static void ReadObjectAcl() { string id = Common.InputString("Key:", null, false); GetACLRequest request = new GetACLRequest(); request.BucketName = _Bucket; request.Key = id; GetACLResponse response = _S3Client.GetACLAsync(request).Result; if (response != null) { if (response.AccessControlList != null) { Console.WriteLine("Owner: " + response.AccessControlList.Owner.DisplayName + " ID " + response.AccessControlList.Owner.Id); Console.WriteLine("Grants:"); foreach (S3Grant grant in response.AccessControlList.Grants) { Console.WriteLine("| Grantee : " + grant.Grantee.DisplayName); Console.WriteLine("| Permission : " + grant.Permission); } } Console.WriteLine("Success"); } else { Console.WriteLine("Failed"); } }
/// <summary> /// Sets the storage class for the S3 Object's Version to the value /// specified. /// </summary> /// <param name="bucketName">The name of the bucket in which the key is stored</param> /// <param name="key">The key of the S3 Object whose storage class needs changing</param> /// <param name="version">The version of the S3 Object whose storage class needs changing</param> /// <param name="sClass">The new Storage Class for the object</param> /// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param> /// <seealso cref="T:Amazon.S3.Model.S3StorageClass"/> public static void SetObjectStorageClass(string bucketName, string key, string version, S3StorageClass sClass, AmazonS3 s3Client) { if (sClass > S3StorageClass.ReducedRedundancy || sClass < S3StorageClass.Standard) { throw new ArgumentException("Invalid value specified for storage class."); } if (null == s3Client) { throw new ArgumentNullException("s3Client", "Please specify an S3 Client to make service requests."); } // Get the existing ACL of the object GetACLRequest getACLRequest = new GetACLRequest(); getACLRequest.BucketName = bucketName; getACLRequest.Key = key; if (version != null) { getACLRequest.VersionId = version; } GetACLResponse getACLResponse = s3Client.GetACL(getACLRequest); GetObjectMetadataResponse getMetadataResponse = s3Client.GetObjectMetadata(new GetObjectMetadataRequest() .WithBucketName(bucketName) .WithKey(key)); // Set the storage class on the object CopyObjectRequest copyRequest = new CopyObjectRequest(); copyRequest.SourceBucket = copyRequest.DestinationBucket = bucketName; copyRequest.SourceKey = copyRequest.DestinationKey = key; copyRequest.ServerSideEncryptionMethod = getMetadataResponse.ServerSideEncryptionMethod; if (version != null) { copyRequest.SourceVersionId = version; } copyRequest.StorageClass = sClass; // The copyRequest's Metadata directive is COPY by default CopyObjectResponse copyResponse = s3Client.CopyObject(copyRequest); // Set the object's original ACL back onto it because a COPY // operation resets the ACL on the destination object. SetACLRequest setACLRequest = new SetACLRequest(); setACLRequest.BucketName = bucketName; setACLRequest.Key = key; if (version != null) { setACLRequest.VersionId = copyResponse.VersionId; } setACLRequest.ACL = getACLResponse.AccessControlList; s3Client.SetACL(setACLRequest); }
/// <summary> /// Sets the server side encryption method for the S3 Object's Version to the value /// specified. /// </summary> /// <param name="bucketName">The name of the bucket in which the key is stored</param> /// <param name="key">The key of the S3 Object</param> /// <param name="version">The version of the S3 Object</param> /// <param name="method">The server side encryption method</param> /// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param> /// <seealso cref="T:Amazon.S3.Model.S3StorageClass"/> public static void SetServerSideEncryption(string bucketName, string key, string version, ServerSideEncryptionMethod method, AmazonS3 s3Client) { if (null == s3Client) { throw new ArgumentNullException("s3Client", "Please specify an S3 Client to make service requests."); } // Get the existing ACL of the object GetACLRequest getACLRequest = new GetACLRequest(); getACLRequest.BucketName = bucketName; getACLRequest.Key = key; if (version != null) { getACLRequest.VersionId = version; } GetACLResponse getACLResponse = s3Client.GetACL(getACLRequest); ListObjectsResponse listObjectResponse = s3Client.ListObjects(new ListObjectsRequest() .WithBucketName(bucketName) .WithPrefix(key) .WithMaxKeys(1)); if (listObjectResponse.S3Objects.Count != 1) { throw new ArgumentNullException("No object exists with this bucket name and key."); } // Set the storage class on the object CopyObjectRequest copyRequest = new CopyObjectRequest(); copyRequest.SourceBucket = copyRequest.DestinationBucket = bucketName; copyRequest.SourceKey = copyRequest.DestinationKey = key; copyRequest.StorageClass = listObjectResponse.S3Objects[0].StorageClass == "STANDARD" ? S3StorageClass.Standard : S3StorageClass.ReducedRedundancy; if (version != null) { copyRequest.SourceVersionId = version; } copyRequest.ServerSideEncryptionMethod = method; // The copyRequest's Metadata directive is COPY by default CopyObjectResponse copyResponse = s3Client.CopyObject(copyRequest); // Set the object's original ACL back onto it because a COPY // operation resets the ACL on the destination object. SetACLRequest setACLRequest = new SetACLRequest(); setACLRequest.BucketName = bucketName; setACLRequest.Key = key; if (version != null) { setACLRequest.VersionId = copyResponse.VersionId; } setACLRequest.ACL = getACLResponse.AccessControlList; s3Client.SetACL(setACLRequest); }
/// <summary> /// Sets up the request needed to make an exact copy of the object leaving the parent method /// the ability to change just the attribute being requested to change. /// </summary> /// <param name="bucketName"></param> /// <param name="key"></param> /// <param name="version"></param> /// <param name="s3Client"></param> /// <param name="copyRequest"></param> /// <param name="putACLRequest"></param> static void SetupForObjectModification(IAmazonS3 s3Client, string bucketName, string key, string version, out CopyObjectRequest copyRequest, out PutACLRequest putACLRequest) { // Get the existing ACL of the object GetACLRequest getACLRequest = new GetACLRequest(); getACLRequest.BucketName = bucketName; getACLRequest.Key = key; if (version != null) { getACLRequest.VersionId = version; } GetACLResponse getACLResponse = s3Client.GetACL(getACLRequest); // Set the object's original ACL back onto it because a COPY // operation resets the ACL on the destination object. putACLRequest = new PutACLRequest(); putACLRequest.BucketName = bucketName; putACLRequest.Key = key; putACLRequest.AccessControlList = getACLResponse.AccessControlList; ListObjectsResponse listObjectResponse = s3Client.ListObjects(new ListObjectsRequest { BucketName = bucketName, Prefix = key, MaxKeys = 1 }); if (listObjectResponse.S3Objects.Count != 1) { throw new InvalidOperationException("No object exists with this bucket name and key."); } GetObjectMetadataRequest getMetaRequest = new GetObjectMetadataRequest() { BucketName = bucketName, Key = key }; GetObjectMetadataResponse getMetaResponse = s3Client.GetObjectMetadata(getMetaRequest); // Set the storage class on the object copyRequest = new CopyObjectRequest(); copyRequest.SourceBucket = copyRequest.DestinationBucket = bucketName; copyRequest.SourceKey = copyRequest.DestinationKey = key; copyRequest.StorageClass = listObjectResponse.S3Objects[0].StorageClass == "STANDARD" ? S3StorageClass.Standard : S3StorageClass.ReducedRedundancy; if (version != null) { copyRequest.SourceVersionId = version; } copyRequest.WebsiteRedirectLocation = getMetaResponse.WebsiteRedirectLocation; copyRequest.ServerSideEncryptionMethod = getMetaResponse.ServerSideEncryptionMethod; }
public async Task <BlobDescriptor> GetBlobDescriptorAsync(string containerName, string blobName) { var key = GenerateKeyName(containerName, blobName); try { var objectMetaRequest = new GetObjectMetadataRequest() { BucketName = _bucket, Key = key }; var objectMetaResponse = await _s3Client.GetObjectMetadataAsync(objectMetaRequest); var objectAclRequest = new GetACLRequest() { BucketName = _bucket, Key = key }; var objectAclResponse = await _s3Client.GetACLAsync(objectAclRequest); var isPublic = objectAclResponse.AccessControlList.Grants .Where(x => x.Grantee.URI == "http://acs.amazonaws.com/groups/global/AllUsers").Count() > 0; return(new BlobDescriptor { Name = blobName, Container = containerName, Length = objectMetaResponse.Headers.ContentLength, ETag = objectMetaResponse.ETag, ContentMD5 = objectMetaResponse.ETag, ContentType = objectMetaResponse.Headers.ContentType, LastModified = objectMetaResponse.LastModified, Security = isPublic ? BlobSecurity.Public : BlobSecurity.Private }); } catch (AmazonS3Exception asex) { if (IsInvalidAccessException(asex)) { throw new StorageException(1000.ToStorageError(), asex); } else { throw new StorageException(1001.ToStorageError(), asex); } } }
public void RequiredUriParameterBucketForGetAcl(string bucket, string key) { var request = new GetACLRequest() { BucketName = bucket, Key = key }; if (string.IsNullOrEmpty(bucket)) //Key can be null { Assert.ThrowsException <ArgumentException>(() => GetACLRequestMarshaller.Instance.Marshall(request)); } else { GetACLRequestMarshaller.Instance.Marshall(request); } }
public async Task <BlobDescriptor> GetBlobDescriptorAsync(string containerName, string blobName) { var key = GenerateKeyName(containerName, blobName); try { var objectMetaRequest = new GetObjectMetadataRequest { BucketName = _bucket, Key = key }; var objectMetaResponse = await _s3Client.GetObjectMetadataAsync(objectMetaRequest); var objectAclRequest = new GetACLRequest { BucketName = _bucket, Key = key }; var objectAclResponse = await _s3Client.GetACLAsync(objectAclRequest); var isPublic = objectAclResponse.AccessControlList.Grants.Any(x => x.Grantee.URI == "http://acs.amazonaws.com/groups/global/AllUsers"); return(new BlobDescriptor { Name = blobName, Container = containerName, Length = objectMetaResponse.Headers.ContentLength, ETag = objectMetaResponse.ETag, ContentMD5 = objectMetaResponse.ETag, ContentType = objectMetaResponse.Headers.ContentType, ContentDisposition = objectMetaResponse.Headers.ContentDisposition, LastModified = objectMetaResponse.LastModified, Security = isPublic ? BlobSecurity.Public : BlobSecurity.Private, Metadata = objectMetaResponse.Metadata.ToMetadata(), }); } catch (AmazonS3Exception asex) { throw asex.ToStorageException(); } }
/// <summary> /// Return the ACL and stat of the node of the given path. /// /// A KeeperException with error code KeeperException.NoNode will be thrown /// if no node with the given path exists. /// @param path /// the given path for the node /// @param stat /// the stat of the node will be copied to this parameter. /// @return the ACL array of the given node. /// @throws InterruptedException If the server transaction is interrupted. /// @throws KeeperException If the server signals an error with a non-zero error code. /// @throws IllegalArgumentException if an invalid path is specified /// </summary> public IEnumerable <ACL> GetACL(string path, Stat stat) { string clientPath = path; PathUtils.ValidatePath(clientPath); string serverPath = PrependChroot(clientPath); RequestHeader h = new RequestHeader(); h.Type = (int)OpCode.GetACL; GetACLRequest request = new GetACLRequest(serverPath); GetACLResponse response = new GetACLResponse(); ReplyHeader r = cnxn.SubmitRequest(h, request, response, null); if (r.Err != 0) { throw KeeperException.Create((KeeperException.Code)Enum.ToObject(typeof(KeeperException.Code), r.Err), clientPath); } DataTree.CopyStat(response.Stat, stat); return(response.Acl); }
public void Test_Blob_Properties_Updated() { var container = GetRandomContainerName(); var blobName = GenerateRandomName(); var contentType = "image/jpg"; var newContentType = "image/png"; var data = GenerateRandomBlobStream(); CreateNewObject(container, blobName, data, false, contentType); _provider.UpdateBlobProperties(container, blobName, new BlobProperties { ContentType = newContentType, Security = BlobSecurity.Public }); var objectMetaRequest = new GetObjectMetadataRequest() { BucketName = Bucket, Key = container + "/" + blobName }; var props = _client.GetObjectMetadata(objectMetaRequest); Assert.Equal(props.Headers.ContentType, newContentType); var objectAclRequest = new GetACLRequest() { BucketName = Bucket, Key = container + "/" + blobName }; var acl = _client.GetACL(objectAclRequest); var isPublic = acl.AccessControlList.Grants .Where(x => x.Grantee.URI == "http://acs.amazonaws.com/groups/global/AllUsers").Count() > 0; Assert.True(isPublic); }
private void setS3Permission(String bucketName, String key) { // Get the ACL for the file and retrieve the owner ID (not sure how to get it otherwise). GetACLRequest getAclRequest = new GetACLRequest().WithBucketName(bucketName).WithKey(key); GetACLResponse aclResponse = s3.GetACL(getAclRequest); Owner owner = aclResponse.AccessControlList.Owner; // Create a grantee as the MessageGears account S3Grantee grantee = new S3Grantee().WithCanonicalUser(properties.MessageGearsAWSCanonicalId, "MessageGears"); // Grant MessageGears Read-only access S3Permission messageGearsPermission = S3Permission.READ; S3AccessControlList acl = new S3AccessControlList().WithOwner(owner); acl.AddGrant(grantee, messageGearsPermission); // Create a new ACL granting the owner full control. grantee = new S3Grantee().WithCanonicalUser(owner.Id, "MyAWSId"); acl.AddGrant(grantee, S3Permission.FULL_CONTROL); SetACLRequest aclRequest = new SetACLRequest().WithACL(acl).WithBucketName(bucketName).WithKey(key); s3.SetACL(aclRequest); }
/// <summary>获取Bucket权限 /// </summary> public async Task GetAclAsync(string bucket, string objectKey = "") { _console.WriteLine("--- Get acl ---"); var client = GetClient(); var getACLRequest = new GetACLRequest() { BucketName = bucket }; if (!string.IsNullOrWhiteSpace(objectKey)) { getACLRequest.Key = objectKey; } var getACLResponse = await client.GetACLAsync(getACLRequest); foreach (var grant in getACLResponse.AccessControlList.Grants) { Console.WriteLine("Current bucket acl:{0}", grant.Permission.Value); } _console.WriteLine("--- End of get acl ---"); }
private async Task <IEnumerable <ACL> > GetACLAsyncInternal(string path, Stat stat, bool sync) { string clientPath = path; PathUtils.ValidatePath(clientPath); string serverPath = PrependChroot(clientPath); RequestHeader h = new RequestHeader(); h.Type = (int)OpCode.GetACL; GetACLRequest request = new GetACLRequest(serverPath); GetACLResponse response = new GetACLResponse(); ReplyHeader r = sync ? cnxn.SubmitRequest(h, request, response, null) : await cnxn.SubmitRequestAsync(h, request, response, null).ConfigureAwait(false); if (r.Err != 0) { throw KeeperException.Create((KeeperException.Code)Enum.ToObject(typeof(KeeperException.Code), r.Err), clientPath); } DataTree.CopyStat(response.Stat, stat); return(response.Acl); }
public Task <GetACLResponse> GetACLAsync(GetACLRequest request, CancellationToken cancellationToken = default) { throw new NotImplementedException(); }
public void GetACLAsync(GetACLRequest request, AmazonServiceCallback <GetACLRequest, GetACLResponse> callback, AsyncOptions options = null) { throw new System.NotImplementedException(); }
public async Task <List <FileMetadata> > List(string prefix = null) { var descriptors = new List <FileMetadata>(); var objectsRequest = new ListObjectsRequest { BucketName = _bucketName, Prefix = prefix, MaxKeys = 100000 }; do { var objectsResponse = await _client.ListObjectsAsync(objectsRequest); foreach (S3Object entry in objectsResponse.S3Objects) { var objectMetaRequest = new GetObjectMetadataRequest { BucketName = _bucketName, Key = entry.Key }; var objectMetaResponse = await _client.GetObjectMetadataAsync(objectMetaRequest); var objectAclRequest = new GetACLRequest { BucketName = _bucketName, Key = entry.Key }; var objectAclResponse = await _client.GetACLAsync(objectAclRequest); var isPublic = objectAclResponse.AccessControlList.Grants.Any(x => x.Grantee.URI == "http://acs.amazonaws.com/groups/global/AllUsers"); descriptors.Add(new FileMetadata { Name = entry.Key, BucketName = _bucketName, Length = entry.Size, ETag = entry.ETag, ContentMD5 = entry.ETag, ContentType = objectMetaResponse.Headers.ContentType, LastModifiedOn = entry.LastModified, //Security = isPublic ? FileSecurity.Public : FileSecurity.Private, ContentDisposition = objectMetaResponse.Headers.ContentDisposition, Metadata = objectMetaResponse.Metadata.ToMetadata(), }); } // If response is truncated, set the marker to get the next set of keys. if (objectsResponse.IsTruncated) { objectsRequest.Marker = objectsResponse.NextMarker; } else { objectsRequest = null; } } while (objectsRequest != null); return(descriptors); }
public async Task <IList <BlobDescriptor> > ListBlobsAsync(string containerName) { var descriptors = new List <BlobDescriptor>(); var objectsRequest = new ListObjectsRequest { BucketName = _bucket, Prefix = containerName, MaxKeys = 100000 }; try { do { var objectsResponse = await _s3Client.ListObjectsAsync(objectsRequest); foreach (S3Object entry in objectsResponse.S3Objects) { var objectMetaRequest = new GetObjectMetadataRequest() { BucketName = _bucket, Key = entry.Key }; var objectMetaResponse = await _s3Client.GetObjectMetadataAsync(objectMetaRequest); var objectAclRequest = new GetACLRequest() { BucketName = _bucket, Key = entry.Key }; var objectAclResponse = await _s3Client.GetACLAsync(objectAclRequest); var isPublic = objectAclResponse.AccessControlList.Grants .Where(x => x.Grantee.URI == "http://acs.amazonaws.com/groups/global/AllUsers").Count() > 0; descriptors.Add(new BlobDescriptor { Name = entry.Key.Remove(0, containerName.Length + 1), Container = containerName, Length = entry.Size, ETag = entry.ETag, ContentMD5 = entry.ETag, ContentType = objectMetaResponse.Headers.ContentType, LastModified = entry.LastModified, Security = isPublic ? BlobSecurity.Public : BlobSecurity.Private }); } // If response is truncated, set the marker to get the next set of keys. if (objectsResponse.IsTruncated) { objectsRequest.Marker = objectsResponse.NextMarker; } else { objectsRequest = null; } } while (objectsRequest != null); return(descriptors); } catch (AmazonS3Exception asex) { if (IsInvalidAccessException(asex)) { throw new StorageException(1000.ToStorageError(), asex); } else { throw new StorageException(1001.ToStorageError(), asex); } } }
public GetACLResponse GetACL(GetACLRequest request) { throw new NotImplementedException(); }