Unknown result type (might be due to invalid IL or missing references)
//IL_000c: Expected O, but got Unknown
//IL_034a: Unknown result type (might be due to invalid IL or missing references)
IRequest val = new DefaultRequest(putObjectAclRequest, "AmazonS3");
val.set_HttpMethod("PUT");
if (putObjectAclRequest.IsSetCannedACL())
{
val.get_Headers().Add("x-amz-acl", S3Transforms.ToStringValue(ConstantClass.op_Implicit(putObjectAclRequest.CannedACL)));
}
val.set_ResourcePath(string.Format(CultureInfo.InvariantCulture, "/{0}/{1}", S3Transforms.ToStringValue(putObjectAclRequest.BucketName), S3Transforms.ToStringValue(putObjectAclRequest.Key)));
val.AddSubResource("acl");
if (putObjectAclRequest.IsSetVersionId())
{
val.AddSubResource("versionId", S3Transforms.ToStringValue(putObjectAclRequest.VersionId));
}
StringWriter stringWriter = new StringWriter(CultureInfo.InvariantCulture);
using (XmlWriter xmlWriter = XmlWriter.Create(stringWriter, new XmlWriterSettings
{
Encoding = Encoding.UTF8,
OmitXmlDeclaration = true
}))
{
S3AccessControlList accessControlList = putObjectAclRequest.AccessControlList;
if (accessControlList != null)
{
xmlWriter.WriteStartElement("AccessControlPolicy", "");
List <S3Grant> grants = accessControlList.Grants;
if (grants != null && grants.Count > 0)
{
xmlWriter.WriteStartElement("AccessControlList", "");
foreach (S3Grant item in grants)
{
xmlWriter.WriteStartElement("Grant", "");
if (item != null)
{
S3Grantee grantee = item.Grantee;
if (grantee != null)
{
xmlWriter.WriteStartElement("Grantee", "");
if (grantee.IsSetType())
{
xmlWriter.WriteAttributeString("xsi", "type", "http://www.w3.org/2001/XMLSchema-instance", ((object)grantee.Type).ToString());
}
if (grantee.IsSetDisplayName())
{
xmlWriter.WriteElementString("DisplayName", "", S3Transforms.ToXmlStringValue(grantee.DisplayName));
}
if (grantee.IsSetEmailAddress())
{
xmlWriter.WriteElementString("EmailAddress", "", S3Transforms.ToXmlStringValue(grantee.EmailAddress));
}
if (grantee.IsSetCanonicalUser())
{
xmlWriter.WriteElementString("ID", "", S3Transforms.ToXmlStringValue(grantee.CanonicalUser));
}
if (grantee.IsSetURI())
{
xmlWriter.WriteElementString("URI", "", S3Transforms.ToXmlStringValue(grantee.URI));
}
xmlWriter.WriteEndElement();
}
if (item.IsSetPermission())
{
xmlWriter.WriteElementString("Permission", "", S3Transforms.ToXmlStringValue(ConstantClass.op_Implicit(item.Permission)));
}
}
xmlWriter.WriteEndElement();
}
xmlWriter.WriteEndElement();
Owner owner = accessControlList.Owner;
if (owner != null)
{
xmlWriter.WriteStartElement("Owner", "");
if (owner.IsSetDisplayName())
{
xmlWriter.WriteElementString("DisplayName", "", S3Transforms.ToXmlStringValue(owner.DisplayName));
}
if (owner.IsSetId())
{
xmlWriter.WriteElementString("ID", "", S3Transforms.ToXmlStringValue(owner.Id));
}
xmlWriter.WriteEndElement();
}
}
xmlWriter.WriteEndElement();
}
}
try
{
string text = stringWriter.ToString();
val.set_Content(Encoding.UTF8.GetBytes(text));
val.get_Headers()["Content-Type"] = "application/xml";
string value = AmazonS3Util.GenerateChecksumForContent(text, fBase64Encode: true);
val.get_Headers()["Content-MD5"] = value;
return(val);
}
catch (EncoderFallbackException ex)
{
throw new AmazonServiceException("Unable to marshall request to XML", (Exception)ex);
}
}
